starred/peerflix-server
1
0
Fork 0
mirror of https://github.com/asapach/peerflix-server.git synced 2026-04-25 06:35:48 +03:00
Code Issues 88 Projects Releases 5 Packages Wiki Activity
Page: How to put a password on peerflix server
Pages
Home How to put a password on peerflix server using basic auth How to put a password on peerflix server
22 How to put a password on peerflix server
Simon Sassi edited this page 2017-02-02 21:14:08 +01:00
Table of Contents

Welcome to the peerflix-server wiki!

A question Who everyone is currently asking :

How to add a NCSA Auth (Http authentification) to Peerflix-server :

My server : Ubuntu 16.04, peerflix server is running on port 9000. I used that way (it's safe & prevent your peerflix-server from dos attacks) :

  • So you must setup squid on your computer (for several distribution, it is pre-installed).
  • Then in the squid configuration file (/etc/squid/squid.conf, don't forget to make a back up) you must setup squid as a reverse proxy :

->To edit my squid's config file, I followed this tutorial

In summary, I added this lines from the tutorial :

             http_port 8080 accel defaultsite=streaming.str

(here is the port where squid is listening on(8080), accel define that squid is running in reverse mode. defaultsite=streaming.str is the Host header returned by squid, put what you want)

              cache_peer 127.0.0.1 parent 9000 0 no-query originserver

(the service to forward, here this is my peerflix-server who is running on the port 9000 on localhost (127.0.0.1)

**And I followed an another tutorial to put an NSCA auth on squid : **

I created the password file (run theses commands in root user, sudo -i)

  • truncate -s 0 /etc/squid/users -> create the file
  • chown root:proxy /etc/squid/users -> set permissions
  • chmod 0640 /etc/squid/users -> set permissions

to create the login, type : htpasswd -m /etc/squid/users <username>

I added this lines to the config file :

  • auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/users
  • auth_param basic children 5
  • auth_param basic realm SQUID Auth by Simon S
  • auth_param basic credentialsttl 2 hours
  • acl Users proxy_auth REQUIRED

Lines explinations :

  • /usr/lib/squid/basic_ncsa_auth : NSCA auth program
  • /etc/squid/users : where is located your NSCA passwords
  • auth_param basic realm SQUID Auth by Simon S : 'SQUID Auth by Simon S' is the text in the auth pop-up
  • auth_param basic credentialsttl 2 hours : time for the session.
  • acl Users proxy_auth REQUIRED : Set auth required for users

To reload, start & stop the squid service, in ubuntu it's :

  • sudo service squid <start|stop|reload|status>

Then you must add a rule to your firewall to deny all connection without localhost to port 9000

Here I used ufw:

  • sudo ufw deny port 9000
  • sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 9000

It's working on vlc (android & pc) because vlc support http auth.