I'm migrating an old API to Traefik 2 and I can't get forward auth to work. The configuration below is pretty much the equivalent of what we had with Traefik 1.7, but I keep getting "404 page not found" for everything unless I comment out the entry point middleware as well as the auth labels. The Traefik documentation doesn't seem to explain this in any more detail besides adding the middleware itself and some configuration options.
As I understand it this should do forward auth for the web and websecure entry points to the auth entry point and I assigned the /auth path on the auth entry point to our API container.
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http]
middlewares = ["auth"]
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http]
middlewares = ["auth"]
[entryPoints.websecure.http.tls]
[entryPoints.auth]
address = ":7000"
[http.middlewares]
[http.middlewares.auth.forwardAuth]
address = "http://127.0.0.1:7000/auth"
version: '3.8'
services:
proxy:
image: traefik:2.8
volumes:
ports:
- 80:80
- 443:443
- 7000:7000
api:
image: api
deploy:
labels:
- traefik.enable=true
- traefik.http.routers.api.entrypoints=websecure
- traefik.http.routers.api.rule=Host(`api.example.org`)
- traefik.http.services.api.loadbalancer.server.port=8000
- traefik.http.routers.auth.entrypoints=auth
- traefik.http.routers.auth.rule=PathPrefix(`/auth`)
- traefik.http.services.auth.loadbalancer.server.port=8000
I figured out my configuration had 2 issues.
auth@file):