I would like to know if it is possible and if so, how to synchronize Nextcloud authentication data/backend with NGINX basic auth password file.
Use case:
- Lets have a reverse proxy connected to the Internet, serving the instance nextcloud.example.com
- The server itself lives on internal network behind DNS split horizon (which may not be important now, but worth to mention)
- Users connecting from internal network are treated as trusted so they can connect the internal server directly (the Nextcloud PHP instance is exposed without any extra added protection)
- Users connecting from the Internet are however evils and are trying to hack/crack to naked Nextcloud PHP instance, therefore the NGINX reverse proxy employs simple Basic HTTP Authentication to prevent the evils to play with PHP hacks.
Apparently it is now obvious what is my problem. In order to fully use the Nextcloud (WebDAV & friends) The reverse proxy need to be able to authenticate the same users and credentials as the internal Nextcloud instance does.
The use case is proven and works. It however requires that the reverse proxy has up-to-date basic auth file (which I am updatin now manulay).
Is there any possibility to export the internal Nextcloud ‘user credentials’ database to ‘htpasswd’ format/file?