My boring Blog

Mauro Frigerio blog

SSO and 2FA for Traefik and Docker containers

28-06-2020 2 min read Article

Note

I used Authelia for a while, but I had the problem with some services.

I suggest you use client certificates (mTLS) instead and follow this guide.

In my last vacation day’s just before the car trip to go back home. I have read this tweet about traefik.

The guide describes the use of OAuth for securing Docker containers. The same example I have already made on my GitHub repositories. But the interesting thing is the reference of another way to secure container: with Authelia.

What is Authelia? Small Google search and the answer is an open-source authentication server you can install in a docker container. It provides an authentication page and the ability to protect applications with 2-factor authentication (2FA) and Single Sign-On (SSO). Nice, so I can be independent from third providers, and its all local. The 2FA provides the option for a physical key like Yubikey.

Back home I have made a night test and voila I have a working configuration. Some hours later there is also an example on my GitHub repo. With an SSO example to a Grafana container.

I am now happy with this solution that brings to me more flexibility in my home network.