From 1bc1af427b85315de0f101a32f3fe027bdadadb5 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Tue, 6 Mar 2018 13:01:22 -0500
Subject: [PATCH 1/4] Use htpasswd if exists

---
 root/defaults/default | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/root/defaults/default b/root/defaults/default
index ae5fb57..68b3e53 100644
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -1,3 +1,5 @@
+## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
+
 server {
 	listen 80 default_server;
 
@@ -12,10 +14,22 @@ server {
 	ssl_certificate_key /config/keys/cert.key;
 
 	client_max_body_size 0;
+	
+	if (-f /config/nginx/.htpasswd) {
+		return 599;
+	}
 
 	location / {
 		try_files $uri $uri/ /index.php?$args;
 	}
+	
+	error_page 599 = @htpasswd;
+	
+	location @htpasswd {
+		auth_basic "Restricted";
+		auth_basic_user_file /config/nginx/.htpasswd;
+		try_files $uri $uri/ /index.php?$args;
+	}
 
 	location ~ \.php$ {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;

From bce88664bf3dfb708b5aeaadfe1b4cf58c192f14 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Tue, 6 Mar 2018 13:11:03 -0500
Subject: [PATCH 2/4] Update README.md

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 090be8c..faa19f8 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,10 @@ In this instance `PUID=1001` and `PGID=1001`. To find yours use `id user` as bel
 
 Access the web gui at http://SERVERIP:PORT
 
+## Adding password protection
+
+This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with the htpasswd support will be created in its place.
+
 ## Info
 
 * To monitor the logs of the container in realtime `docker logs -f heimdall`.
@@ -82,4 +86,5 @@ Access the web gui at http://SERVERIP:PORT
 
 ## Versions
 
++ **06.03.18:** Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place
 + **12.02.18:** Initial Release.

From f084b9028217e31bb50d8aae426a9be3dccacfda Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Tue, 6 Mar 2018 13:44:17 -0500
Subject: [PATCH 3/4] fix if statement logic

---
 root/defaults/default | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/root/defaults/default b/root/defaults/default
index 68b3e53..fcf9351 100644
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -15,21 +15,20 @@ server {
 
 	client_max_body_size 0;
 	
-	if (-f /config/nginx/.htpasswd) {
-		return 599;
-	}
+        error_page 599 = @noauth;
 
-	location / {
-		try_files $uri $uri/ /index.php?$args;
-	}
-	
-	error_page 599 = @htpasswd;
-	
-	location @htpasswd {
-		auth_basic "Restricted";
-		auth_basic_user_file /config/nginx/.htpasswd;
-		try_files $uri $uri/ /index.php?$args;
-	}
+        location / {
+                if (!-f /config/nginx/.htpasswd) {
+                        return 599;
+                }
+                auth_basic "Restricted";
+                auth_basic_user_file /config/nginx/.htpasswd;
+                try_files $uri $uri/ /index.php?$args;
+        }
+
+        location @noauth {
+                try_files $uri $uri/ /index.php?$args;
+        }
 
 	location ~ \.php$ {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;

From 614bba29600e6013367320fdbc8022d9205f13b6 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Tue, 6 Mar 2018 13:48:12 -0500
Subject: [PATCH 4/4] fix typo

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index faa19f8..fdbfff5 100644
--- a/README.md
+++ b/README.md
@@ -69,7 +69,7 @@ Access the web gui at http://SERVERIP:PORT
 
 ## Adding password protection
 
-This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with the htpasswd support will be created in its place.
+This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
 
 ## Info