That rule makes all subsequent rules implicitly ignored
- domain: - "*.domain.com" - "domain.com" policy: two_factor
access_control: default_policy: two_factor rules: - domain: "*" policy: bypass networks: - 192.168.1.0/24 - domain: radarr.domain.com resources: - '^/api([?/].*)?$' policy: bypass - domain: sabnzbd.domain.com resources: - '^/api([?/].*)?$' policy: bypass
I'm wondering if Authelia would be appropriate for my use-case, or if I should look for something else:
Basically, I have a few servers on my home network containing things that I might want to access over the internet, but since exposing things on your home network to the internet is a terrible idea, I'm going to use Cloudflare Tunnels to secure them. Tunnels is part of Cloudflare's Zero Trust offering, which also seems to be able to lock webpages behind a login gate for extra security, however, because it's designed for enterprise, it only supports SSO systems. After giving up on Keycloak, I found Authelia and noticed it has OpenID support, however, looking at the documentation it seems that my use-case might not be an intended one. But would it work?
I have realised that I could forgo Cloudflare's authentication altogether and just use Authelia to secure everything, but would Authelia work with Cloudflare's system as well?
Folks, the recent changes of openidc seems to have broken the nextcloud connection I had...
what are the required changes away from previous setup to... like... not break?
Maybe we can add it to the docs, so there is a functional basic example for nextcloud-oidc-login setup?
msg="Access to https://pw.example.com/identity/connect/token (method POST) is not authorized to user <anonymous>, responding with status code 401" method=GET path=/api/verify remote_ip=x
after i register my phone with google auth, somehow i notice something
and if i check documentation, it seems not well documented about how this setup this authentication method