Two-Factor Auth

[meichthys]

Two-Factor authorization would be a very welcomed feature in my book.

To be able to log into nginx-proxy-manager via 2FA as well as being able to provide 2FA for access to hosts - this would vastly improve the security of less secure or non-secure applications hiding behind the nginx proxy.

Something like Authelia should provide a good starting point.

[arejaytee]

+1 on this or implementing #137

[Rami-Pastrami]

Noting https://github.com/authelia/authelia for being maintained actively currently, and having more features

[KamistixX]

Authelia integration would be a massive feature

[james-d-elliott]

One of the maintainers of Authelia here. We'd be willing to do some form of collab to help with this. Particularly with the access to the hosts section as that is the easiest part. I also think this would actually address a few of your issues all at once (I'll try to compile a list later and the reasons why).

Ideally if we did it I think the ideal place to do it is in the access tab as an alternate provider to the HTTP basic auth. Also it shouldn't be limited to Authelia in my opinion, people should be able to configure all aspects of the ngx_http_auth_request_module.

Authelia docs.

[KittyKatt]

This would actually bring me back to nginx-proxy-manager over some other solution as there's no other solution with as easy of a point and click interface as this, but vanilla nginx supports this with Authelia's guide so I've been sticking with that.

[Rami-Pastrami]

TBH I would even be happy for a guide to add Authelia to NginxProxyManager

[lazee486]

+1 I opened a request for voucher-proxy or keycloak before I found this one, but any route he goes with I'd be willing to try :) his interface is one of the best I've found for homelab!

[zero77]

Google provide a 2FA module that can be integrated with protocols like SSH and OpenVPN.
https://github.com/google/google-authenticator-libpam

[joe307bad]

Keycloak works with nginx-proxy-manager!

[joe307bad]

Here is also a good tutorial on getting nginx-proxy-manager secured with Authelia.