Hey guys, I’m running a simple docker compose server on an old laptop, hosting calibre(web), nextcloud and navidrome exposed on a cloudflare domain. Nextcloud allows 2fa, however navidrome and calibre web don’t, so I thought I’d better get onto setting up Authelia…

Been having issues setting it up, and now I’m starting to wonder if its worth the trouble after all. I’m sure NC is fine sercrity wise but will I be fine leaving the other two exposed to the internet? I know having Authelia is definitely better… but is it really worth it if I haven’t pissed off any hackers, and am just a normal dude?

Thanks!

  • redcalcium@lemmy.institute
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Since you’re already using cloudflare, you might want to consider using Cloudflare Zero Trust, which is free for the first 50 users.

    Here is an example on how to gate a gitlab instance behind Cloudflare Zero Trust login wall. You should be able to substitute it with any web applications easily enough. https://developers.cloudflare.com/cloudflare-one/tutorials/gitlab/

    Personally I’m using Keycloak and OAuth2-Proxy though, but they can be quite an ordeal to setup.