I found this post while looking for the same answer, a working basic auth config for nginxinc ingress, using nginx.org. Most everything I found was for Kubernetes nginx ingress, using nginx.ingress.kubernetes.io and that wasn't what I was looking for. This is what I found, specifically for nginxinc and worked for me, hopefully someone else can benefit from it.
Create a secret to hold the username and password
install the htpasswd tool
on Centos
$ sudo yum install httpd-tools
on Debian
$ sudo apt install apache2-utils
generate a new htpasswd file
$ htpasswd -c <filename> <username>
$ htpasswd -c auth foo
New password:
Re-type new password:
Create a yaml file to add a kubernetes secret
$ vi kube_auth_secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: basic-auth
type: nginx.org/htpasswd
stringData:
htpasswd: <copy the contents of the htpasswd file here>
example
htpasswd: foo:$apr1$T6zUs/pB$xvCvBUfMvvIk8r12lZz9C0
apply the yaml file to Kubernetes
apply to the default namespace
$ kubectl apply -f kube_auth_secret.yaml
or specify the namespace
$ kubectl apply -f kube_auth_secret.yaml -n <namespace>
create a yaml file to add a kubernetes ingress
$ vi kube_ingress.yaml
apiVersion:networking.k8s.io/v1
kind: Ingress
metadata:
name: cafe-ingress
annotations:
nginx.org/basic-auth-realm: Authentication Required (optional)
nginx.org/basic-auth-secret: basic-auth (required - this is the name of the secret)
spec:
ingressClassName: nginx
rules:
- host: web.mydomain.com
http:
paths:
- path: /
backend:
serviceName: web
servicePort: 80
apply the yaml file to Kubernetes
apply to the default namespace
$ kubectl apply -f kube_ingress.yaml
or specify the namespace
$ kubectl apply -f kube_ingress.yaml -n <namespace>
Couple of things...
My Version of kubectl: v4.5.7
My Version of Kubernetes: AWS EKS 1.25
The ingress and secret need to be in the same namespace.
The nginx-ingress namespace needs a service account with access to the secret via a role with access to secrets.
