Did you ever try organizr and using the forward auth from it to secure all containers? Since i am using this setup and trying to add that part, can always ask and check right?

I haven't tried organizr myself but if you figure it out feel free to open a PR and I'll give it a try!

Trying my best right now, but stuck at organizr not jumping back after the /auth part.. only see json. Will look further into it.

Turns out under labels just add this to traefik:
traefik.http.middlewares.myauth.forwardauth.address: http://organizr/api/v2/auth/1 traefik.http.middlewares.myauth.forwardauth.tls.insecureSkipVerify: true traefik.http.middlewares.myauth.forwardauth.trustforwardheader: true

Then under the container, add:
traefik.http.routers.netdata.middlewares: hsts-header, myauth

The "1" in the url stands for group 1 people that have acces, which can be found in organizr.

If i have the time i'll push out a PR. I also used cloudflare dns on the letsencrypt because if all domains are protected you cannot get the acme part to work since it cannot reach it. Now it will just add a txt record to cloudflare dns as "check" but then you need to turn of tls challenge since it masks your ip. (ofcourse you can use any dns provider traefik supports)