[Bug]: Traefik basic auth credentials are not set

[bafonins]

Description

Similar to https://github.com/coollabsio/coolify/issues/2069

When using traefik.http.middlewares.<changeme>.basicauth.users traefik label credentials are set properly.

Minimal Reproduction (if possible, example repository)

1. Deploy custom docker compose resource via Coolify
2. Set traefik.http.middlewares.custom-auth3.basicauth.users=test:$2y$05$OpnNJgwdtK/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m label for one of the services (Note: credentials taken from https://github.com/coollabsio/coolify-examples/blob/main/docker-compose-test/docker-compose.yaml, issue comment)
3. Deploy the resource
4. Observe warning in the logs: level=warning msg="The \"OpnNJgwdtK\" variable is not set. Defaulting to a blank string."
5. Run docker inspect [container-id] on the service and observe "traefik.http.middlewares.custom-auth3.basicauth.users": "test:$2y$05/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m"

Note: single quotes or double quotes with escapes for special characters do not solve the issue (https://github.com/coollabsio/coolify/issues/2032#issuecomment-2093833185), i.e.

    labels:
      - traefik.http.middlewares.custom-auth3.basicauth.users=test:$2y$05$OpnNJgwdtK/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m
    labels:
      - 'traefik.http.middlewares.custom-auth3.basicauth.users=test:$2y$05$OpnNJgwdtK/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m'
    labels:
      - traefik.http.middlewares.custom-auth3.basicauth.users=test:\\$2y\\$05\\$OpnNJgwdtK/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m
    labels:
      - "traefik.http.middlewares.custom-auth3.basicauth.users=test:\\$2y\\$05\\$OpnNJgwdtK/PLkP.JL7Rzeikv2PB2skTZC1B3x15Zka.Vevo5ux6m"

However, there are cases when credentials are set as expected without any errors, for example:

htpasswd -nbB test changeme
test:$2y$05$.wdIGOOQBRnO9YzB2pphCeSfKmjWaNvVWuohuEEULoowzdiq7pdJ.

Or other variants of hashed passwords (when $ is followed by a digit) produce no errors and basic auth works properly

Exception or Error

No response

Version

v4.0.0-beta.335

Cloud?

• [ ] Yes
• [X] No

[MinskLeo]

I have the same issue, after updating today to v4.0.0-beta.341 issue remains.

[MinskLeo]

@bafonins While we are waiting for some fix or investigation there is a crazy bash script for generating "working" credentials. You are right, only credentials with $ followed by digit are working. Hope it help you to make it easier for now.

P.S. Thanks to ChatGPT for helping with bash scripting.

nano generate_creds.sh

#!/bin/bash

# Define login and password
LOGIN="test"
PASSWORD="test"

echo "Starting the generation process..."

# Initialize iteration counter
COUNTER=1

# Main loop without delays
while true; do
    echo "Iteration $COUNTER: Generating htpasswd entry..."

    # Generate htpasswd entry
    OUTPUT=$(htpasswd -nbB "$LOGIN" "$PASSWORD")

    # Extract the encrypted password
    ENCRYPTED_PASSWORD=$(echo "$OUTPUT" | cut -d':' -f2)
    echo "Encrypted password: $ENCRYPTED_PASSWORD"

    # Check if the part after '$2y$05$' starts with a digit
    AFTER_PREFIX=$(echo "$ENCRYPTED_PASSWORD" | sed 's/^\$2y\$05\$//')
    FIRST_CHAR=${AFTER_PREFIX:0:1}
    echo "First character after '\$2y\$05\$': $FIRST_CHAR"

    # Verify if this character is a digit
    if [[ "$FIRST_CHAR" =~ [0-9] ]]; then
        echo "Suitable hash found!"
        echo "Result: $OUTPUT"
        break
    else
        echo "First character is not a digit, continuing..."
    fi

    # Increment iteration counter
    COUNTER=$((COUNTER + 1))
done

Don't forget to make file executable.

chmod +x generate_creds.sh