sparkwallet auth through traefik

2025-12-17 04:35:14 +01:00 · 2019-04-04 17:18:36 -04:00
parent 54b0bf9d7b
commit d9a1a34e00
5 changed files with 6 additions and 26 deletions
--- a/api_auth_docker/default.conf
+++ b/api_auth_docker/default.conf
@@ -10,8 +10,6 @@ server {
    root /etc/nginx/conf.d;
  }

-  include /etc/nginx/conf.d/nginx-spark-conf;
-
  location /v0/ {
    auth_request /auth;
    proxy_pass http://proxy:8888/;
--- a/dist/setup.sh
+++ b/dist/setup.sh
@@ -457,12 +457,13 @@ install_docker() {
        fi
        if [ ! -d $LIGHTNING_DATAPATH/sparkwallet ]; then
          step "   [32mcreate[0m $LIGHTNING_DATAPATH"
-          sudo_if_required mkdir -p $LIGHTNING_DATAPATH/sparkwallet
+          sudo_if_required mkdir -p $LIGHTNING_DATAPATH/sparkwallet/spark
          next
        fi
        if [ -d $LIGHTNING_DATAPATH ]; then
          copy_file $current_path/lightning/c-lightning/config $LIGHTNING_DATAPATH/config 1 $SUDO_REQUIRED
          copy_file $current_path/lightning/c-lightning/bitcoin.conf $LIGHTNING_DATAPATH/bitcoin.conf 1 $SUDO_REQUIRED
+          copy_file $current_path/lightning/c-lightning/cookie $LIGHTNING_DATAPATH/sparkwallet/spark/cookie 1 $SUDO_REQUIRED
        fi
    fi
  fi
--- a/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml
+++ b/install/generator-cyphernode/generators/app/templates/installer/docker/docker-compose.yaml
@@ -136,7 +136,7 @@ services:
    restart: always

  sparkwallet:
-    command: --login "cyphernode:sparkwallet" --no-tls
+    command: --no-tls
    image: cyphernode/sparkwallet:<%= sparkwallet_version %>
    volumes:
      - "<%= lightning_datapath %>:/etc/lightning"
@@ -147,7 +147,7 @@ services:
      - "traefik.frontend.rule=ReplacePathRegex: ^/sparkwallet(.*) $$1"
      - "traefik.frontend.passHostHeader=true"
      - "traefik.frontend.auth.basic.usersFile=/htpasswd/htpasswd"
-      - "traefik.frontend.headers.customRequestHeaders=Authorization:Basic Y3lwaGVybm9kZTpzcGFya3dhbGxldA=="
+      - "traefik.frontend.headers.customRequestHeaders=X-Access:FoeDdQw5yl7pPfqdlGy3OEk/txGqyJjSbVtffhzs7kc="
      - "traefik.enable=true"
      - "traefik.port=9737"
    networks:
--- a/install/generator-cyphernode/generators/app/templates/lightning/c-lightning/cookie
+++ b/install/generator-cyphernode/generators/app/templates/lightning/c-lightning/cookie
@@ -0,0 +1,2 @@
+# echo -n "access-key" | openssl dgst -hmac "cyphernode:sparkwallet" -sha256 -binary | base64 | sed 's/[\+\W]//g'
+cyphernode:sparkwallet:FoeDdQw5yl7pPfqdlGy3OEk/txGqyJjSbVtffhzs7kc=
--- a/install/generator-cyphernode/generators/app/templates/lightning/c-lightning/nginx-spark-conf
+++ b/install/generator-cyphernode/generators/app/templates/lightning/c-lightning/nginx-spark-conf
@@ -1,21 +0,0 @@
-<% if ( features.indexOf('lightning') !== -1 && lightning_implementation === 'c-lightning' ) { %>
-location /sparkwallet/ {
-  auth_basic "sparkwallet";
-  auth_basic_user_file conf.d/status/htpasswd;
-
-  proxy_set_header  Host $host;
-  proxy_set_header  Referer $http_referer;
-  proxy_set_header  X-Real-IP $remote_addr;
-  proxy_set_header  X-Forwarded-Proto $scheme;
-  proxy_set_header  X-Forwarded-For $remote_addr;
-  proxy_set_header  X-Forwarded-Host $host;
-
-  # Hardcoding sparkwallet password, it's only accessible from here anyway using htpasswd above
-  proxy_set_header Authorization "Basic Y3lwaGVybm9kZTpzcGFya3dhbGxldA==";
-
-  # https://cyphernode:2009/sparkwallet/hello -> http://sparkwallet:9737/hello
-  rewrite ^/sparkwallet(/.*) $1 break;
-  resolver 127.0.0.11;
-  proxy_pass http://sparkwallet:9737$uri;
-}
-<% } %>