I want to build a private webdav server behind traefik with authentication.
Here is the docker-compose.yml file:
version: '3.7'
services:
reverse-proxy:
image: traefik:v2.2
command: --api.insecure=true --providers.docker
labels:
- "traefik.http.middlewares.test-auth.digestauth.users=${AUTHUSER}"
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
webdav:
image: mwader/webdav
labels:
- "traefik.http.routers.webdav.rule=Host(`localhost`)||Host(`mydomain`)"
volumes:
- /data:/webdav
After "# docker-compose up -d", webdav is working, but without any authentication, which should be digest auth. Now anyone knows the domain can access my files. That's not acceptable. So is there any where I did wrong? How can I get it right? Thanks!
It is not enough to define the middleware, you must use it with routers. Try to use this stack
version: '3.7'
services:
reverse-proxy:
image: traefik:v2.2
command: --api.insecure=true --providers.docker
labels:
- "traefik.http.middlewares.test-auth.digestauth.users=${AUTHUSER}"
ports:
- "80:80"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
webdav:
image: mwader/webdav
labels:
- "traefik.http.routers.webdav.rule=Host(`localhost`)||Host(`mydomain`)"
- "traefik.http.routers.webdav.middlewares=test-auth"
volumes:
- /data:/webdav
More information, details, and examples can be found in this article