Results 1 to 5 of 5

Thread: Limit public access to the dump1090 page only?

  1. #1
    Passenger
    Join Date
    Jan 2018
    Posts
    4

    Question Limit public access to the dump1090 page only?

    I was contemplating embedding my dump1090 radar image in my webpage.
    I only want the dump1090 page visible.
    As I want it as lightweight as possible, I was thinking of just using the lighttpd itself.

    My LAN is X.Y.Z

    I've made this so far:
    $HTTP["remoteip"] !~ "X.Y.Z\.|127.0.0.1" {
    url.access-deny = ( "" )
    $HTTP["url"] =~ "^/dump1090/gmap\.html$" {
    url.access-deny = ("disable")
    }
    }
    It surely opens up for the LAN, and only allows access to the dump1090/gmap.html
    However the gmap.html doesn't show the data, and reports it can't fetch data.
    I guess I need to open up for more files, but I'm not really an expert on lighttpd and which files dump1090 uses.

    I could get it shown by doing:
    $HTTP["remoteip"] !~ "Z.Y.Z\.|127.0.0.1" {
    url.access-deny = ( "" )
    $HTTP["url"] =~ "/dump1090/" {
    url.access-deny = ("disable")
    }
    }
    But is that safe?

    I then thought, hey, I'll change the root for non-local to make it prettier:
    $HTTP["remoteip"] !~ "X.Y.Z\.|127.0.0.1" {
    alias.url += (
    "/" => "/usr/share/dump1090-mutability/html/",
    "/data" => "/run/dump1090-mutability/"
    )
    }
    But that just gives me problems.

    Any ideas on if the first part (limit access) is ok, and how to get the last part (prettyfying it) working?

  2. #2
    Super Moderator
    Join Date
    May 2011
    Location
    T-NZCH1, PP:PH New Zealand
    Posts
    4,296
    Going by the server setup for my Pihole config I needed, youll need to specify all the .js permissions and .php along with them if you go specific like that.
    https://github.com/pi-hole/pi-hole/w...-Configuration

    Or as I was eluding to in other thread - this may work for lighttpd too? Or at least chuck it in nginx like I have.
    It does a capture all for one of my services and passed it all to the real port. So can't get past it until auth'd

    And you add a user with htpasswd

    server {
    listen <external port>;

    location / {
    auth_basic "Protected";
    auth_basic_user_file /home/pi/directory/server/htpasswd;

    proxy_pass http://127.0.0.1:<real port>;
    }
    Posts not to be taken as official support representation - Just a helpful uploader who tinkers

  3. #3
    Passenger
    Join Date
    Jan 2018
    Posts
    4
    Hi Oblivian

    Yes, thankyou, I just didn't want to clutter up the other thread :-)
    I don't really need authentication, I just want to embed it into my homepage.
    I know the Pi is surprisingly strong, and my first thought was nginx as well, as I've toyed with that a lot of years ago as well, but is it really necessary?
    I'm not that familiar with lighttpd, but I guess it would be nice to just be able to use that instead of installing yet another product on the Pi.

  4. #4
    Super Moderator
    Join Date
    May 2011
    Location
    T-NZCH1, PP:PH New Zealand
    Posts
    4,296
    Well theres a tonne of JS scripting around the dump1090 page. And it's core URLs are for local display as far as I know. So embedding/external linking may not be so easy

    I would assume similar to the access for pihole you need to allow those along with the $http calls above?

    For instance each type is specified for pihole

    location /*.js {
    index pihole/index.js;

    So unless the way you are configuring lighttpd will do all sub directories and scripts I don't see it happening so easy?
    Posts not to be taken as official support representation - Just a helpful uploader who tinkers

  5. #5
    Super Moderator
    Join Date
    May 2011
    Location
    T-NZCH1, PP:PH New Zealand
    Posts
    4,296
    This seems to go into it with a bit more detail on paths etc and may give tips

    https://www.reddit.com/r/pihole/comm...taneously_run/
    Posts not to be taken as official support representation - Just a helpful uploader who tinkers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •