Issue:
I've been unable to get basic auth working on an https endpoint with tls enabled using lets encrypt.
Env:
nomad, consul, traefik
I use nomad to set tags on services in consul. traefik is configured to use consul as its provider.
generally, the nomad/consul/traefik setup is working.
Steps to enable it:
$ htpasswd -nbB foo bar
foo:$2y$05$OcxnOQcjZv6JPrXbiOS8Be0bKfC9VhXgcy1GXBeeV1ZYcF8cS1SQe
Add these tags to my nomad job, which in turn, sets them in consul:
"traefik.http.middlewares.phonetrac-unicorn-basic-auth.basicauth.users=foo:$2y$05$dfDorG89qsB.bBv50UPDOuK5AhyPGQfeXSsDmkhb4bB/kqlIV6NLa",
"traefik.http.middlewares.phonetrac-unicorn-basic-auth.basicauth.removeheader=true",
"traefik.http.routers.phonetrac-unicorn.middlewares=phonetrac-unicorn-basic-auth@consulcatalog",
Then, make a browser-based request to our domain (which otherwise works). I am prompted, and the user 'foo' and password 'bar' do not let me through.
I have also tried:
- Escaping the
$above by replacing it with:$$. - Using a nearly identical config on a non-tls router. (This setup works for that router)
- Attempted to test it with curl:
curl -I https://foo:bar@my.domain/login-> 401 - Confirm the tags manifest themselves in consul correctly:
- Confirmed the router/middleware appears to be configured in traefik:
