S.S.Octopus
Nginx Proxy Manager
S.S.Octopus | Nginx Proxy Manager | |
---|---|---|
5 | 651 | |
3,059 | 19,636 | |
0.2% | 2.4% | |
0.0 | 8.8 | |
6 days ago | 8 days ago | |
Go | JavaScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
S.S.Octopus
-
Use OpenZiti to secure your monitoring
2. An identity aware SSO proxy by Buzzfeed[0]
I really like Buzzfeed's SSO implementation, but it hasn't received updates in a while and doesn't seem to be maintained to me. I could absolutely see OpenZiti replacing this for me.
I really like Wireguard and have absolutely no complaints with it -- but if OpenZiti could replace this as well and match the performance I get on Wireguard I would consider implementing it at home (and would probably be a happy enough customer to push for it at work).
One non-typical use-case I use Wireguard for is being able to do remote game streaming to my Windows hosts via Moonlight+Nvidia Gamestream. Would anyone be able to (anecdotally or scientifically), share how well a use-case like this would work with OpenZiti?
[0] https://github.com/buzzfeed/sso
-
Libredirect – Redirect social media and websites to privacy friendly front ends
In addition to this suggestion, another viable route is to self-host those applications you rely on and don't expose them to the world (so as to reduce load/attack surface). Using a VPN can allow you to access the applications privately/remotely.
e.g. I self-host the applications I rely on such as Teddit, Nitter, Bibliogram and Cloudtube and then use Wireguard to always remain connected to the network they are accessible on. I have also implemented identity-aware SSO[1] so I can expose those applications remotely to specific individuals.
[1] https://github.com/buzzfeed/sso
-
Add Password Protection to Any Site with OAuth2 Proxy - Plus Social Logins
If oauth2-proxy doesn't suit your needs, there are some projects that have spun-off from oauth2-proxy like pomerium and BuzzFeed's sso. In addition to the open source library, Pomerium offers a paid service with a GUI to help IT staff more easily manage user permissions. BuzzFeed's sso builds upon oauth2-proxy by separating the domain used for auth from the domain used for the proxy (among several other changes).
-
Introduction to Zero Trust on AWS ECS Fargate
SSO to the rescue!
-
Web proxy (Bastion ?) to access Website in "private" network.
https://github.com/buzzfeed/sso - Google only
Nginx Proxy Manager
-
Ask HN: What Underrated Open Source Project Deserves More Recognition?
I discovered these 3 amazing projects recently:
Cryptpad, essentially google docs/sheets/forms e2e encrypted. It does include collaboration. https://github.com/cryptpad/cryptpad
Immich, google photos self hostable, with share options https://github.com/immich-app/immich
Nginxproxymanager manages certificates and proxies to self hosted stuff through nginx https://github.com/NginxProxyManager/nginx-proxy-manager
Great self hosting stuff!
-
DevOps Simplified: Easy-to-Use Container Projects Deployment
Nginx Proxy Manager
- Baserow Behind Nginx Proxy Manager - Error Connot Connect to API SERVER
-
Can I put multiple services on one web domain using subdomains?
Take a look at NginxProxyManager. This would give you the opportunity to put everything in the form of service1.domain.com , service2.domain.com ,etc.
-
:latest or :version for supporting services?
Prime example: Nginx Proxy Manager is often recommended in the sub. The latest minor release came with breaking changes (so already ignoring semver). I bet you many people were running on latest and then had broken stuff: https://github.com/NginxProxyManager/nginx-proxy-manager/releases/tag/v2.10.0
-
NPM: How to keep and maintain a dynamic IP (like your public IP) in an access list.
I started looking into how to make add dynamic IPs to NPM access lists. I came across a couple of GitHub issues (1, 2) on the topic. It looks like people have solved the problem, but not in a complete way without modifying the NPM docker image. I did not want to do that, so decided looking into writing a separate script.
-
Has anyone been able to set up dockerized CrowdSec in front of dockerized NPM using official images only?
Here is the (NPM) GitHub issue where the "fork of a fork" image came into existence (lepresidente/nginx-proxy-manager). It has some interesting discussions about the challenges of having NPM and CrowdSec coexist and cooperate.
-
MyQ's horrible take on open access to their devices
Agree with this, myQ is such a dumpster fire. It needs to have an the ability to be managed over the local network instead of requiring the garage door and app connect to their server.
My very first experience with myQ was figuring out that their IP blocklist provider, brightcloud, blocks anything with the word "proxy" - including the default "it works" page for Nginx Proxy Manager [1]. And they have no way of overriding this to actually provide service if someone turns out to be a legitimate customer.
[1]: https://github.com/NginxProxyManager/nginx-proxy-manager/dis...
-
LetsEncrypt over a forwarded link?
Edit: If you're using Nginx Proxy Manager there seems to be open PR for support for proxy protocol https://github.com/NginxProxyManager/nginx-proxy-manager/pull/1882 however in the comments there's a name of repository with this PR merged.
- Bug in nginx-proxy-manager v2.10.4 on RouterOS 7.11.2
What are some alternatives?
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
traefik - The Cloud Native Application Proxy
Pomerium - Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
zitadel - Cloud-native Identity & Access Management solution providing a platform for secure authentication, authorization and identity management.
socks5-proxy-server - SOCKS5 proxy server
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
BunkerWeb - 🛡️ Make your web services secure by default !
farside - A smart redirecting gateway for various frontend services
docker-pi-hole - Pi-hole in a docker container