obligator
authelia
obligator | authelia | |
---|---|---|
7 | 174 | |
617 | 19,654 | |
2.3% | 2.1% | |
9.0 | 9.9 | |
12 days ago | 6 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
obligator
-
JIT WireGuard
The deployment experience is awesome, but for me[0] the killer feature of Fly.io is their Anycast network and features such as FLY_REPLAY and LiteFS that make clusering a breeze[1].
[0]: using them for https://lastlogin.io
[1]: Here's all the fly-specific code necessary to run LastLogin in a globally distributed way: https://github.com/lastlogin-io/obligator/blob/37f75cc861f1b...
-
Keycloak SSO with Docker Compose and Nginx
I use obligator with ephemeral storage, no db, 100% code driven setup.
In my opinion this is the simplist option.
https://github.com/lastlogin-io/obligator
-
Google OAuth is broken (sort of)
See the table here: https://github.com/lastlogin-io/obligator#comparison-is-the-...
- FLaNK Stack Weekly 16 October 2023
-
Show HN: Obligator – An OpenID Connect server for self-hosters
Sorry, this is indeed not very clear. Others already answered well, but if you look at the example[0] config you can see how you would use your own instance of obligator as a client to the instance running at lastlogin.io. This is a bit meta, but applies equally to any client application.
[0]: https://github.com/anderspitman/obligator#running-it
authelia
-
Keycloak SSO with Docker Compose and Nginx
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
-
Protecting WebUI on public IP?
I use NGINX proxy with Authelia in between. Authelia blocks and blacklists faulty logins.
-
Why would anyone need AD/AAD when you can manage devices through Saltstack?
https://github.com/saltstack/salt https://github.com/chocolatey/choco https://github.com/nextcloud https://github.com/authelia/authelia https://github.com/grafana/grafana
- Give this project some luv: Single Sign-On Multi-Factor portal for web apps
-
HAProxy with Forward Auth to Authentik
If you are using HAProxy on PfSense/OPNSense, see my issue https://github.com/authelia/authelia/issues/2696
- Keycloak – Open-Source Identity and Access Management Interview
-
LDAP or AD for selfhosted
https://github.com/lldap/lldap is a very simple and lightweight LDAP solution. Works flawless with https://www.authelia.com/
-
Authelia/SSO With Caddy In Docker Compose?
Ah yeah, so I guess it's been a while since I tried and I forgot where I got stuck last time. Authelia's config.yml is absolutely massive and I'm not sure which section of their guide I should be following. In The Docker Compose section, there's "Unbundled", "Lite", and "Local". I think I want to be running the "lite" bundle, but their example compose file has a ton of Traefik stuff in it. I know I wouldn't keep the Traefik services, but do I need either secure or public?
-
How do you secure your webpages that have no protection?
Authelia supports SSO. If you are behind a reverse proxy it’s quite straightforward to integrate.
-
GitLab behind Authelia
This should probably also be mentioned in the documentation so maybe consider mentioning this on their discussion page.
What are some alternatives?
TheIdServer - OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 server based on Duende IdentityServer and ITFoxtec Identity SAML 2.0 with its admin UI
authentik - The authentication glue you need.
OpenID - OpenID Certified™ OpenID Connect Relying Party implementation for Apache HTTP Server 2.x
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
podman-nginx-socket-activation - Demo of how to run socket-activated nginx with Podman
oauth2 - Go OAuth2
node-oidc-provider - OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
dex - OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors [Moved to: https://github.com/dexidp/dex]
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
traefik-forward-auth - Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy
dex - OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors