Hi, I came to an interesting setup that I would love to solve with Traefik, however, playing around with the docker labels hasn't helped much yet.
We have a CMS available under cms.domain.tld and the corresponding admin panel available under cms.domain.tld/admin.
The first domain must be publicly accessible without any issues with all routes but /admin (which should be protected through basic auth).
I would like to only password protect the /admin route, where it is to be noted that once on the admin route, other routes like /query will be queried too.
Anybody has an idea on how this can be solved?
My idea was to have two services like this:
- "traefik.http.routers.cms1.rule=Host(`cms.domain.tld`)"
- "traefik.http.routers.cms1.service=cms1"
- "traefik.http.services.cms1.loadbalancer.server.port=1337"
- "traefik.http.routers.cms1.tls.certresolver=le"
- "traefik.http.routers.cms1.entrypoints=websecure"
- "traefik.http.routers.cms-admin.service=cms-admin"
- "traefik.http.routers.cms-admin.rule=(Host(`admin.domain.tld`) && PathPrefix(`/admin`))"
- "traefik.http.services.cms-admin.loadbalancer.server.port=1337"
- "traefik.http.routers.cms-admin.tls.certresolver=le"
# - basic auth here
This approach however does not work, because admin.domain.tld/admin will make queries on admin.domain.tld/query which of course does not match any route.
Thank you for your help!