Generally when generating a htpasswd entry for Basic Authentication you'd use apache-utils to do it. On a server running only NGinx, this probably won't be available, so you instead need to do it with openssl
printf "USER:$(openssl passwd -apr1 PASSWORD)\n" >> .htpasswd
printf "joeblogs:$(openssl passwd -apr1 A9n,6-l8)\n" >> .htpasswd