From ae167d33170ec030236cb89a87284d8eecd484e4 Mon Sep 17 00:00:00 2001
From: Emilien Mantel <emilien.mantel@debianiste.org>
Date: Wed, 8 Mar 2017 11:10:14 +0100
Subject: [PATCH] Disabling htpasswd by setting false

---
 doc/vhost.md                                 | 2 +-
 templates/etc/nginx/sites-available/_base.j2 | 6 ++++--
 tests/test.yml                               | 2 ++
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/doc/vhost.md b/doc/vhost.md
index a6f9af4..541af36 100644
--- a/doc/vhost.md
+++ b/doc/vhost.md
@@ -23,7 +23,7 @@ Common
 - `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
 - `override_try_files`: (O) overrides default try\_files defined in template
 - `manage_local_content`: (O) Boolean. Set to false if you do not want to manage local content (images, css...). This option is useless if you use `_proxy` template or `redirect_to` feature.
-- `htpasswd`: (O) References name key in `nginx_htpasswd`. Enable auth basic on all vhost.
+- `htpasswd`: (O) References name key in `nginx_htpasswd`. Enable auth basic on all vhost. Set "false" to disable.
 - `proto`: (O) list of protocol used. Default is a list with "http". If you need http and https, you must set a list with "http" and "https". You can only set "https" without http support.
 - `ssl_name`: (D) name of the key used when using TLS/SSL. Optional when `proto` contains "https". If you don't set this value, it will search by `name`.
 - `ssl_template` (O) "strong" (default) or "legacy". You can disable SSL helpers and add your own directives by setting "false".
diff --git a/templates/etc/nginx/sites-available/_base.j2 b/templates/etc/nginx/sites-available/_base.j2
index d495b13..5999ed5 100644
--- a/templates/etc/nginx/sites-available/_base.j2
+++ b/templates/etc/nginx/sites-available/_base.j2
@@ -9,10 +9,12 @@
 {% set __ssl_name = item.ssl_name | default(item.name if item.name is string else item.name[0]) %}
 {% set __location_order = item.location_order | default(__location.keys()) %}
 {% macro htpasswd(htpasswd_name, indent=1) -%}
-{% for ht in nginx_htpasswd if ht.name == htpasswd_name %}
+{%- if htpasswd_name != false %}
+{%- for ht in nginx_htpasswd if ht.name == htpasswd_name %}
 {{ "\t" * indent }}auth_basic "{{ ht.description }}";
 {{ "\t" * indent }}auth_basic_user_file {{ nginx_htpasswd_dir }}/{{ ht.name }};
-{% endfor%}
+{%- endfor %}
+{%- endif %}
 {%- endmacro %}
 {% macro ssl(ssl_name) %}
 {% for sn in nginx_ssl_pairs if sn.name == ssl_name %}
diff --git a/tests/test.yml b/tests/test.yml
index 69fa8aa..8ca30f8 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -147,6 +147,8 @@
         location:
           '/hello':
             - htpasswd: 'hello'
+          '/public':
+            - htpasswd: false
         use_error_log: true
       - name: 'test-htpasswd-all.local'
         template: '_base'