From d33a60b94290c162ffe18e1a2d1a63ef069397a6 Mon Sep 17 00:00:00 2001
From: Enes Aldemir <aldemirenes@live.com>
Date: Wed, 5 Jul 2017 18:29:58 +0300
Subject: [PATCH] Get username and password for basic authentication via
 user_data.sh (closes #107)

---
 provisioning/resources/configs/Caddyfile |  8 ++++++++
 utils/scripts/user_data.sh               | 16 +++++++++++++---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/provisioning/resources/configs/Caddyfile b/provisioning/resources/configs/Caddyfile
index effcd5a8..50bcc1ed 100644
--- a/provisioning/resources/configs/Caddyfile
+++ b/provisioning/resources/configs/Caddyfile
@@ -1,4 +1,12 @@
 localhost:2000 {
+        basicauth "USERNAME_PLACEHOLDER" PASSWORD_PLACEHOLDER {
+             /
+             /kibana
+             /igluserver
+             /api
+             /elasticsearch
+             /controlplane
+        }
         proxy / localhost:3000
         proxy /collector localhost:8080 {
             without /collector
diff --git a/utils/scripts/user_data.sh b/utils/scripts/user_data.sh
index 2fd34f68..29662477 100755
--- a/utils/scripts/user_data.sh
+++ b/utils/scripts/user_data.sh
@@ -6,23 +6,33 @@ iglu_server_super_uid="980ae3ab-3aba-4ffe-a3c2-3b2e24e2ffce"
 domain_name=example.com
 tls_cond="off"
 
+username=USERNAME_PLACEHOLDER
+password=PASSWORD_PLACEHOLDER
+
+
 # DO NOT ALTER BELOW #
+#add apiKey to iglu-resolver.json for auth in the iglu server
 iglu_resolver_config_dir="/home/ubuntu/snowplow/configs/iglu-resolver.json"
 sed -i 's/\(.*"apikey":\)\(.*\)/\1 "'$iglu_server_super_uid'"/' $iglu_resolver_config_dir
 
+#write super apikey to db
 export PGPASSWORD=snowplow
 iglu_server_setup="INSERT INTO apikeys (uid, vendor_prefix, permission, createdat) VALUES ('${iglu_server_super_uid}','*','super',current_timestamp);"
 psql --host=localhost --port=5432 --username=snowplow --dbname=iglu -c "${iglu_server_setup}"
 
+#add domain name to Caddyfile
 inserted_line=""
-
 sed -i '1d' /home/ubuntu/snowplow/configs/Caddyfile #delete first line of the default Caddyfile 
-
 if [[ "${tls_cond}" == "on" ]]; then
   inserted_line="$domain_name *:80 { \n        tls example@example.com \n"
 else
   inserted_line="*:80 { \n        tls off \n"
 fi
+sed -i "1s/^/${inserted_line}/" /home/ubuntu/snowplow/configs/Caddyfile
 
 
-sed -i "1s/^/${inserted_line}/" /home/ubuntu/snowplow/configs/Caddyfile
+#add username and password to Caddyfile for basic auth
+sed -i "s/USERNAME_PLACEHOLDER/$username/g" /home/ubuntu/snowplow/configs/Caddyfile
+sed -i "s/PASSWORD_PLACEHOLDER/$password/g" /home/ubuntu/snowplow/configs/Caddyfile
+sudo service caddy_init restart
+