Problem configuring htpasswd on traefik via docker-compose

Hello all,

I'm new and just learning to use traefik.

Here's my docker-compose I'm currently using and it works fine via the url http://192.168.100.1:8080, and when I access this link, I'm redirected to http://192.168.100.1:8080/dashbord/#/ to get the dashbord:

services:
  traefik:
    image: "traefik:v2.11"
    container_name: "traefik"
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"                # Ajout de l'entrypoint HTTP
      - "--entrypoints.websecure.address=:443"         # EntryPoint HTTPS pour SSL
      - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.letsencryptresolver.acme.email=auget@gmail.com"
      - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure" # Redirection HTTP vers HTTPS
      - "--entrypoints.web.http.redirections.entryPoint.scheme=https" # Schéma HTTPS pour la redirection
    ports:
      - "80:80"         # Expose le port HTTP pour redirection vers HTTPS
      - "443:443"       # Expose le port HTTPS pour SSL
      - "8080:8080"     # Port pour l'API Traefik
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./letsencrypt:/letsencrypt"
    networks:
      - traefik-net

networks:
  traefik-net:
    external: true

But as my dashboard is too accessible without security, I want to secure it with .htpasswd via this docker-compose file. But now, my dashboard isn't accessible via http://192.168.100.1:8080

services:
  traefik:
    image: traefik:v3.1
    container_name: "traefik-labs"
    command:
      - "--api.insecure=false"
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--log.level=DEBUG"
      - "--log.filepath=/var/log/traefik.log"
      - "--accesslog=true"
      - "--accesslog.filepath=/var/log/traefik-access.log"
      - "--providers.docker.network=traefik-net"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.letsencryptresolver.acme.email=auget@gmail.com"
      - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
      #- "--entryPoints.traefik.address=:8080"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./letsencrypt:/letsencrypt"
      - "./.htpasswd:/etc/traefik/.htpasswd"
    networks:
      - traefik-net
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.dashboard.rule=PathPrefix(`/`)"
      - "traefik.http.routers.dashboard.service=dashboard@internal"
      - "traefik.http.routers.dashboard.middlewares=secure-dashboard"
      - "traefik.http.middlewares.secure-dashboard.basicauth.usersfile=/etc/traefik/.htpasswd"

networks:
  traefik-net:
    external: true

Thank you in advance for your help.

Read the doc and check simple Traefik example.

Thank you @bluepuma77 ,

After a few adjustments following the docs you suggested, it's working properly.

services:
  traefik:
    image: traefik:v3.1
    container_name: "traefik-labs"
    command:
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--log.level=DEBUG"
      - "--log.filepath=/var/log/traefik.log"
      - "--accesslog=true"
      - "--accesslog.filepath=/var/log/traefik-access.log"
      - "--providers.docker.network=traefik-net"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entryPoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.websecure.asDefault=true"
      - "--entrypoints.websecure.http.tls.certresolver=letsencryptresolver"
      - "--certificatesresolvers.letsencryptresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.letsencryptresolver.acme.email=auget@gmail.com"
      - "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./letsencrypt:/letsencrypt"
      - "./.htpasswd:/etc/traefik/.htpasswd"
    networks:
      - traefik-net
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.dashboard.rule=Host(`traefik.example.com`)"
      - "traefik.http.routers.dashboard.service=api@internal"
      - "traefik.http.routers.dashboard.tls=true"
      - "traefik.http.routers.dashboard.tls.certresolver=letsencryptresolver"
      - "traefik.http.routers.dashboard.middlewares=secure-dashboard"
      - "traefik.http.middlewares.secure-dashboard.basicauth.usersfile=/etc/traefik/.htpasswd"

networks:
  traefik-net:
    external: true

I'll keep this post open until tomorrow morning, in case you have any comments.

You could set the certResolver globally on entrypoint.

And you don’t need tls=true if you set tls.certresolver=