PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Consolidate nginx docs and scripts, update paths

Browse Source
This commit is contained in:
Pontoporeia
2026-04-15 10:58:49 +02:00
parent 3cd96ed28a
commit 507f3eb704
23 changed files with 645 additions and 2256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

275
nginx/docs/ADMIN_USERS.md Normal file
View File

@@ -0,0 +1,275 @@
# Managing Admin Users - Post-ERG
Quick guide to manage admin users for the Post-ERG admin panel.
---
## 🎯 Quick Commands
### Interactive Menu (Recommended)
```bash
# From your local machine
just manage-admin-users
# Then on the server
ssh posterg
sudo bash /tmp/manage-admin-users.sh
```
This gives you an interactive menu to:
1. List all users
2. Add new user
3. Change user password
4. Delete user
5. Reset all (start fresh)
---
## 📝 Manual Commands
### List Current Users
```bash
ssh posterg
sudo cut -d: -f1 /etc/nginx/.htpasswd-posterg
```
### Change Password for Existing User
```bash
ssh posterg
sudo htpasswd /etc/nginx/.htpasswd-posterg username_here
```
You'll be prompted to enter the new password twice.
### Add New User
```bash
ssh posterg
sudo htpasswd /etc/nginx/.htpasswd-posterg new_username
```
### Delete User
```bash
ssh posterg
sudo htpasswd -D /etc/nginx/.htpasswd-posterg username_to_delete
```
### Reset Everything (Start Fresh)
```bash
ssh posterg
sudo htpasswd -c /etc/nginx/.htpasswd-posterg new_username
```
⚠️ **Warning:** The `-c` flag creates a new file, deleting all existing users!
---
## 🚀 Deploy Management Script
To upload the interactive management script to the server:
```bash
# From your local machine
just manage-admin-users
# Or manually:
rsync -v scripts/manage-admin-users.sh posterg:/tmp/manage-admin-users.sh
```
---
## 🔑 Current Setup
After deployment, your admin panel has:
- **URL:** https://posterg.erg.be/admin/
- **Current user:** `test_posterg_22@`
- **Password:** Set during initial deployment
---
## 💡 Common Scenarios
### Scenario 1: Change Current Password
```bash
ssh posterg
sudo htpasswd /etc/nginx/.htpasswd-posterg test_posterg_22@
# Enter new password when prompted
```
### Scenario 2: Change Username
Since you can't rename users, you need to:
```bash
ssh posterg
# Add new user
sudo htpasswd /etc/nginx/.htpasswd-posterg new_username
# Delete old user
sudo htpasswd -D /etc/nginx/.htpasswd-posterg test_posterg_22@
```
### Scenario 3: Forgot Username
```bash
ssh posterg
sudo cut -d: -f1 /etc/nginx/.htpasswd-posterg
```
### Scenario 4: Multiple Admins
```bash
ssh posterg
# Add second admin
sudo htpasswd /etc/nginx/.htpasswd-posterg admin2
# Add third admin
sudo htpasswd /etc/nginx/.htpasswd-posterg admin3
```
All users can log into `/admin/` with their own credentials.
### Scenario 5: Start Over with New Username
```bash
ssh posterg
# This will DELETE ALL existing users and create a new one
sudo htpasswd -c /etc/nginx/.htpasswd-posterg new_admin
```
---
## 🧪 Testing
After changing users/passwords:
```bash
# Test that password is required
curl -I https://posterg.erg.be/admin/
# Should return: 401 Unauthorized
# Test with credentials
curl -u username:password https://posterg.erg.be/admin/
# Should return: 200 OK
```
No nginx reload needed - changes take effect immediately!
---
## 📊 Password File Details
**Location:** `/etc/nginx/.htpasswd-posterg`
**Format:** Standard Apache htpasswd format
```
username:$apr1$encrypted_password_hash
```
**Permissions:**
```bash
-rw-r--r-- root root /etc/nginx/.htpasswd-posterg
```
---
## 🔒 Security Tips
1. **Use Strong Passwords**
```bash
# Generate a strong password
openssl rand -base64 32
```
2. **Avoid Common Usernames**
- ❌ Bad: `admin`, `administrator`, `root`
- ✅ Good: `posterg_admin`, `erg_webmaster`
3. **Regular Password Changes**
- Change passwords every 3-6 months
- Change immediately if compromised
4. **Monitor Access**
```bash
# Check who's accessing the admin panel
ssh posterg
sudo grep "admin" /var/log/nginx/posterg_access.log
```
5. **Backup Password File**
```bash
ssh posterg
sudo cp /etc/nginx/.htpasswd-posterg /etc/nginx/.htpasswd-posterg.backup
```
---
## 🆘 Troubleshooting
### "401 Unauthorized" even with correct password
**Check file exists:**
```bash
ssh posterg
ls -la /etc/nginx/.htpasswd-posterg
```
**Verify user exists:**
```bash
sudo cat /etc/nginx/.htpasswd-posterg
```
**Check nginx config:**
```bash
sudo grep -A 5 "auth_basic" /etc/nginx/sites-available/posterg
```
### Can't change password - "command not found"
**Install apache2-utils:**
```bash
ssh posterg
sudo apt update
sudo apt install apache2-utils
```
### Password file got deleted
**Recreate it:**
```bash
ssh posterg
sudo htpasswd -c /etc/nginx/.htpasswd-posterg new_admin
```
---
## 📞 Quick Reference
| Task | Command |
|------|---------|
| **Interactive menu** | `sudo bash /tmp/manage-admin-users.sh` |
| **List users** | `sudo cut -d: -f1 /etc/nginx/.htpasswd-posterg` |
| **Change password** | `sudo htpasswd /etc/nginx/.htpasswd-posterg username` |
| **Add user** | `sudo htpasswd /etc/nginx/.htpasswd-posterg newuser` |
| **Delete user** | `sudo htpasswd -D /etc/nginx/.htpasswd-posterg username` |
| **Reset all** | `sudo htpasswd -c /etc/nginx/.htpasswd-posterg newuser` |
| **Generate password** | `openssl rand -base64 32` |
---
## ✅ After Making Changes
No action needed! Changes to the password file take effect immediately.
You can verify with:
```bash
curl -u username:password https://posterg.erg.be/admin/
```
---
**Remember:** Store passwords securely using a password manager! 🔐