SimpleAuth middleware doesnt take Password

Traefik Traefik v3 (latest)
1

Dear all,

iam trying to get cadvisor running behind traefiks in HTTPS. This does work so far. However, i need the access restricted with a password. This is what i got:

services:
  cadvisor:
     image: gcr.io/cadvisor/cadvisor
     restart: unless-stopped
     volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:ro
      - /sys:/sys:ro
      - /var/lib/docker/:/var/lib/docker:ro
      - /dev/disk/:/dev/disk:ro
     privileged: true
     devices:
      - "/dev/kmsg:/dev/kmsg"
     command: --url_base_prefix=/cadvisor
     environment:
      - CADVISOR_HEALTHCHECK_URL=http://localhost:8080/cadvisor/healthz
     labels:
      - traefik.enable=true
      - traefik.http.routers.cadvisor.rule=Host(`ca.my-domain.com`) && PathPrefix(`/cadvisor`)
      - traefik.http.routers.cadvisor.tls=true
      - traefik.http.routers.cadvisor.priority=20
      - traefik.http.routers.cadvisor.tls.certresolver=lets-encrypt
      - traefik.http.services.cadvisor.loadbalancer.server.port=8080
      - traefik.http.routers.cadvisor.middlewares=cad-auth
      - traefik.http.middlewares.cad-auth.basicauth.users='admin:$apr1$X.Ci9Dwh$xEeQTHB4ObXgZbBJedxNE1' #pw needs to be encrypted
networks:
  web:
    external: true

So running https://ca.my-domain.com/cadvisor opens a promt for user and PW. But it doest not take it. Iam not sure if there is any redirection missing?! Iam using the same PW for a dashboard
like so, which is working fine and shows me the page after successfull promting admin & pw.

http:
  middlewares:
    simpleAuth:
      basicAuth:
        users:
          - 'admin:$apr1$X.Ci9Dwh$xEeQTHB4ObXgZbBJedxNE1'
  routers:
    api:
      rule: Host(`dashboard.my-domain.com`)
      entrypoints:
        - websecure 
      middlewares:
        - simpleAuth
      service: api@internal
      tls:
        certResolver: lets-encrypt
2

Just forgot to add: I have also tried several things here:

- traefik.http.middlewares.cad-auth.basicauth.users=admin:$apr1$X.Ci9Dwh$xEeQTHB4ObXgZbBJedxNE1
- "traefik.http.middlewares.cad-auth.basicauth.users=admin:$apr1$X.Ci9Dwh$xEeQTHB4ObXgZbBJedxNE1"

none of these worked

Traefik logs shows this:

{"ClientAddr":"217.110.102.132:59323","ClientHost":"217.110.102.132","ClientPort":"59323","ClientUsername":"admin","DownstreamContentSize":17,"DownstreamStatus":401,"Duration":155497,"GzipRatio":0,"OriginContentSize":0,"OriginDuration":0,"OriginStatus":0,"Overhead":155497,"RequestAddr":"ca.my-domain.com","RequestContentSize":0,"RequestCount":11372,"RequestHost":"ca.my-domain.com","RequestMethod":"GET","RequestPath":"/cadvisor","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"cadvisor@docker","StartLocal":"2025-01-08T13:25:00.832629406Z","StartUTC":"2025-01-08T13:25:00.832629406Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2025-01-08T13:25:00Z"}
3

It's explained in the doc:

Note: when used in docker-compose.yml [labels], all dollar signs in the hash need to be doubled for escaping.

4

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.