我无法使用基本身份验证保护 Traefik v3 仪表板,这就是我尝试过的:
reverse-proxy:
# official v3 traefik docker image
image: traefik:v3.1
# enables web UI and tells traefik to listen to docker
security_opt:
- no-new-privileges:true
command: --api.insecure=true --providers.docker=true --providers.docker.exposedbydefault=false --entryPoints.web.address=:80
ports:
# HTTP port
- "80:80"
# The Web UI (enabled by --api.insecure=true)
- "8080:8080"
volumes:
# So that traefik can listen to the docker events
- /var/run/docker.sock:/var/run/docker.sock:ro
- /opt/traefik:/opt/traefik:ro
labels:
# This is my basic auth configration, that however shows no effect <==================
- "traefik.http.routers.reverse-proxy.middlewares=myauth-admin"
- "traefik.http.middlewares.myauth-admin.basicauth.usersfile=/opt/traefik/userfile_admin"
但是,在调用仪表板时,系统不会提示我输入任何身份验证详细信息,并且可以直接访问它。我做错了什么?
如果你使用
--api.insecure=true要将身份验证添加到 Traefik 仪表板,请使用:
services:
traefik:
image: traefik:v3.1
ports:
- 80:80
- 443:443
networks:
- proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- letsencrypt:/letsencrypt
command:
- --api.dashboard=true
- --log.level=INFO
- --accesslog=true
- --providers.docker.exposedByDefault=false
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entryPoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.asDefault=true
- --entrypoints.websecure.http.tls.certresolver=myresolver
- [email protected]
- --certificatesresolvers.myresolver.acme.tlschallenge=true
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
labels:
- traefik.enable=true
- traefik.http.routers.mydashboard.rule=Host(`traefik.example.com`)
- traefik.http.routers.mydashboard.service=api@internal
- traefik.http.routers.mydashboard.middlewares=myauth
- traefik.http.middlewares.myauth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/