diff --git a/.env.sample b/.env.sample
index e825a7f..0e0c3c9 100644
--- a/.env.sample
+++ b/.env.sample
@@ -110,3 +110,9 @@ COMPOSE_FILE="compose.yml"
 ## Matrix
 #COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
 #MATRIX_FEDERATION_ENABLED=1
+
+## BASIC_AUTH
+## Use httpasswd to generate the secret
+#COMPOSE_FILE="$COMPOSE_FILE:compose.basicauth.yml"
+#BASIC_AUTH=1
+#SECRET_USERSFILE_VERSION=v1
diff --git a/compose.basicauth.yml b/compose.basicauth.yml
new file mode 100644
index 0000000..cb76121
--- /dev/null
+++ b/compose.basicauth.yml
@@ -0,0 +1,12 @@
+version: "3.8"
+services:
+  app:
+    environment:
+      - BASIC_AUTH
+    secrets:
+      - usersfile
+
+secrets:
+  usersfile:
+    name: ${STACK_NAME}_usersfile_${SECRET_USERSFILE_VERSION}
+    external: true
\ No newline at end of file
diff --git a/file-provider.yml.tmpl b/file-provider.yml.tmpl
index d12761e..a7d3d48 100644
--- a/file-provider.yml.tmpl
+++ b/file-provider.yml.tmpl
@@ -17,6 +17,11 @@ http:
         authResponseHeaders:
           - X-Forwarded-User
     {{ end }}
+    {{ if eq (env "BASIC_AUTH") "1" }}
+    basicauth:
+      basicAuth:
+        usersFile: "/run/secrets/usersfile"
+    {{ end }}
     security:
       headers:
         frameDeny: true