Authentication

Just some authelia related links, as I get ready to deploy some internet facing services.

Authelia SSO

After looking at several options, I have decided to use Authelia as the Single Sign On (SSO) solution for my internet facing applications. I decided upon Authelia because:

• It is open source, using the Apache 2.0 License.
• It integrates with several proxies, like NGINX, Traefik, and HAProxy, so I can start with NGINX, but switch later if my requirements change.
• It supports several levels of autheintication, like standard passwords, or Two Factor Authentication/Multifactor Authentication (2FA/MFA)
• It is scaleable from small single node 'Lite' installations to larger scale 'Production' deployments.
• It runs well as a standalone binary or in a Podman/Docker container.

The plan is to use podman to deploy Authelia.

Considerations

Since all applications that I will be deploying will be internet facing security must take center stage. This includes following industry best practices, like basic server hardening, TLS everywhere, using SELinux, container isolation and other steps.

Links

• https://www.onemarcfifty.com/blog/Authelia_Proxmox/
• https://florianmuller.com/setup-authelia-bare-metal-with-openid-and-cloudflare-tunnel-on-a-hardened-proxmox-lxc-ubuntu-22-04-lts-container#configureauthelia
• https://matwick.ca/authelia-nginx-sso/
• https://shownotes.opensourceisawesome.com/authelia-authentication/
• https://geek-cookbook.funkypenguin.co.nz/docker-swarm/authelia/
• https://okxo.de/add-two-factor-authentifcation-2fa-to-paperless-ngx/