Unifi Controller 7 behind Traefik 2.7

I have worked through a lot of google stuff and can not get Traefik to work nicely with Unifi and have come to the conclusion most examples are Unifi 5 and Traefik 2.2 or earlier.

The problem appears to be around the auth login

The routing works, but firstly the browser throws up a basic auth login box (that does not work) and a few cancels gets to the Unifi login, but then that throws some 401 errors i can see in the browser debug and a "Login error There was an error making that request. Please try again later." from Unifi

      insecureSkipVerify: true
      rule: Host(`network.xyz.com`)
      entrypoints: websecure
      service: unifi-svc
      tls: true
        - unifiHeaders #attempts to fix but makes not difference
        serversTransport: httpsSelfcert
        passHostHeader: true
          - url: ""
          X-Forwarded-Proto: https, wss
          Authorization: "" # Removes

I assume your Unify application checks user/pass and that your browser sends the user/pass with an Authorization header to Traefik after you entered it. But you remove the header with the middleware, so your application probably never sees user/pass to verify.

          X-Forwarded-Proto: https, wss
          Authorization: "" # Removes

Was only attempted based on a web example. Which I think is supposed to show the unifi login page rather than the basic auth popup.

Either way, the popup comes, does not work, then get the web page login which also does not work.

I think you need to get your requirements straight. Do you need standard "401" browser authentication or does your application have a standard form login page? We don't know your software, we can't help without the details. Use a working version of your application and check with the browser developer tools the ongoing network traffic during login.

To explain, this is not "my" app, it is Unifi as in Ubiquity's networking controller and it has been done before and was hoping for someone to say.

I was trying this (no longer works)

But no matter now. Nginx via NginxProxyManager sorted it and irony was it was simpler than Traefik in the end, maybe no middleware and all that, but wasnt really needed for this.