Our great sponsors
-
caddy-security
π Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. π Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. π Authorization with JWT/PASETO tokens. π
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I use Caddy + Caddy Security, set up OAuth, and also only expose services over IPv6. It's not extra security, but it's less logs to deal with because nobody is scanning IPv6 address ranges, and there are less IPv6 capable hosts who are compromised.
I had the same dilemma as you have and after a lot of research I decided to go with Authentik. It has a dashboard (I donβt use it), option of using 2FA, SSO, nginx built in for reverse proxy and much more. Itβs a little bit rough to get started but it has everything you could possible need.