|almost 3 years ago||20 days ago|
|Apache License 2.0||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
I create an end-to-end example and guide on how to use Traefik with Pomerium identity-aware access proxy in Forward Auth and Proxy mode on Kubernets with Helm/Helmfile
5 projects | /r/selfhosted | 4 May 2021
I know from past discussion here some recommended solutions where thomseddon/traefik-forward-auth, vouch-proxy, oauth2-proxy or louketo-proxy aka Keycloak Gatekeeper. I personally think Pomerium is the most versatile and powerful solution out there, especially if you are on Kubernetes or even Docker. Pomerium doesn't yet have the mature documentation, hence this guide.
Show HN: Obligator – An OpenID Connect server for self-hosters
18 projects | news.ycombinator.com | 11 Oct 2023
Authentik reverse proxy vs swag
3 projects | /r/selfhosted | 7 Jul 2023
BTW also keycloak and other similar products offer the oauth-proxy capability, I even used the original oauth2-proxy https://github.com/oauth2-proxy/oauth2-proxy for a while, but it was getting too difficult to maintain for me. I used for a while https://github.com/thomseddon/traefik-forward-auth that was a smart hack configuring a single upstream provider, but it look abandoned. So I was considering authentik but apparently it's just oauth2-proxy embedded in it, at that point why not use oauth2-proxy directly.
Traefik with traefik-forward-auth towards Azure AD loop-redirect and fail
2 projects | /r/Traefik | 11 May 2023
I have extensively studied and experimented with the examples from https://github.com/thomseddon/traefik-forward-auth, and searched online for examples of how to make it work, such as https://www.reddit.com/r/Traefik/comments/zzcsyd/traefik-forward-auth_with_global_auth_and_azure/, but have come up empty for a solution.2 projects | /r/Traefik | 11 May 2023
It seems there are some more recently updated forks.
Dell T320 vs T620 Idle Power
5 projects | /r/homelab | 28 Mar 2023
Traefik Forward Auth
Assuming I have each individual service working (cloudflare-tunnel, keycloak, nginx, arrs, dashy), how would I go about having a system like this? (more in comments)
3 projects | /r/selfhosted | 22 Mar 2023
One way I got this to work (for another app that doesn’t go through cloudflare) was to use Traefik with forward-auth and this: https://github.com/thomseddon/traefik-forward-auth
Just finished migrating my old tower servers to a Kubernetes cluster on my new rack!
19 projects | /r/homelab | 21 Jan 2023
In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
Is there something like Keycloak or Authelia that supports both forward auth and identity providers?
3 projects | /r/selfhosted | 8 Jan 2023
Hm, interesting. I have worked with traefik-forward-auth before, but I didn't know there is a fork. Are you using the fork? Would you happen to know if this issue from the original project still exists or if it's fixed in the fork?
How do you expose some of your services to the internet?
3 projects | /r/selfhosted | 28 Dec 2022
https://github.com/thomseddon/traefik-forward-auth (just another option if everyone accessing already has a google account)
Cant wrap my head around auth process
5 projects | /r/kubernetes | 21 Dec 2022
Traefik ingress + forward auth middleware + traefik-forward-auth does the trick.
What are some alternatives?
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
authelia - The Single Sign-On Multi-Factor portal for web apps
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
awesome-zero-trust - A curated collection of awesome resources for the zero-trust security model.
Synology-Docker-Mediaserver - Working Docker media server containers running on Synology, served by Swag with auth via Organizr (and auth bypass for API, so NZB360 etc. work).
Traefik-with-Pomerium-Forward-Auth-and-Proxy-on-Kubernetes-with-Helm - Traefik with Pomerium in Forward Auth and Proxy mode on Kubernetes with Helm/Helmfile
traefik-forward-auth0 - A backend for performing forward authentication with Auth0 using the Traefik reverse proxy.
docker-cloudflare-ddns - A small amd64/ARM/ARM64 Docker image that allows you to use CloudFlare as a DDNS / DynDNS Provider.
TTRSS-Auth-LDAP - GitHub repository for Tiny Tiny RSS's auth_ldap plugin
overseerr - Request management and media discovery tool for the Plex ecosystem