ip-auth

command module
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 15, 2025 License: MIT Imports: 19 Imported by: 0

README

IP Auth

There are circumstances where properly setup Basic Auth won't work [1]. IP Auth is a workaround by allowing specific IPs access to the service and proxying the traffic to the original service. Allowed IPs can be specified or dynamically added by passing a Basic Auth login once from any device on the same IP. Everything is stored in memory and will be lost on restarts.

Installation

Binaries

Binaries are available for all major platforms. See the releases page.

Container
# do not use the 'main' tag and specify a version or hash instead!
docker pull ghcr.io/sj14/ip-auth:main

Add the container as a sidecar and point your endpoints to it.

Homebrew

Using the Homebrew package manager for macOS:

brew install sj14/tap/ip-auth
Go

It's also possible to install via go install:

go install github.com/sj14/ip-auth@latest

Usage

  -allow-cidr string
        allow the given CIDR (e.g. 10.0.0.0/8,192.168.0.0/16)
  -allow-hosts string
        allow the given host IPs (e.g. example.com)
  -ban-duration duration
        cleanup bans and failed login attempts (0 to disable) (default 1h0m0s)
  -basic-auth-duration duration
        Cleanup Basic Auth authentications (0 to disable) (default 1h0m0s)
  -deny-cidr string
        block the given CIDR (e.g. 10.0.0.0/8,192.168.0.0/16)
  -deny-private
        deny IPs from the private network space
  -host-ip-renewal duration
        Renew host IPs (default 1h0m0s)
  -ip-header string
        e.g. 'X-Real-Ip' or 'X-Forwarded-For' when you want to extract the IP from the given header
  -listen string
        listen for connections (default ":8080")
  -max-attempts int
        ban IP after max failed auth attempts (0 to disable) (default 10)
  -network string
        tcp, tcp4, tcp6, unix, unixpacket (default "tcp")
  -status-path string
        show info for the requesting IP (default "/ip-auth")
  -target string
        proxy to the given target
  -users string
        allow the given basic auth credentals (e.g. user1:pass1,user2:pass2)
  -verbosity string
        one of 'Debug', 'Info', 'Warn', or 'Error' (default "Info")

All options can also be set as environment variables by using their uppercase flag names and changing dashes (-) with underscores (_).

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.