Camilla Proxy behind HTTP basic auth#

There are several ways to control who can use Camilla Proxy once you have it running. One of them is to ask for a username and password when someone navigates to Camilla Proxy’s dashboard URL. This guide will explain how you can configure this kind of security using Nginx.

Info

Assumed is that you have Nginx already installed and have a site running.

Step 1: Putting Camilla Proxy behind a reverse proxy#

You need to install Nginx first. Camilla Proxy comes with its own HTTP-server and you don’t need a webserver like Nginx or Apache to expose the dashboard at first. However, Camilla’s HTTP-server can serve the dashboard files but not more. It does not allow for custom routing and advanced webserver settings like protecting pages with a password. This is what we need Nginx for.

Find the Nginx configuration file of the host you want to add Camilla Proxy to and add the following lines in the server block.

   location /camilla/ {
        proxy_pass http://127.0.0.1:7777/;
        proxy_set_header Host $host;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
   }

After the Nginx configuration was reloaded you can access the dashboard via the following URL, but it is still not yet asking for a username and password.

http://hostname/camilla

(Replace “hostname” with the name or address of your server)

Step 2: Creating the user credentials file#

To be written... see step 1 and 2 of this guide

Step 3: Putting the security in effect#

To be written... see step 3 of this guide

Step 4: Protecting Camilla Proxy access from outside the server#

To be written...

Camilla Proxy uses port 7777 (dashboard) and port 8888 (proxy) so it is wise to add these ports to your firewall rules accordingly.

Warning

This works for Camilla Proxy version 0.5-1 and higher.