BasicAuth with docker-compose not working as expected

Traefik Traefik v2
,
1

Howdy,

I'm not usually one to ask for help on forums like this, but I'm at wits' end. I have Traefik v2.4 running in a Docker container, managed with compose (see file contents below). Everything is working fine and seems to be configured correctly, except for the BasicAuth. I've tried hard-coding the value into the compose file itself, using environment variables, and using a mounted usersfile, all resulting in more frustration.

The thing that's specifically weird, is that certain configurations will change how it behaves. For instance, mounting a usersfile that contains a hash that does not have double (needed for docker-compose, etc), will result in the dashboard not prompting for credentials at all. The debug logs report that the authentication succeeded. Doing the inverse, meaning having a double hash in the usersfile, results in the dashboard prompting for credentials, but no values work.

Like I mentioned before, below is my latest docker-compose.yml, just in case there's something I'm screwing up. I very well may be missing something obvious here, it's pretty late. Regardless, I would appreciate any help. Thanks!

version: "3.9"

services:
    traefik:
        image: traefik:v2.4
        container_name: traefik
        command:
            - "--log.level=DEBUG"
            - "--providers.docker=true"
            - "--providers.docker.network=traefik"
            - "--api.dashboard=true"
            - "--entrypoints.web.address=:80"
            - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
            - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
            - "--entrypoints.websecure.address=:443"
            - "--certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_LE_EMAIL}"
            - "--certificatesresolvers.letsencrypt.acme.storage=${TRAEFIK_LE_STORAGE}"
            - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
            - "--certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=0"
        ports:
            - 80:80
            - 443:443
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - /srv/traefik:/etc/traefik
        labels:
            - "traefik.http.middlewares.auth.basicauth.usersfile=/etc/traefik/traefik.usersfile"
            - "traefik.http.middlewares.auth.basicauth.realm=hole"
            - "traefik.http.middlewares.auth.basicauth.removeheader=true"

            - "traefik.http.routers.dashboard.middlewares=auth@docker"
            - "traefik.http.routers.dashboard.rule=Host(`traefik.example.zone`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
            - "traefik.http.routers.dashboard.service=api@internal"
            - "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
        networks:
            - traefik
        env_file: cf.env
    whoami:
        image: traefik/whoami
        container_name: whoami
        networks:
            - traefik
        labels:
            - "traefik.enable=true"
            - "traefik.http.routers.whoami.rule=Host(`whoami.example.zone`)"
            - "traefik.http.routers.whoami.entrypoints=websecure"
            - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"

networks:
    traefik:
        external:
            name: traefik
2

After some sleep I've come back to it and realized it is working as expected, I was just encountering some browser weirdness. All is well now, false alarm

3

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.