Hi all,
I was wondering if anyone whould have a solution for the following. I am new to Traefik and find the dashboard useful to show me what I am doing right/wrong.
However, I don't want to make it available to all so I put
- "user/password" authentication
- added mTLS.
Sadly, mTLS seems to be ignored and it goes streight to auth.
Bellow is an example of how I se it up.
---
version: "3.3"
services:
traefik:
image: "traefik:v2.6"
container_name: "traefik"
restart: unless-stopped
security_opt:
- no-new-privileges:true
labels:
- traefik.enable=true
- traefik.http.routers.traefik.rule=Host(`traefik.mydomain.io`)
- traefik.http.routers.traefik.entrypoints=websecure
- traefik.http.routers.traefik.tls.certresolver=production
- traefik.http.routers.traefik.tls.options=require-mtls@file
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.options=default
- traefik.http.routers.traefik.middlewares=auth@file
- traefik.http.routers.traefik.service=api@internal
- traefik.docker.network=traefik_proxy
ports:
- "443:443"
volumes:
- /root/docker/traefik/config:/etc/traefik
- /root/docker/traefik/certs:/certs:ro
- /root/docker/traefik/logs:/var/logs/traefik
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy
http:
routers:
dashboard:
rule: Host(`traefik.mydomain.io`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
service: api@internal
middlewares:
- auth
middlewares:
auth:
basicAuth:
users:
- "myuser:Myp4$$w0rd"
Would anyone know what it is that I am doing wrong? mTLS seems to work for other sites behind traefik but not Traefik itself.
Thanks for your advice.
Ed