Closed ataridude closed 2 years ago
Hmm... that's little odd.
I don't think traefik.http.middlewares.fwd_proto...
is actually needed, depends on other settings on your system, of course.
I also run Sshwifty via Traefik in my local network too, and I managed to get the HTTP Auth to work by adding following lines (more info) into my docker-compose.yaml
:
- "traefik.http.middlewares.sshwifty-auth.digestauth.users=test:traefik:7f9b3ba8833e0b546e17284e6c767631"
- "traefik.http.routers.<NameOfTheServiceDeclaredInTheDockerCompose>.middlewares=sshwifty-auth"
The digest was generated via htdigest -c passwordfile traefik test && cat passwordfile && rm passwordfile
, and the cleartext password is 123
.
The complete docker-compose.yaml
:
version: "3.8"
services:
web:
image: niruix/sshwifty:latest
networks:
- traefik-public
deploy:
replicas: 2
placement:
max_replicas_per_node: 1
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`<LocalServiceDomain>.svc.lan`,`<AnotherDomain>`)"
- "traefik.http.routers.web.entrypoints=web,websecure"
- "traefik.http.services.web.loadbalancer.server.port=8182"
- "traefik.http.services.web.loadbalancer.server.scheme=http"
- "traefik.docker.network=traefik-public"
- "traefik.http.middlewares.sshwifty-auth.digestauth.users=test:traefik:7f9b3ba8833e0b546e17284e6c767631"
- "traefik.http.routers.web.middlewares=sshwifty-auth"
networks:
traefik-public:
external: true
You can take look the log of the Traefik container to see if there is anything wrong.
Thanks, I get it working using your entire compose file too (changing the docker network and entrypoints to match my environment) -- I'll look at the diffs between yours & mine and get it sorted. Simply applying those 2 lines (the digestauth and middleware lines) to my config does not work for some reason.
A friend pointed me sshwifty, and I have been trying to get it installed on my system, behind Traefik, with authentication. I have it working behind Traefik, but I also want access to it controlled by a username & password. I have tried Traefik's basic auth and digest auth, and I have the same issue with both: it has a problem with websockets (it reports error 1006).
This is only a problem when I try to use auth -- when I skip the Traefik auth, sshwifty works just fine.
My functioning docker compose file is attached, and the commented lines are the ones that cause a problem. Specifically it is the sshwifty-secure middleware that causes a problem; the fwd_proto middleware was one of my attempts at working around this issue, based on some howtos I found online.
I don't know if this is an issue with Traefik, sshwifty, or the configuration I have set here. I would appreciate any guidance here to getting this working.
docker-compose-sshwifty.txt
Hmm, I see that the docker compose file is only downloadable here, not viewable, so I have edited to add it here: