So I am trying to add basic auth to an applications, but only for /admin/ and /admin/.*.
I am using docker(-compose) with traefik labels. So far I have the fallowing:
labels:
- traefik.enable=true
- traefik.port=8080
- traefik.docker.network=proxy
- traefik.app_admin.frontend.rule=Host:app.test;Path:/admin
- traefik.app_admin.frontend.auth.basic=dev:password
- traefik.app_frontend.frontend.rule=Host:app.test
What I want to achieve (and what I expected from the above):
An (un)authenticated user should be able to visit app.test. When the user navigates to app.test/admin, app.test/admin/, app.test/admin/#/ or app.test/admin/not/existing/path. It should prompt(require) the basic auth creds.
I am not sure if am using the correct rules. It a little confusing (there is Path, PathPrefix and these can be used with or without * prefix).
The one thing that I didn't expected is going to a non-existing path like app.test/admin/foobar/ returns a 404-code instead of a prompting for credentials first.
Also is there a way to combine the labels and also require basic auth for all requests containing (starting with) app.test/api/.
edit:
I got it working with:
- traefik.app_admin.frontend.rule=Host:app.test;PathPrefix:/admin
- traefik.app_admin.frontend.auth.basic=dev:$$2y$$05$$3Zmx7gYh6mBIIm8O9HTR2uDkoYoRbTMfZpKup5NhmioKrU1YKgmqC
- traefik.app_api.frontend.rule=Host:app.test;PathPrefix:/api
- traefik.app_api.frontend.auth.basic=dev:$$2y$$05$$3Zmx7gYh6mBIIm8O9HTR2uDkoYoRbTMfZpKup5NhmioKrU1YKgmqC
- traefik.app_frontend.frontend.rule=Host:app.test
(username: dev with password: password)
Still wondering if there is a more compact way of doing this. I might just use traefik.toml instead.
