Help with basic auth and json format

WILLIAM_HOEFLICH_WOI · January 8, 2024, 6:02pm

1. The problem I’m having:

I have a caddy json file formatted for multiple routes and I need to apply basic authentication on the /api route

2. Error messages and/or full log output:

I can’t find a tutorial to explain how to do this inside a JSON Caddy file

3. Caddy version:

v2.7.6

4. How I installed and ran Caddy:

a. System environment:

Docker

b. Command:

caddy run --config /etc/caddy/caddy.json

c. Service/unit/compose file:

d. My complete Caddy config:

{
  "admin": {
    "listen": ":2019"
  },
  "logging": {
    "logs": {
      "default": {
        "level": "INFO",
        "encoder": {
          "format": "console"
        }
      }
    }
  },
  "apps": {
    "tls": {
      "automation": {
        "policies": [{
          "issuers": [{
              "module": "acme",
              "challenges": {
                "dns": {
                  "provider": {
                    "name": "digitalocean",
                    "auth_token": "{env.DNS_PROVIDER_API_TOKEN}"
                  }
                }
              }
          }]
        }]
      }
    },
    "http": {
      "http_port": 5000,
      "https_port": 443,
      "servers": {
        "main": {
          "logs": {},
          "listen": [":5000", ":443"],
          "@id": "main_server",
          "automatic_https": {
            "disable": true,
            "disable_redirects": true
          },
          "routes": [
            {
              "@id": "client_hosts",
              "match": [{"host":["*.{env.CUSTOM_SUBDOMAIN}"]}],
              "handle": [{
                "@id": "clients",
                "handler": "subroute",
                "routes": [
                  {
                    "@id": "invalid_subdomain",
                    "match": [{"host":["*.{env.CUSTOM_SUBDOMAIN}"]}],
                    "handle": [{
                      "handler": "static_response",
                      "status_code": "404",
                      "body": "Invalid subdomain\n"
                    }]
                  }
                ]
              }]
            },
            {
              "@id": "root_host",
              "match": [{"host":["{env.CUSTOM_SUBDOMAIN}"]}],
              "handle": [{
                "handler": "subroute",
                "routes": [
                  {
                    "@id": "healthcheck",
                    "match": [{ "path": ["/healthcheck/"] }],
                    "handle": [{
                      "handler": "static_response",
                      "body": "OK\n"
                    }]
                  },
                  {
                    "@id": "api",
                    "match": [{
                      "path": ["/api/*"],
                      "remote_ip": {
                        "ranges": ["{env.API_CONSUMER_ORIGIN}"]
                      }
                    }],
                    "handle": [{
                      "handler": "subroute",
                      "routes": [
                        {
                          "@id": "api_strip_prefix",
                          "handle": [{
                            "handler": "rewrite",
                            "strip_path_prefix": "/api"
                          }]
                        },
                        {
                          "@id": "api_redirect",
                          "handle": [{
                            "handler": "reverse_proxy",
                            "upstreams": [{
                              "dial": "localhost:2019"
                            }]
                          }]
                        }
                      ]
                    }]
                  }

                ]
              }]
            }
          ]
        }
      }
    }
  }
}

5. Links to relevant resources:

https://caddyserver.com/docs/caddyfile/directives/basicauth

https://caddy.community/t/how-do-i-use-basic-auth-to-secure-api-endpoints/10373

francislavoie · January 8, 2024, 8:05pm

There’s no such thing as a “JSON Caddyfile”. There’s JSON config, and Caddyfile config. Separate things.

Anyway, I recommend writing a Caddyfile, then adapting it to JSON using the caddy adapt -p command. That’s the easiest way to learn to write JSON config.

system · February 7, 2024, 8:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.