Basic authentication for everyone except localhost in nginx

Revisions:

Introduction

I have a shop order system where some admin pages are password protected using HTTP Basic Auth in nginx. Now I want to have a monitoring daemon accessing the admin pages without it having to authenticate itself.

location /admin {
  satisfy any;

  allow 127.0.0.1;
  deny  all;

  auth_basic "r u l33t f00di3?";
  auth_basic_user_file /srv/foodshop-tesoro/.htpasswd;
}

The clue here is the satisfy directive, which can be either all or any. Setting any in this case forces the request to either stem from localhost, or to be authenticated using auth_basic.

References