Comment on How to enhance Caddy's basic_auth?
_cryptagion@lemmy.dbzer0.com 1 day ago
I use Authelia powered by LLDAP with Caddy to protect services. For accessing files I use copyparty, it can hook into Authelia for user auth.
Comment on How to enhance Caddy's basic_auth?
_cryptagion@lemmy.dbzer0.com 1 day ago
I use Authelia powered by LLDAP with Caddy to protect services. For accessing files I use copyparty, it can hook into Authelia for user auth.
tubbadu@lemmy.kde.social 14 hours ago
I already looked into Authelia, and the “problem” I encountered is that it does not support “named policies” (I don’t know the actual name): what I mean is to be able to create “only_admin_policy”, “only_registered_users_policy” etc, and then in Caddy to be able to say something like this
Instead if I understood correctly (and I would gladly be proved wrong) this is not possible with Authelia, as these policies have to be specified inside Authelia, so I would have two different configurations in two different places instead of having everything in the Caddyfile
I hope I explained well what I mean
thanks for the help!
_cryptagion@lemmy.dbzer0.com 12 hours ago
yes, it can do that, assuming you are using LDAP or have set up users/groups in the Authelia config. you don’t need to set it up in the caddyfile though, you can handle everything from Authelia’s end. for example, here is a typical protected item from my caddyfile.
that’s all I need in my caddyfile, just the bits that forward the information about the user to each site to log them in. I can then handle all the auth rules like saying which sites are only for admins or users in the Authelia config. since I use LDAP, I can set up the groups in that, then just specify which sites are DENY or TWO_FACTOR for each group in the Authelia config. or even in the apps themselves, if they support LDAP like Jellyfin and Forgejo.