Docker behind authentication app LAN?


adminbyme

Recommended Posts

Hello,

 

I hope you have a good day.

 

I have multiple dockers that I can access from LAN without authentication so how can I protect it behind an authentication app?

For example, I have Brave browser which anyone from my local network can access by 10.10.0.4:5830. However, I want a specific user who can log in to that port.

 

Is that possible?

 

Thank you. 

Link to comment
  • 2 weeks later...

I would indeed suggest looking into a reverse proxy to give them all a DNS name, then limiting access to allow only connections coming from that proxy, for example Nging Proxy Manager:  

 

 

Then you can use something like Authelia to control access and put passwords/2fa prompts on the websites: 


I use this myself as well, works pretty good!

 

Limiting access to the containers can for example be done by creating an extra vlan and then disabling inter-vlan routing.😄

Edited by jeffrey.el
Link to comment

Thanks Primeval_god and Jeffrey.el for your reply.

 

I have my dockers behind Nginx Proxy Manager and secure them with Authelia and 2FA for my domain.

 

The issue that I'm facing is only when two computers joins a local network. Each computer can access any docker without a user name and password.

 

I think the only solution to fix this issue is as Jeffrey.el mention by adding VLAN then disabling inter-vlan routing.

 

Hope you have a wonderful day. :)

Edited by adminbyme
Link to comment
7 hours ago, adminbyme said:

The issue that I'm facing is only when two computers joins a local network. Each computer can access any docker without a user name and password.

If you are using a reverse proxy container and both it and the container you are proxying are connected to a custom bridge docker network for internal communication then there is no need to make map the application containers ports to the accessible ports on the unraid host. Without the port mapping the only way to access the application is through your secured reverse proxy. 

Edited by primeval_god
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.