davide/palladium-stack
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(dashboard): require basic auth for external clients only

Browse Source 
- Allow direct access from localhost and private RFC1918 networks
- Enforce HTTP Basic Auth for non-private/external source IPs
- Read dashboard credentials from compose env vars
- Add .env.example entries for DASHBOARD_AUTH_USERNAME/PASSWORD
- Update README and DASHBOARD docs
This commit is contained in:
davide3011
2026-02-16 09:41:44 +01:00
parent ae91163168
commit 742b0662a7
5 changed files with 79 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -242,6 +242,7 @@ For your ElectrumX server to be accessible from the internet, you **must** confi
**Security Notes:**
- Only forward port **8080** if you want the dashboard accessible from internet (not recommended without authentication)
- Consider using a VPN for dashboard access instead
- External dashboard clients (public IPs) require Basic Auth. Configure `DASHBOARD_AUTH_USERNAME` and `DASHBOARD_AUTH_PASSWORD` in `.env` (see `.env.example`).
- Ports **50001** and **50002** need to be public for Electrum wallets to connect
- Port **2333** is required for the node to sync with the Palladium network