traefik-forward-auth
Harbor
traefik-forward-auth | Harbor | |
---|---|---|
32 | 74 | |
2,015 | 22,536 | |
- | 2.3% | |
0.0 | 9.7 | |
about 1 month ago | 3 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
traefik-forward-auth
- Show HN: Obligator – An OpenID Connect server for self-hosters
-
Authentik reverse proxy vs swag
BTW also keycloak and other similar products offer the oauth-proxy capability, I even used the original oauth2-proxy https://github.com/oauth2-proxy/oauth2-proxy for a while, but it was getting too difficult to maintain for me. I used for a while https://github.com/thomseddon/traefik-forward-auth that was a smart hack configuring a single upstream provider, but it look abandoned. So I was considering authentik but apparently it's just oauth2-proxy embedded in it, at that point why not use oauth2-proxy directly.
-
Traefik with traefik-forward-auth towards Azure AD loop-redirect and fail
It seems there are some more recently updated forks.
-
Dell T320 vs T620 Idle Power
Traefik Forward Auth
-
Assuming I have each individual service working (cloudflare-tunnel, keycloak, nginx, arrs, dashy), how would I go about having a system like this? (more in comments)
One way I got this to work (for another app that doesn’t go through cloudflare) was to use Traefik with forward-auth and this: https://github.com/thomseddon/traefik-forward-auth
-
Just finished migrating my old tower servers to a Kubernetes cluster on my new rack!
In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
-
Is there something like Keycloak or Authelia that supports both forward auth and identity providers?
Hm, interesting. I have worked with traefik-forward-auth before, but I didn't know there is a fork. Are you using the fork? Would you happen to know if this issue from the original project still exists or if it's fixed in the fork?
-
How do you expose some of your services to the internet?
https://github.com/thomseddon/traefik-forward-auth (just another option if everyone accessing already has a google account)
-
Cant wrap my head around auth process
Traefik ingress + forward auth middleware + traefik-forward-auth does the trick.
-
SSO with keycloak and traefik
Hey have u setup a forward auth? https://github.com/thomseddon/traefik-forward-auth
Harbor
-
Docker Private Registry using Harbor
cat << EOF wget \ https://github.com/goharbor/harbor/releases/download/v2.9.4/\ harbor-offline-installer-v2.9.4.tgz EOF
-
Signing container images: Comparing Sigstore, Notary, and Docker Content Trust
Now that you know a little more about Cosign, Notary, and DCT, we will take it one step further by using one of these tools: Cosign. For this example, we will use the simple Docker registry:2 reference image to run a simple registry. In a real-world scenario, a managed registry such as Harbor, Amazon ECR, Docker Hub, etc.
- Docker pull through cache to multiple upstreams, that you can also push to
-
tcp i/o timeout when installing network plugin in "high secure environment"
Have a look at harbor, you can also use it to follow the same methods for helm charts etc.
-
How to build a docker image and still use Watchtower
Or for something more advanced https://goharbor.io/
-
Scan selfhosted docker images for vulnerabilities automatically
Look at https://goharbor.io/
-
Docker has reversed its decision to sunset the “Docker Free Team” plan.
You can host your own image repo if your feeling feisty. Harbor is a graduated project from the CNCF and they are also working on a new implementation called Dragonfly. https://goharbor.io/
- We're no longer sunsetting the Free Team plan | Docker
-
Docker's deleting Open Source images and here's what you need to know
Does anybody know whether there could be something like an open/libre container registry?
Maybe the cloud native foundation or the linux foundation could provide something like this to prevent vendor lock-ins?
I was coincidentially trying out harbor again over the last days, and it seems nice as a managed or self-hosted alternative. [1] after some discussions we probably gonna go with that, because we want to prevent another potential lock-in with sonarpoint's nexus.
Does anybody have similar migration plans?
[1] https://goharbor.io
-
Iron Bank: Secure Registries, Secure Containers
2) Harbor instance registry
What are some alternatives?
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
Portainer - Making Docker and Kubernetes management easy.
authelia - The Single Sign-On Multi-Factor portal for web apps
Dragonfly - This repository has be archived and moved to the new repository https://github.com/dragonflyoss/Dragonfly2.
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support
phoneinfoga - Information gathering framework for phone numbers
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
chartmuseum - helm chart repository server
awesome-zero-trust - A curated collection of awesome resources for the zero-trust security model.
gitlab
Synology-Docker-Mediaserver - Working Docker media server containers running on Synology, served by Swag with auth via Organizr (and auth bypass for API, so NZB360 etc. work).
distribution - The toolkit to pack, ship, store, and deliver container content