software/nginx-push-stream: disable basic authentication

When EventSource from browser, it's not possible to pass basic authentication.
Some polyfills such as https://www.npmjs.com/package/event-source-polyfill
allow to pass custom headers, but it seems easier to rely on native EventSource.

We did not really need basic authentication in the first place, because in our
use cases we don't send confidential information over SSE. Also, we can use
hard to guess channel IDs, so basic authentication does not add much.

software/nginx-push-stream/buildout.hash.cfg

@@ -4,8 +4,8 @@ md5sum = eb4c69df9a8dbb94fb76d0a6c11e360f
 
 [template-nginx-configuration]
 filename = template-nginx.cfg.in
-md5sum = d22b53eaf4b3d6b5cff043bf8e6cd7c1
+md5sum = 1cff0aa9908d8ead05d9c8faef77d51f
 
 [template-nginx]
 filename = instance-nginx.cfg.in
-md5sum = 3ed378222e0529bd2aa6e43239a07f1c
+md5sum = 71daee817cb08834ab1502d01a9b96d0

software/nginx-push-stream/instance-nginx.cfg.in

 [buildout]
 parts =
   nginx-service
-  htpasswd
-  htpasswd-runner
   publish-connection-information
 
 eggs-directory = ${buildout:eggs-directory}
@@ -53,24 +51,9 @@ subscriber-location-prefix = /sub
 subscriber-allow-credential = 'false'
 subscriber-allow-methods = 'GET, HEAD, OPTIONS'
 subscriber-allow-headers = 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
-
-[htpasswd]
-recipe = slapos.cookbook:generate.password
-storage-path = $${directory:etc}/.pwd
-bytes = 8
-
-[htpasswd-runner]
-recipe = plone.recipe.command
-stop-on-error = true
-htpasswd-path = $${directory:etc}/.htpasswd
-command = if [ ! -f "$${:htpasswd-path}" ]; then ${buildout:bin-directory}/htpasswd -cb $${:htpasswd-path} $${:user} $${:password}; fi
-update-command = $${:command}
-user = admin
-password = $${htpasswd:passwd}
+base-url = http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}
 
 [publish-connection-information]
 recipe = slapos.cookbook:publish
-init-password = $${htpasswd:passwd}
-init-user = $${htpasswd-runner:user}
-publisher-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:publisher-location-prefix}
-subscriber-url = http://$${htpasswd-runner:user}:$${htpasswd:passwd}@[$${nginx-configuration:ip}]:$${nginx-configuration:port}$${nginx-configuration:subscriber-location-prefix}
+publisher-url = $${nginx-configuration:base-url}$${nginx-configuration:publisher-location-prefix}
+subscriber-url = $${nginx-configuration:base-url}$${nginx-configuration:subscriber-location-prefix}

software/nginx-push-stream/template-nginx.cfg.in

@@ -65,9 +65,6 @@ server {
   client_body_temp_path $${directory:varnginx} 1 2;
   proxy_temp_path $${directory:varnginx} 1 2;
 
-  auth_basic           "Nginx Access";
-  auth_basic_user_file $${htpasswd-runner:htpasswd-path};
-
   ## Serve an error 204 (No Content) for favicon.ico
   location = /favicon.ico {
     return 204;