Ama*_*aus 1 traefik traefik-authentication
我正在尝试用密码保护应用程序的特定路径,但似乎我遗漏了一些东西,并且 traefik 文档没有帮助:
从 docker-compose 粘贴:
command:
- "--log.level=INFO"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=email@email.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme.json"
labels:
- "traefik.enable=true"
- "traefik.http.routers.service.middlewares=service"
- "traefik.http.routers.service.rule=Host(`domain.example.com`)"
- "traefik.http.middlewares.service.headers.stsSeconds=31536000"
- "traefik.http.middlewares.service.headers.forceSTSHeader=true"
- "traefik.http.middlewares.service.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.service.headers.stsPreload=true"
- "traefik.http.middlewares.service.headers.referrerPolicy=no-referrer"
- "traefik.http.middlewares.service.headers.browserXssFilter=true"
- "traefik.http.middlewares.service.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.routers.service.tls.certresolver=letsencrypt"
如果我添加以下标签,基本身份验证正在工作,但它在整个网站上启用:
“traefik.http.middlewares.service-auth.basicauth.usersfile=/etc/traefik/auth”
“traefik.http.routers.service.middlewares=服务,服务身份验证”
我尝试像这样添加第二个路由器,但这似乎不起作用:
“traefik.http.routers.service-admin.rule=Host( domain.example.com) && PathPrefix( /somepath)”
“traefik.http.middlewares.service-auth.basicauth.usersfile=/etc/traefik/auth”
“traefik.http.routers.service-admin.middlewares=service-auth”
我缺少什么?
我设法通过一些“有根据的”猜测来解决这个问题。标签的顺序和标签之间的间距似乎起着至关重要的作用。添加第二个路由器(没有服务)确实是实现此目的的正确方法,但分离路由器和中间件代码块很重要:
- "traefik.enable=true"
- "traefik.http.routers.service.rule=Host(`example.example.com`)"
- "traefik.http.routers.service-admin.rule=Host(`example.example.com`) && PathPrefix(`/somepath`)"
- "traefik.http.routers.service.tls.certresolver=letsencrypt"
- "traefik.http.routers.service-admin.tls.certresolver=letsencrypt"
- "traefik.http.routers.service.middlewares=service"
- "traefik.http.routers.service-admin.middlewares=service-admin"
- "traefik.http.middlewares.service.headers.stsSeconds=31536000"
- "traefik.http.middlewares.service.headers.forceSTSHeader=true"
- "traefik.http.middlewares.service.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.service.headers.stsPreload=true"
- "traefik.http.middlewares.service.headers.referrerPolicy=no-referrer"
- "traefik.http.middlewares.service.headers.browserXssFilter=true"
- "traefik.http.middlewares.service.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.service-admin.basicauth.usersfile=/etc/traefik/auth"
注意:使用的traefik版本是2.2.1
| 归档时间: |
|
| 查看次数: |
4770 次 |
| 最近记录: |