louketo-proxy
traefik-forward-auth
louketo-proxy | traefik-forward-auth | |
---|---|---|
1 | 32 | |
931 | 2,015 | |
- | - | |
2.2 | 0.0 | |
over 3 years ago | about 1 month ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
louketo-proxy
-
I create an end-to-end example and guide on how to use Traefik with Pomerium identity-aware access proxy in Forward Auth and Proxy mode on Kubernets with Helm/Helmfile
I know from past discussion here some recommended solutions where thomseddon/traefik-forward-auth, vouch-proxy, oauth2-proxy or louketo-proxy aka Keycloak Gatekeeper. I personally think Pomerium is the most versatile and powerful solution out there, especially if you are on Kubernetes or even Docker. Pomerium doesn't yet have the mature documentation, hence this guide.
traefik-forward-auth
- Show HN: Obligator – An OpenID Connect server for self-hosters
-
Authentik reverse proxy vs swag
BTW also keycloak and other similar products offer the oauth-proxy capability, I even used the original oauth2-proxy https://github.com/oauth2-proxy/oauth2-proxy for a while, but it was getting too difficult to maintain for me. I used for a while https://github.com/thomseddon/traefik-forward-auth that was a smart hack configuring a single upstream provider, but it look abandoned. So I was considering authentik but apparently it's just oauth2-proxy embedded in it, at that point why not use oauth2-proxy directly.
-
Traefik with traefik-forward-auth towards Azure AD loop-redirect and fail
It seems there are some more recently updated forks.
-
Dell T320 vs T620 Idle Power
Traefik Forward Auth
-
Assuming I have each individual service working (cloudflare-tunnel, keycloak, nginx, arrs, dashy), how would I go about having a system like this? (more in comments)
One way I got this to work (for another app that doesn’t go through cloudflare) was to use Traefik with forward-auth and this: https://github.com/thomseddon/traefik-forward-auth
-
Just finished migrating my old tower servers to a Kubernetes cluster on my new rack!
In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
-
Is there something like Keycloak or Authelia that supports both forward auth and identity providers?
Hm, interesting. I have worked with traefik-forward-auth before, but I didn't know there is a fork. Are you using the fork? Would you happen to know if this issue from the original project still exists or if it's fixed in the fork?
-
How do you expose some of your services to the internet?
https://github.com/thomseddon/traefik-forward-auth (just another option if everyone accessing already has a google account)
-
Cant wrap my head around auth process
Traefik ingress + forward auth middleware + traefik-forward-auth does the trick.
-
SSO with keycloak and traefik
Hey have u setup a forward auth? https://github.com/thomseddon/traefik-forward-auth
What are some alternatives?
node-oidc-provider - OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
authelia - The Single Sign-On Multi-Factor portal for web apps
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support
Traefik-with-Pomerium-Forward-Auth-and-Proxy-on-Kubernetes-with-Helm - Traefik with Pomerium in Forward Auth and Proxy mode on Kubernetes with Helm/Helmfile
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
keycloak-theme-sample - Sample Keycloak Theme
awesome-zero-trust - A curated collection of awesome resources for the zero-trust security model.
authentik - The authentication glue you need.
Synology-Docker-Mediaserver - Working Docker media server containers running on Synology, served by Swag with auth via Organizr (and auth bypass for API, so NZB360 etc. work).