How to configure traefik authentication to work with webdav in docker compose?

Question

I want to build a private webdav server behind traefik with authentication.

Here is the docker-compose.yml file:

version: '3.7'
services:
  reverse-proxy:
    image: traefik:v2.2
    command: --api.insecure=true --providers.docker
    labels:
      - "traefik.http.middlewares.test-auth.digestauth.users=${AUTHUSER}"
    ports:
      - "80:80"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  webdav:
    image: mwader/webdav
    labels:
      - "traefik.http.routers.webdav.rule=Host(`localhost`)||Host(`mydomain`)"
    volumes:
      - /data:/webdav

After "# docker-compose up -d", webdav is working, but without any authentication, which should be digest auth. Now anyone knows the domain can access my files. That's not acceptable. So is there any where I did wrong? How can I get it right? Thanks!

Answer 1

It is not enough to define the middleware, you must use it with routers. Try to use this stack

version: '3.7'
services:
  reverse-proxy:
    image: traefik:v2.2
    command: --api.insecure=true --providers.docker
    labels:
      - "traefik.http.middlewares.test-auth.digestauth.users=${AUTHUSER}"
    ports:
      - "80:80"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  webdav:
    image: mwader/webdav
    labels:
      - "traefik.http.routers.webdav.rule=Host(`localhost`)||Host(`mydomain`)"
      - "traefik.http.routers.webdav.middlewares=test-auth"
    volumes:
      - /data:/webdav

More information, details, and examples can be found in this article