If you want to add a basic auth to haproxy (on pfsense)
Global Advanced pass thru
userlist AuthRealmName
user username password ENCRYPTED_PASSWORD_HERE
Putting the password in clear text works but is a bad idea for obvious reasons.
userlist AuthRealmName user USERNAME insecure-password PASSWORD
Name: acl-name
Expression: Custom acl
Not: Checked
Value: http_auth(AuthRealmName)
Action: http-request auth
Condition acl names: acl-name
realm: realm realmname # might be optional
Optional:
Action: Use Backend Condition acl names: acl-name condition2 fqdn_condition
Based on the HAProxy documentation, create a UserList. You can use DES, MD5, SHA-256, and SHA-512 encrypted passwords. If you really know what you are doing: You can use plain text passwords here as well, but they are stored as plain text within the config files and can not recommend to do so!
python -c 'import crypt,getpass; print(crypt.crypt(getpass.getpass(), crypt.mksalt(crypt.METHOD_SHA512)))'
Automated way to do it:
python -c 'import crypt; print(crypt.crypt("TheSuperSecretPasswordHere", crypt.mksalt(crypt.METHOD_SHA512)))'
mkpasswd
should also work
printf "TheSuperSecretPasswordHere" | mkpasswd --stdin --method=sha-512
Password generation snipets are from here: https://hochwald.net/user-authentication-with-haproxy-on-pfsense/