summary refs log tree commit diff
path: root/nixos/modules/services/web-servers
diff options
context:
space:
mode:
authorGraham Christensen <graham@grahamc.com>2020-11-02 08:15:28 -0500
committerGraham Christensen <graham@grahamc.com>2020-11-02 08:16:01 -0500
commit3361a037b9c29254b611de76dbc14bded60a3bd8 (patch)
tree1f8d2786464eab4819355064142637429163a0df /nixos/modules/services/web-servers
parenta4b86b2bf5bd85f1695a8b47bd07657758de1722 (diff)
downloadnixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar.gz
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar.bz2
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar.lz
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar.xz
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.tar.zst
nixpkgs-3361a037b9c29254b611de76dbc14bded60a3bd8.zip
nginx: add a warning that nginx's basic auth isn't very good.
Diffstat (limited to 'nixos/modules/services/web-servers')
-rw-r--r--nixos/modules/services/web-servers/nginx/location-options.nix7


-rw-r--r--nixos/modules/services/web-servers/nginx/vhost-options.nix7


2 files changed, 10 insertions, 4 deletions
diff --git a/nixos/modules/services/web-servers/nginx/location-options.nix b/nixos/modules/services/web-servers/nginx/location-options.nix
index 793f29f09fb..f2fc0725572 100644
--- a/nixos/modules/services/web-servers/nginx/location-options.nix
+++ b/nixos/modules/services/web-servers/nginx/location-options.nix
@@ -21,7 +21,7 @@ with lib;
         Basic Auth protection for a vhost.
 
         WARNING: This is implemented to store the password in plain text in the
-        nix store.
+        Nix store.
       '';
     };
 
@@ -30,7 +30,10 @@ with lib;
       default = null;
       description = ''
         Basic Auth password file for a vhost.
-        Can be created via: <command>htpasswd -c &lt;filename&gt; &lt;username&gt;</command>
+        Can be created via: <command>htpasswd -c &lt;filename&gt; &lt;username&gt;</command>.
+
+        WARNING: The generate file contains the users' passwords in a
+        non-cryptographically-securely hashed way.
       '';
     };
 
diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix
index 455854e2a96..cf211ea9a71 100644
--- a/nixos/modules/services/web-servers/nginx/vhost-options.nix
+++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix
@@ -198,7 +198,7 @@ with lib;
         Basic Auth protection for a vhost.
 
         WARNING: This is implemented to store the password in plain text in the
-        nix store.
+        Nix store.
       '';
     };
 
@@ -207,7 +207,10 @@ with lib;
       default = null;
       description = ''
         Basic Auth password file for a vhost.
-        Can be created via: <command>htpasswd -c &lt;filename&gt; &lt;username&gt;</command>
+        Can be created via: <command>htpasswd -c &lt;filename&gt; &lt;username&gt;</command>.
+
+        WARNING: The generate file contains the users' passwords in a
+        non-cryptographically-securely hashed way.
       '';
     };
 

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 04:14:03 +0000