Hey there. I am using traefik for some private projects and some of them do not have (or I do not want to implement) authentication.
I am looking for a simple traefik plugin that allows me to enforce authentication for a specific service (and show or forward to a login page if not authenticated). The authentication would be done for example via Keycloak or google OpenID (JWT).
Are there plugins that do that?
Hi Tobias,
for some similar use cases I use oauth2-proxy. It's not a plugin - I put it in a chain between traefik and the service.
It works good with Keycloak (personally, I'd prefer any other solution over Keycloak, but there aren't many alternatives).
I could post a sample deployment tomorrow if there's interest.
Look into Traefik ForwardAuth middlewares (doc).Or the solution mentioned above.
I think there are easier auth solutions like authelia and authentik, maybe even newer zitadel. But what I read is that keycloak is really an enterprise solution, would not recommend that for home use.
That's right. I'd never use Keycloak at home.
Thanks. forward-auth does exactly what I need.
The one issue I have with Authelia is that users are managed via files that need text editing.
I have a non-techie guy managing access to a site for me and he has f&^%ed up the user database file so many times I can't count. He's not getting linux text editing at all. And needing sudo scares me more.
I just want a simple auth tool that gives a web editor to manage user access.
Use a GUI for Authelia, like this 