Thank you all. I now see what I was missing. In order to add the
username/password to the command line, I needed to add all the preceding
parameters, even though they have default parameters. Thanks!
As for how I set up Nginx to forward, here's the config for it, below. I'm
sure it could be simplified, though.
For this to work, you need to create (or buy) the SSL cert and key.
There's lots of guides and ways to do that on the web. Also, I created
the dhparam.pem file to increase security, but it isn't necessary. Again,
there are guides on how.
server {
listen 80;
server_name my.domain.name;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name my.domain.name;
ssl_certificate /etc/nginx/ssl/my.domain.name.crt;
ssl_certificate_key /etc/nginx/ssl/my.domain.name.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
access_log /var/log/nginx/my.domain.name.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the “It appears that your reverse proxy set up is
broken" error.
proxy_pass http://localhost:8080;
proxy_read_timeout 90;
proxy_redirect http://localhost:8080
https://my.domain.name;
}
}
On Friday, June 5, 2015 at 12:38:17 PM UTC-5, Steve Meacham wrote:
>
> My goal is to have a private but web-accessible TiddlyWiki5. So far, I
> have it running on Debian using node.js. Nginx is a reverse proxy, making
> it accessible only by using HTTPS (SSL). All of this works.
>
> What remains is to prevent others from seeing or modifying it's content.
> I don't understand how the TiddlyWiki5's password feature(s) work. Can
> they put it behind a password wall? Or maybe there is some form of
> authentication that nginx can add?
>
> Please advise. Several days of searching here and through Google have
> left me still empty-handed.
>
--
You received this message because you are subscribed to the Google Groups
"TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to tiddlywiki+unsubscr...@googlegroups.com.
To post to this group, send email to tiddlywiki@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit
https://groups.google.com/d/msgid/tiddlywiki/9fdaa23b-7b38-4f36-bc0f-9acd440c8b6f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
