Proxy: Public & Private access to various paths

[ninodpa]

Hi,

i would like to test this great tool, but i wonder how your ifrastruture is?.

We have the frontend, where we set our password and an url is genererated to distribute.

How can i configure it to not expose the url generator to internet? I mean, use the generator internallly in my local network and users can access to the url with the credentials from the internet?

Could you give some advice to setup this with docker-compose? And use my own domain with ssl.

What are the most common setups?

Many thanks in advance,
Nino

[pglombardo]

Hi @ninodpa,

If I understood your question correctly, there are a couple options but this one comes to mind:

You could set PWP__ALLOW_ANONYMOUS=false which will require people to log in to access the front page. Secret URLs will still be public. Note that this feature requires logins to be enabled.

All of these settings are laid out in the Configuration documentation.

The application is highly configurable. Take a look at the Configuration document for more options.

Is this what you are looking to achieve?

[ninodpa]

Many thanks,

sorry i did not explain well. I would not like to expose pwpush to internet, just access from from my own local network to generate the url for external users, but the users still able to access the ephimeral url from internet.

Best regards!

[pglombardo]

That is more complex proxy rules. You would have to expose the following paths in your proxy:

1. GET /*/p/* and /p/* for password pushes
2. GET /*/f/* and /f/* for file pushes
3. GET /*/r/* and /r/* for URL pushes

How to do this depends on which proxy you're using and is beyond the scope of this repo (and my abilities). You could search the issues as some have done similar things. For example, see these nginx issues and discussions.

If you're new to this, PWP__ALLOW_ANONYMOUS=false is really the easier path.

[ninodpa]

Many thanks pglombardo, this give me the path. Much appreciated.