valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove HTTP Basic Auth from Kit stack services

Browse Source 
Removed authentication middleware from Vert and Paint services:
- Removed basicauth middleware labels from vert service
- Removed basicauth middleware labels from paint service
- Updated middleware chains to exclude auth
- Updated CLAUDE.md to reflect public access

All Kit stack services (landing, vert, paint) are now publicly
accessible without authentication as they are client-side tools
that don't require protection.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Sebastian Krüger
2025-11-07 12:14:46 +01:00
parent fc1c149ac6
commit 739982d8a7
2 changed files with 3 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CLAUDE.md
View File

@@ -269,13 +269,12 @@ VERT universal file format converter:
- No file size limits
- Privacy-focused: all conversions happen in the browser
- No persistent data storage required
- Protected by HTTP Basic Auth (credentials in `.env`)
- Publicly accessible (no authentication required)
**Configuration**:
- **PUB_HOSTNAME**: `vert.kit.pivoine.art` (public hostname)
- **PUB_ENV**: `production` (environment mode)
- **PUB_DISABLE_ALL_EXTERNAL_REQUESTS**: `true` (privacy mode)
- **AUTH_USERS**: Shared HTTP Basic Auth credentials (htpasswd format in `.env`)
**Usage**:
Access https://vert.kit.pivoine.art and drag/drop files to convert between formats. All processing happens in your browser using WebAssembly - no data is uploaded to the server.

6
kit/compose.yaml
View File

@@ -45,9 +45,8 @@ services:
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.rule=Host(`${KIT_VERT_TRAEFIK_HOST}`)'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.tls.certresolver=resolver'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.entrypoints=web-secure'
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-auth.basicauth.users=${AUTH_USERS}'
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-compress.compress=true'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-auth,${KIT_COMPOSE_PROJECT_NAME}-vert-compress,security-headers@file'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-compress,security-headers@file'
# Service
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-vert.loadbalancer.server.port=80'
- 'traefik.docker.network=${NETWORK_NAME}'
@@ -74,9 +73,8 @@ services:
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.rule=Host(`${KIT_PAINT_TRAEFIK_HOST}`)'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.tls.certresolver=resolver'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.entrypoints=web-secure'
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-auth.basicauth.users=${AUTH_USERS}'
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-compress.compress=true'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-auth,${KIT_COMPOSE_PROJECT_NAME}-paint-compress,security-headers@file'
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-compress,security-headers@file'
# Service
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-paint.loadbalancer.server.port=80'
- 'traefik.docker.network=${NETWORK_NAME}'