Using basic auth with docker

Help
1

1. Caddy version (caddy version): v2.3.0

2. How I run Caddy:

a. System environment:

Ubuntu 20.04 LTS x64
Intel Xeon 2 GHz
Docker version 19.03.8, build afacb8b7f0
docker-compose version 1.26.2, build eefe0d31

b. Command:

export CADDY_DATA_DIR=/var/containerdata/caddy
export CDN_DATA_DIR=/var/containerdata/cdn
docker-compose up -d

c. docker-compose file:

---
version: "3.8"

services:
  caddy:
    image: "lucaslorentz/caddy-docker-proxy:2.3.4-alpine"
    deploy:
      replicas: 1
      placement:
        constraints: [node.role == manager]
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "$CADDY_DATA_DIR:/logs"
      - "$CDN_DATA_DIR:/var/www/cdn"
      - "./Caddyfile:/etc/caddy/Caddyfile"
    networks:
      - my-network

  whoami:
    image: "containous/whoami"
    deploy:
      replicas: 1
      placement:
        constraints: [node.role == manager]
      labels:
        caddy: mydomain.com
        caddy.reverse_proxy: "{{upstreams 80}}"
    networks:
      - my-network

networks:
  my-network:
    external: true
    name: my-network

d. My complete Caddyfile or JSON config:

cdn.mydomain.com{
  root * /var/www/cdn
  file_server browse
}

mydomain.com{
  basicauth /* {
    admin JDJhJDE0JG5MRkxxVadfsfdskdFSk16elZDOFNTakZiRFZmNkN5V0lFTWFZZXlH
  }
}

3. The problem I’m having:

The docker services are accessible from the internet. I conclude that only the service labels seem required, no further action in the Caddyfile.
But there are very few tutorials or docs around how to combine some features, middleware etc.
Precisely don’t know how to set up basic auth.

4. Error messages and/or full log output:

Nothing.

5. What I already tried:

I’ve also looked at some example from the custom docker github repo.

There are some labels at the last service. Where are those labels documented? I guess I have to do it there and not in the Caddyfile?

I’ve added the same host addresses from the docker services to the Caddyfile and hoped I could just add basicauth there. But I never had an auth prompt.

I’ve also tried to add a label to the docker service:

caddy.basicauth: "/* {admin JDJhJDE0JG5MRkxxVadfsfdskdFSk16elZDOFNTakZiRFZmNkN5V0lFTWFZZXlH}"

Which leads to the error (the generated Caddyfile looks perfectly valid in my opinion?!)

 Removing invalid block: parsing caddyfile tokens for 'basicauth': Caddyfile:2 - Error during parsing: unrecognized hash algorithm: {admin
whoami.mydomain.com {
	basicauth /* {admin JDJhJDE0JG5MRkxxVadfsfdskdFSk16elZDOFNTakZiRFZmNkN5V0lFTWFZZXlHX}
	reverse_proxy
}

By the way:
I am trying to switch over from traefik v2 and it was said that caddy2 is great for docker. Are there docker examples? Is there some kind of dashboard as in traefik?

6. Links to relevant resources:

2

Whitespace is significant in the Caddyfile, so you can’t have braces like that. For blocks in the Caddyfile, there must be a newline.

But since you’re configuring via labels, to put something inside of another directive (subdirectives), you use additional labels for each subdirective. It’s all explained in the README: GitHub - lucaslorentz/caddy-docker-proxy: Caddy as a reverse proxy for Docker

caddy.basicauth: "*"
caddy.basicauth.admin: "JDJhJDE0JG5MRkxxVadfsfdskdFSk16elZDOFNTakZiRFZmNkN5V0lFTWFZZXlH"
1 Like
3

This topic was automatically closed after 30 days. New replies are no longer allowed.