From 9a0aa359a5757a75329e0f5fddea1bba44c45e29 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sat, 4 Nov 2023 21:34:03 +0100
Subject: [PATCH] add basic auth to torrent

---
 nomad-job/rutorrent.nomad | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/nomad-job/rutorrent.nomad b/nomad-job/rutorrent.nomad
index 61838cd..930f0ef 100644
--- a/nomad-job/rutorrent.nomad
+++ b/nomad-job/rutorrent.nomad
@@ -6,6 +6,9 @@ job "torrent" {
   meta {
     forcedeploy = "0"
   }
+  vault {
+    policies= ["torrent"]
+  }
   group "bittorent" {
     network {
       mode = "host"
@@ -40,10 +43,17 @@ job "torrent" {
           "traefik.http.routers.${NOMAD_JOB_NAME}.tls.domains[0].sans=${NOMAD_JOB_NAME}.ducamps.win",
           "traefik.http.routers.${NOMAD_JOB_NAME}.tls.certresolver=myresolver",
           "traefik.http.routers.${NOMAD_JOB_NAME}.entrypoints=web,websecure",
-
-
+          "traefik.http.routers.${NOMAD_JOB_NAME}.middlewares=torrentauth",
+          "traefik.http.middlewares.torrentauth.basicauth.users=admin:${ADMIN_HASHED_PWD}"
         ]
       }
+      template {
+        data = <<-EOF
+          ADMIN_HASHED_PWD={{ with secret "secrets/nomad/torrent" }}{{.Data.data.hashed_pwd}}{{ end }}
+        EOF
+        destination = "secrets/env"
+        env = true
+      }
       user = "root"
       config {