caddy-security icon indicating copy to clipboard operation
caddy-security copied to clipboard
verified publisher icon greenpau

ACL / Authorization With Caddy

Open PackMeister opened this issue 3 years ago • 4 comments

We have a config.xml file we wish to make available via Caddy to approximately six VOIP softphones connected to a private Asterisk-based PBX.

However, we'd like to somehow deny access to this file (it contains various credentials) to all but a specified list of devices or users.

Is this something Caddy can do itself or be provided via caddy-security module?

PackMeister avatar Oct 03 '22 18:10 PackMeister

@PackMeister , create policy that restricts access to everyone but a specific set of roles. Then, use caddy’s path match for the file and authorize access with that policy.

greenpau avatar Oct 03 '22 18:10 greenpau

Would the policy be created in/with stock Caddy?

Or with the caddy-security module?

Are there any docs or links with examples illustrating your suggestion?

PackMeister avatar Oct 03 '22 19:10 PackMeister

Would the policy be created in/with stock Caddy? Or with the caddy-security module? Are there any docs or links with examples illustrating your suggestion?

@PackMeister , all config examples are here: https://github.com/authp/authp.github.io/tree/main/assets/conf

greenpau avatar Nov 07 '22 02:11 greenpau

However, we'd like to somehow deny access to this file (it contains various credentials) to all but a specified list of devices or users.

@PackMeister , this one is connected to network-based ACL. See related request https://github.com/greenpau/caddy-security/issues/181

greenpau avatar Nov 07 '22 02:11 greenpau