Closed sowinski closed 10 months ago
basicauth
doesn't support single-line syntax with a username/password on the same line as the directives, you need to use a block instead. So do caddy.basicauth.mylogin: <password>
great this works! But my password is not accepted. Is the way how I created the password correct?
But how can I just protect a specific folder or several folders like /admin/ and /cms/
Use the user/pass example here to confirm https://caddyserver.com/docs/caddyfile/directives/basicauth#examples, if that works then the problem isn't with how you're setting up the config but rather with the password you generated.
Simple path matching:
caddy.basicauth: /admin/*
caddy.basicauth.mylogin: <password>
But if you need to match multiple paths you'll need to use a named matcher. See the README for examples.
My docker-compose line looks like that:
caddy.basicauth.Bob: "$2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG"
But I can not login with
user: Bob
pw: hiccup
Do I have to restart caddy or do something else?
I just restart my docker compose every time I change a line?
EDIT: Escaping is necessary $ => $$ and just canceling was not enough. I use docker compose stop and down and then up and it worked.
What would be the correct way to reload the labels?
up -d
should be enough to make Docker Compose recognize the labels changed and recreate the relevant containers. You shouldn't need to down
.
Hi,
I googled and was not able to setup basic auth with labels.
This is how i created the hash:
This is my label section. It is important to escape $ with $$ otherwise it will interpret the values as a variable.
Unfortunately this is not working. Caddy log is saying:
caddy-caddy-1 | {"level":"info","ts":1701242346.0044415,"logger":"docker-proxy","msg":"Process Caddyfile","logs":"[ERROR] Removing invalid block: parsing caddyfile tokens for 'basicauth': unrecognized hash algorithm: mylogin, at Caddyfile:2\nwww.example.com {\n\tbasicauth / mylogin $2a$14$a1uIxM6xLMepH44EMy0zDOCtuKmxTMWHL2R7r5aiLYqOvmriYawUK\n\treverse_proxy :8000\n}\n\n"}
What I am doing wrong?