Can't get basic auth to work with dashboard

Traefik Traefik v2 (latest)
, ,
1

Attempting to setup basic auth with traffic, using yml files with the following setup.

middlewares.yml - basic auth middleware only

http:
  middlewares:
    basic-auth:
      basicAuth:
        usersFile: /shared/.htpasswd

traefik.yml - Traefik configs only focused on api and dashboard functionality

api:
  dashboard: true

entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
  traefik:
    address: ":8080"

global:
  checknewversion: true
  # sendanonymoususage: true

log:
  level: DEBUG
  # filepath: /traefik.event.log
  format: json

accesslog:
  filepath: /traefik.access.log
  format: json
  bufferingsize: 100
  filters:
    statusCodes: 400-599

providers:
  docker:
    exposedByDefault: false
    swarmMode: false
  file:
    watch: true
    directory: "/rules"

app-dashboard.yml - file providing router setup for API and dashboard

http:
  routers:
    traefik:
      entryPoints: web
      rule: "Host(`traefik.docker.localhost`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      service: api@internal
      middlewares:
        - basic-auth@file

Docker-compose.yml file putting it all together and firing things up

version: "3.8"

networks: 
  t2_proxy:
    external: true
  default:
    driver: bridge

services:

  reverse-proxy:
      # The official v2.0 Traefik docker image
      image: traefik:latest
      container_name: traefik
      # Enables the web UI and tells Traefik to listen to docker
      ports:
        # The HTTP port
        - target: 80
          published: 80
          protocol: tcp
          mode: host
        # The Web UI (enabled by --api.insecure=true)
        - target: 8080
          published: 8080
          protocol: tcp
          mode: host
        - target: 443
          published: 443
          protocol: tcp
          mode: host
      volumes:
        # So that Traefik can listen to the Docker events
        - /var/run/docker.sock:/var/run/docker.sock:ro
        - ${docker_dir}\traefik\rules:/rules
        - ${docker_dir}\traefik\traefik.yml:/traefik.yml:ro
        - ${docker_dir}\traefik\traefik.access.log:/traefik.access.log
        - ${docker_dir}\shared\.htpasswd:/shared/.htpasswd
      networks:
        - t2_proxy

ultimately this setup leads me to 404 errors no matter what I try to get to
traefik.docker.localhost
traefik.docker.localhost/dashbaord
traefik.docker.localhost/api/rawdata
traefik.docker.localhost:8080/dashboard
traefik.docker.localhost:8080/api/rawdata

2

The configuration does not hit the router, that's why you got 404.

  1. Seems that you have to enable Insecure mode for the dashboard as it is described here:

https://doc.traefik.io/traefik/operations/dashboard/#insecure-mode

You mentioned that in the comment, however, I can't find it in your config files.

  1. Don't forget that trailing slash is mandatory: /, /dashboard/ when you are accessing the dashboard.

  2. The correct example you can find on that repo:

3

Ok the following setup still getting 404

compose file

reverse-proxy:
    # The official v2.0 Traefik docker image
    image: traefik:latest
    container_name: traefik
    # Enables the web UI and tells Traefik to listen to docker
    ports:
      # The HTTP port
      # - target: 80
      #   published: 80
      #   protocol: tcp
      #   mode: host
      # The Web UI (enabled by --api.insecure=true)
      - target: 8080
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${docker_dir}\traefik2\rules:/rules
      - ${docker_dir}\traefik2\acme\acme.json:/acme/acme.json
      - ${docker_dir}\traefik2\traefik.yml:/traefik.yml:ro
      - ${docker_dir}\traefik2\traefik.access.log:/traefik.access.log
      - ${docker_dir}\traefik2\traefik.event.log:/traefik.event.log
      - ${docker_dir}\shared\.htpasswd:/shared/.htpasswd
    networks:
      - t2_proy
    environment: 
      - CF_API_EMAIL_FILE=/run/secrets/cloudflare_email
      - CF_API_KEY_FILE=/run/secrets/cloudflare_api_key
      - CF_DNS_API_TOKEN_FILE=/run/secrets/cloudflare_dns_api_key
    secrets:
      - cloudflare_email
      - cloudflare_api_key
      - cloudflare_dns_api_key

traefik config file

api:
  dashboard: true
  # insecure: true
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"
    forwardedheaders:
      trustedIPs:
        - 173.245.48.0/20
        - 103.21.244.0/22
        - 103.22.200.0/22
        - 103.31.4.0/22
        - 141.101.64.0/18
        - 108.162.192.0/18
        - 190.93.240.0/20
        - 188.114.96.0/20
        - 197.234.240.0/22
        - 198.41.128.0/17
        - 162.158.0.0/15
        - 104.16.0.0/12
        - 172.64.0.0/13
        - 131.0.72.0/22
    http:
      middlewares:
        - chain-basic-auth
      tls:
        certResolver: cloudflare-resolver
        domains:
          - main: smrtrock.com
            sans:
              - "*.smrtrock.com"
  traefik:
    address: ":8080"
global:
  checknewversion: true
  # sendanonymoususage: true
log:
  level: DEBUG
  # filepath: /traefik.event.log
  format: json
accesslog:
  filepath: /traefik.access.log
  format: json
  bufferingsize: 100
  filters:
    statusCodes: 400-599
providers:
  docker:
    exposedByDefault: false
    swarmMode: false
  file:
    watch: true
    directory: "/rules"

# serversTransport:
#   insecureSkipVerify: true

dashboard rule

http:
  routers:
    traefik:
      entryPoints: web
      rule: dashboard.127.0.0.1.nip.io`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" # "Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      service: api@internal
      middlewares:
        - chain-basic-auth
      tls:
        domains:
          - main: "example.com"
            sans:
              - "*.example.com"