I host a few docker containers and use nginx proxy manager to access them externally since I like to have access away from home. Most of them have some sort of login system but there are a few examples where there isn’t so I currently don’t publicly expose them. I would ideally like to be able to use totp for this as well.
basicauth
: https://caddyserver.com/docs/caddyfile/directives/basicauthmost reverse proxies have SSO tooling that you can set up pretty easily
But honestly, have you considered just using wireguard for these cases? It’s much more secure if you just want a bunch of stuff hidden from the rest of the world
If you want a richer login authelia + caddy is good.
Ooh that Authelia looks pretty much ideal. I’ll give it a try and see how well it works.
I’m using authelia with SWAG (but I’m looking at switching to NGINX proxy manager to get better stats and a nicer UX) and have authelia working great for non local hosts
How to use WireGuard for that? (Noob here)
try wg-easy. it’s on the docker hub and it makes setting up a wireguard tunnel incredibly easy (as in, press the add button). The initial docker configuration process was a bit annoying to me since I had no prior experience, but most of the issues were down to the dns settings, which I eventually figured out.