read only web ui

[kostyrev]

Is it possible to make web ui read only?
I'd like to be able to browse :9998/health and :9998/routes from 0.0.0.0/0 but not to allow overrides.

[magiconair]

Not at the moment. What would be a good way of supporting this?

[kostyrev]

from user perspective something like this will do.

[deuch]

A read-only option, a secure way to access (LDAP, oauth2 etc...) or a disable switch will be good solutions regarding security.

The Best is authentication for me. But it's not the simpliest one for a first shot :) a read-only option can be a good start !

[magiconair]

Read-Only and authentication are two different concepts. They're related but not the same. Setting the UI to read-only would allow you to have a set of public fabios and maybe one internal where you allow the overrides. I think that might be a good compromise that is simple enough and covers enough use-cases without full-blown auth.

The problem with authentication is that you need ssl for this which means you need a cert and you need to manage the secret or the integration into some auth system. There is #166 and #25 already open and to do this properly I'd need to add auth backends like ldap, pam, oauth, ... as a concept and integrate that with the UI. However, that would put the entire UI under access control.

I want to add auth at some point but I'd prefer to provide you a solution now if possible.

[magiconair]

I've added an ui.access option which is one of off, ro and rw. The default is rw. This should leave some room for future enhancements like auth, ... Could you please test whether this works for you?

[kostyrev]

@magiconair I confirm. Setting to ro and off are working as expected.
Thanks!

[magiconair]

@deuch do you have an opinion about the off switch since it does not fully disable the UI endpoint. You can achieve that by not setting ui.addr but then the consul registration of fabio becomes tricky since there isn't a health endpoint.

[deuch]

I understand it becomes tricky for the off option. A ro and rw option can do it actually.

An another option : Set a token in the UI (ACL with write right) like in the Consul UI to be able to modify some routes for example ? It's just a thought :) By default it's RO and to be able to modify, you need a consul token, so it can bring some "security".

[magiconair]

I think I'll just drop the off options for now until someone asks for it explicitly.

[magiconair]

I've dropped off for now. We can always add it later if someone really wants it.

[muravitskiy]

Ok so now I'm asking for this option :)

[pySilver]

IMHO health and UI are separate beasts. Unintentionally open UI may leak your endpoint IPs which you probably don't want to share with everyone around.