Overview# This is a note on how to operate multiple HTTPS-enabled containers with Traefik.
https://github.com/traefik/traefik
Background# Previously, I was using jwilder/nginx-proxy and jrcs/letsencrypt-nginx-proxy-companion with the following configuration.
Proxy# v # s n e e o e r p r n l l c h v d t d s r v g e u e t h h w e i o i i i c p l r t i c d - - - m r m o p o f e o x c n m o o o a e s m o e o e t l s a r a x n y e x a n r - - l - - - b - s e a n p " l c v h s s : t r k u t n : s - g t t u e t n g t e n u e h t v : : : a s l e a : p e a s " " m h d v c / l " a c e a n g m r o m a m : t r m ' r : i : 8 4 e t h h e s s c r r : i d i e t s l r : : n e 3 o n 0 4 s m p o r a r : o t y n s n s s t : a : ' x j e : 3 : l a s t r m : p j e _ x : : : r l y w r 8 : : r t s / / . t r r o - / u u : c : i _ 0 4 / a : : r d g a : c _ n p e e s n o l n " 4 u m / / u o i l s n : r t t r m d a 3 s : e e n c t w / a o c c d m e m " r t t / k h a l m x / s o o r e e c c d e u y e e y n n h c n / : s t / / o r b s t : " g g a k _ n h c n n c / . s i i r e l g n a / g g k n j e n n n e r i i g r n i i e g r n g x x . n n i e g n n r i c c i / n s k x n / i x x . n s r n c v g o - x n n / s x . y x e h i c p - g x c o - l p - r o n k r p i / h e c p e t p t s x : o r n d o r k r t - r s t / x o x h s t : s n o : . h v y x / p t s x e g x r d t a y h a . : t y n i y w m r t r d r m - c n - l / m a o p w r x l r l m / i y - e u d t p p t n o h t r s / c - _ o - d k e n x e o e n g y n c r c i - c k . r n c r e s y x o y r o p _ m p . c t p p t s k / r a o : l o n c r o x i k o g y o : : _ n r / c o v o a m r p / a l n o i g o / n n . g n i g n i x n x _ p r o x y " Container# Below is a Django example.
v s n e e e r r n d t d s v g n w e i i i i p d e s b c t w o f e o c n m o o e n : u o o t o r a x n e x a r - l p - v V L L i c d l - n y r k u t n : s : g t u e i I E E l o o u t : k s l e a : e s " m n d r R T T d n c m " a i : t r m " : : 1 e d n o T S S : t k e . i t n : n e 3 8 s d . s s n U E E e e s . n r g a : " n 0 : e h _ m A N N x r : / e u _ l g 0 f t o e L C C t f w r e d : c i 1 a p n n _ R R : i e _ i o n : u a : t H Y Y l b n r m x 8 l s : O P P e : a : m : 0 t s S T T : / m o l " . w T _ _ m e " n a c d : H E y : / _ t o : O M / s m l e n / d S A d i d y i s f e j T I o t n s n t : t a : L c e s i k / c n : k " t e / g d e e t n o j x r " c g . a x / / i y n x D n n y g o g x y o c i / . . k n . z y e x h z y r / t z y f c p . i o a z l n s z e f s z . w d d / d e f a u l t . c o n f For adding Basic Authentication, I was using nginx:latest in addition to Django.
!
The following library might have been an easier approach.
https://pypi.org/project/wsgi-basic-auth/
Using Traefik# With Traefik, the configuration changed to the following.
Proxy# s n e e r t t t v r w r i a i c r p n e l o a e c e m o e o e n a o r e x e f a n s r - - t - v T b t t t t t t l k f t s i g t t t w i Z e r r r r r r u s i e : k e a a s 4 8 o t r : l a a a a a a m : k r : : i r : 4 0 r r o s e e e e e e e v / - n n t 3 : k a n A : f f f f f f s a l t n a t e : : 8 s e m s i i i i i i : r e r e l r r 4 0 : f e i k k k k k k / t a t : a _ a 4 i n a . . . . . . r s e w e n l 3 k t / e h h h h h u e f o t f a w - : T n t t t t t n n i r r i m a n o a t t t t t / c k k u k e y e k b p p p p p d r . : e : : s t y l . . . . . o y y l w o e r r r r m c p m a t o : o o o o i k t l t r r u u u u d e : : e a k t t t t t d r / s e r e e e e l . l e t f u r r r r e s e t i e s s s s w o t c k . . . . a c s / d d d d r k e t a a a a e : n r s s s s s / c a h h h h . v r e b b b b a a y f o o o o u r p i a a a a t / t k r r r r h r / d d d d . u t . . . . b n r r e t m a / a u n l i s d e l t s d i o f e r . d c c i : y c l a k k p e e u e . H o r w t r y o i t a h . m s n r r . s l t t e e u o : ( s s s s c r ` : o : e k o p l r : r w v a s r o e e u : o x b r t y s : h x . e x y c m x y u y x y r r x . e e x z s x z o x z l x ` v ) e r l e a p c o n p r e g # t w w i d o d r m : r e e : a v o t y l y b a h b a s i c e i r a e P : d t s d h d k x f e c v o d t r e d b e e p i s m e s c # h e i r p e c r o r r o c o e m t a t l n e : d e u e a s : s a l : a o S c t e : t s i n r s r : e t v i r e a p n s s r t t s p e s d d e e l a r S C t D : : e r o c e : : : B s r : g v e h r E c y : h r y R : e e r a y B : t P e m : t D e a : r v l P U 8 i o w m a 4 r e s a : e l o G 0 o i e a n 4 u f o a / r e i n n b : e 3 e a l @ a h : n n s t s n u v b c t g t : : e h t l e b m t h e : c t : t r b e p t : u t : s . s t w r p t : j : p e e s r f s s b u a / : e l n a / s c / e m a e c - m v e 0 - 2 s . t a a p g i i . n l g e - t v s 0 e 2 n . c a r p y i p . t l . e o t r s g e / n d c i r r y e p c t t . o o r r y g / d i r e c t o r y Container# Traefik middleware is used to implement Basic Authentication.
s n e e r d t t v n w r i s b p c t w n r l o a e c : u o o o t o e e a r e x e i c d l - r - n y r t - s b t t t t t t k f t s l o o u t t : k w t e r r r r r r s i e : d n c m " s " a i o t a l a a a a a a : k r : t k e . : 1 i t n r r r s e e e e e e - n e e s . 8 n r g k a t : f f f f f f n a x r : / 0 e u _ s e : i i i i i i e l t f w 0 r e d : f k k k k k k t : : i e 1 _ i i a . . . . . . w l b : n r k l e h h h h h o t e : 8 a : - w n t t t t t r r : / 0 m n a a t t t t t k u m 0 e " e y b p p p p p : e y 0 : / t s l . . . . . / s " m w e r r r r m d i d y o : o o o o i o t n s r u u u u d c e s i k t t t t t d k " t r e e e e l e e u r r r r e r " e s s s s w / . . . . a D d d d d r o n n n n e c s s s s s k . . . . . e r e t m d r u n l i n f l t s d s i e r . d . l : y c l b e p e e a H o r w s o i t a i s n r r c t t e e a ( s s s u ` : o : t d l h j w v d . a e e n u n b r s s g s : e o e r . c m s y u y : y r r y e e x . s x z o x z l x z v x ` e x ) r x x x By creating this configuration for each container, you can operate multiple containers in a similar environment.
Summary# There may be misunderstandings or insufficient considerations, but I hope this is helpful as a method for operating multiple HTTPS-enabled containers (with Basic Authentication).