Basic auth

.htaccess, or hypertext access, is a default directory level configuration file that allows you to create some basic security for directories in a web server.

Enable basic auth via htaccess

To enable htaccess:

  1. Use your local shell to create the auth file that holds the username and password.

    htpasswd -c auth <username>
  2. Create a secret out of the auth file. For example, below, the secret basic-auth is created.

    kubectl -n <namespace> create secret generic basic-auth --from-file=auth --dry-run=client -o yaml | kubectl apply -f -
  3. Set the following ingress annotations in your Magnolia PaaS values.yml file.

    values.yaml
    ingress:
      enabled: true
      annotations:
        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/proxy-body-size: 512m
        cert-manager.io/cluster-issuer: "letsencrypt-prod"
        nginx.ingress.kubernetes.io/auth-type: basic (1)
        nginx.ingress.kubernetes.io/auth-secret: basic-auth (2)
        nginx.ingress.kubernetes.io/auth-realm: "Please login" (3)
        nginx.ingress.kubernetes.io/configuration-snippet: |
          more_set_headers "X-Robots-Tag: noindex, nofollow";
        nginx.ingress.kubernetes.io/default-backend: {{ .Env.DEPLOYMENT }}-magnolia-error-page-svc
        nginx.ingress.kubernetes.io/custom-http-errors: "503"
      hosts:
        - host: {{ .Env.DEPLOYMENT }}.eu-playground.magnolia-platform.com
          paths:
              - path: /
                instance: public
              - path: /author
                instance: author
    .....
    1 This sets the basic auth-type. Nothing to do here. Leave it as is.
    2 This is the name of the secret that you created Step 2 above.
    3 This is the message that will be displayed to those users authenticating in the auth dialog.
Feedback