Has anyone tried to configure authelia or authentik with a local nfty server, do you know any way to protect the web interface?

  • epsiblivion@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    if you’re using swag, you can just add to the ntfy container label, swag=enable if swag has auto-proxy enabled.

    • querylab@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I don’t know what swag is, I currently use authelia with nginx proxy manager and it is impossible to use it with a local ntfy server, I have tried a thousand ways and ntfy https://ntfy.sh/ is not viable without a dashbord web interface protected by a user and pass

        • querylab@alien.topOPB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          So I ask is there any way to password protect the ntfy dashboard on the server?

          • querylab@alien.topOPB
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            in fact i run ntfy server on docker on a vps tied with a cronjob but it scares me to think that anyone can manipulate and see my complete dashboard.

            • mztiq@alien.topB
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Then use it through a VPN (e.g. WireGuard), that’s how I do it. Only expose services to the internet if you really have to.

              • querylab@alien.topOPB
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                I have it also in a vpn wireguard and I do portforwarding from a local machine using a vps bridge but the point is not that the point is that lan or wan should have an authentication panel is basic in any web application I do not understand how ntfy has not done that yet.

      • epsiblivion@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        you have to set the setting to make it reverse proxy aware. swag is a nginx based reverse proxy with a lot of builtin configs for various services and customizations.

        if you really don’t want anyone to access your topics, you can set default permissions to none and then manually allow per topic for each user (selfhosted ntfy)