Hello,
I’m running a small shell server for me and my friends and would like
every user to have his own example.com/user web-accessible,
password-protected directory not available to other users. Preferably,
with authentication against PAM so that one password could be used for
all services.
Currently, this is the configuration I came up with (no PAM
authentication yet):
location ~ ^/(.+?)/download(/.*) Â {
        auth_basic       “Restricted”;
        auth_basic_user_file  /etc/nginx/htpasswd;
        alias /home/$1/download$2;
        autoindex on;
        include mime.types;
        types { }
        default_type application/octet-stream;
    }
and it works as expected. Now, I tried to separate users’ access (so
that any given user had access only to his directory) with the if
statements:
location ~ ^/(.+?)/download(/.*) Â {
        auth_basic       “Restricted”;
        auth_basic_user_file  /etc/nginx/htpasswd;
        alias /home/$1/download$2;
        autoindex on;
        include mime.types;
        types { }
        default_type application/octet-stream;
        if ($remote_user != ‘’) { set $hack b; }
        if ($remote_user != $1) { set $hack a$hack; }
        if ($hack = ab) { return 403; }
    }
That caused 404 errors. This is the relevant fragment of the error log:
2010/09/21 23:12:41 [error] 31813#0: *245 “/home/wmp/download/.1
Hostindex.html” is not found (2: No such file or directory), client:
87.205.146.217, server: domain, request: “GET /wmp/download/
HTTP/1.1”, host: “domain:9900”
And this is debug.log: http://pastebin.com/4wUQkXZH
Nginx was compiled with the following options:
–conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid
–lock-path=/var/lock/nginx.lock
–http-client-body-temp-path=/var/lib/nginx/body
–http-proxy-temp-path=/var/lib/nginx/proxy
–http-fastcgi-temp-path=/var/lib/nginx/fastcgi  --with-debug
–with-http_stub_status_module --with-http_flv_module
–with-http_ssl_module --with-http_dav_module
–with-http_gzip_static_module --with-http_realip_module --with-mail
–with-mail_ssl_module --with-ipv6
–add-module=/home/wmp/tmp/nginx/nginx-0.7.65/modules/nginx-upstream-fair
–add-module=/home/wmp/tmp/nginx/nginx-0.7.65/modules/ngx_http_auth_pam
–with-perl=/usr/bin/perl --sbin-path=/usr/sbin
–error-log-path=/var/log/nginx/error.log
–http-log-path=/var/log/nginx/access.log --with-http_perl_module
wmp is, obviously, my username
Is what I’m trying to do even possible? If so, how?
I would like to thank kolbyjack from nginx for his help with this
problem so far.
–
Marcin Janowski(WMP)