Skip to content

PG Shield

Clownfused edited this page Apr 17, 2019 · 43 revisions
WANT TO HELP? CLICK THE ★ (STAR LOGO) in the Upper-Right!

  • 📂 [Click Here] - Google G-Suite (Unlimited Hard Drive Space & Storage)
  • 📂 [Click Here] - Top Performance NewsHost! - Blitz Members Receive a 58% Discount

Reference Shortcut - http://pgshield.pgblitz.com | Discord ( !pgshield )


Table of Contents

  1. PG YouTube
  2. Intro
  3. Initial Actions
  4. PG Actions
  5. Conclusion

1. PG YouTube

NOTE: Watching the Video will provide the deepest insight in deploying PGShield!

2. Intro

What does it provide you? Protection through Google Authentication by shielding your container/apps from unauthorized users! Unlike PG's Legacy AppGuard, you sign in once and your apps are protected without having to sign in each time... over and over!

PG Shield utilizes Google's OAuth in conjunction with Traefik and Thomseddon's Authentication Project - PLEASE STAR HIS PROJECT.

*WARNING: Will need to create another GSuite OAuth Key labeled web

3. Initial Actions

A. Prerequisites

Note: If you have sonarr/radarr/etc on a separate server than nzbget/sab/etc, you CANNOT use PGShield for these apps, it won't work. PGShield is basically a firewall and requires google authentication. Your apps don't know about and can't handle this "firewall". You have to disable PGShield for these apps in this case. If your apps are on the same server, use the traefik internal access URL, not your domain!

B. Next Steps

  • Next, visit Google's Credential Console and select WEB Application!
    • This is not the same OAuth Key from PG Blitz (which was --- other)
    • Selecting the wrong version will have you troubleshooting all day!
  • Name: Call it whatever you like!
  • Authorized Redirects: Make sure it matches as such https://oauth.yourdomain.com/_oauth
    • If you see a red warning about needing to add the domain to the trusted list, click it and do so!
  • Create: When finished, click the create button.

4. PG Actions

Just notes until snapshots are taken:

  • Enter your CLIENT ID and SECRET from above
  • Add whitelisted users to access your apps
  • Exempt apps that you do not want to be touched by PG Shield
  • Deploy!

Lesson Learned

  • If you fail to pay attention, you can end up copying the wrong key from another project and you'll wonder why it's not working. It happened to myself; so please pay attention!

5. Conclusion

PG Shield is an awesome tool to provide you simple security powered by Google! Ensure to stop by Thomseddon's Authentication Project and give him a STAR if you like it!

http://PGBlitz.wiki

Useful Starter Links

  1. Introduction
  2. Blitz YouTube Channel
  3. G-Suite Signup
  4. Recommended NewsHosts

Prior Planning 101

  1. Recommended Pre-Reading
  2. Server - Storage Planning
  3. Usenet or BitTorrent
  4. PG Editions
  5. PGBlitz Repos
  6. Common Issues

Deploy & Config

PGBlitz
  1. SSH Server Access
  2. Create a SUDO User
  3. Install PGBlitz
  4. WatchTower
  5. Remote Path Mappings

Data Transport
  1. PG Clone
    1. Google OAuth Keys
    2. PG Move
    3. PG Blitz
    4. 2nd HD Option

Key Components

  1. Traefik
  2. Port Guard
  3. PG Shield
  4. PG Press
  5. Google Cloud - GCE
    1. Automated setup
  6. Hetzner Cloud
  7. PG Fork
  8. Extra PG Commands

Blitz App Info

  1. Accessing PG Apps
  2. App Port Scheme
  3. Plex to AutoScan

Tools & Services

Core Apps [Expand]
  1. Emby
  2. Jackett
  3. Jellyfin
  4. LazyLibrarian
  5. Lidarr
  6. Netdata
  7. NZBGet
  8. Ombi
  9. Plex
  10. Portainer
  11. qBittorrent
  12. Radarr
  13. RuTorrent
  14. SABNZBD
  15. Sonarr
  16. Tautulli
Community Apps [Expand]
  1. AirSonic
  2. AllTube
  3. Bazarr
  4. Beets
  5. Bitwarden
  6. BookSonic
  7. cAdvisor
  8. Cloud Commander
  9. DDClient
  10. Deezloaderremix
  11. Deluge
  12. DelugeVPN
  13. Duplicati
  14. EmbyStats
  15. FlexGet
  16. Gazee
  17. Gitea
  18. Handbrake
  19. Headphones
  20. Heimdall
  21. HomeAssistant
  22. HTPCManager
  23. JDownloader2
  24. jd2-openvpn
  25. Kitana
  26. Logarr
  27. MakeMKV
  28. MariaDB
  29. McMyadmin
  30. MEDUSA
  31. Mellow
  32. Monitorr
  33. Muximux
  34. Mylar
  35. NextCloud
  36. NowShowing
  37. NZBHydra2
  38. NZBThrottle
  39. Organizr
  40. pyLoad
  41. Radarr4k
  42. Resilio
  43. rflood-openvpn
  44. rutorrent-openvpn
  45. ShareSite
  46. Shoko Anime Server
  47. SpeedTest
  48. SyncLounge
  49. Syncthing
  50. The Lounge
  51. Transmission
  52. Trakt.or
  53. Ubooquity
  54. x TeVe
  55. Zammad

Misc Info & Articles

  1. Change Server Time
  2. Fail2Ban
  3. Custom Containers
Scripts
  1. Scripting Area
    1. Auto Upload for Sonarr and Lidarr
    2. Auto Delete Log
    3. Plex Plugin DB Backup
    4. Plex fast BACKUP
Clone this wiki locally
You can’t perform that action at this time.