WebUI Login Security by Authentik or Token

[masterwishx]

Using Lasted version of HeadScale in Docker + headscale-ui + Nginx Proxy Manager.
is any way to secure login to webUI maybe by Authentik or some Token?
i tryed but cant make it work behind Authentik.

[routerino]

Yes in the sense that you can secure any web application via an oauth proxy. No in that it is not necessary. See https://github.com/gurucomputing/headscale-ui/blob/master/SECURITY.md#authentication-and-authorization

[masterwishx]

Yes in the sense that you can secure any web application via an oauth proxy. No in that it is not necessary. See https://github.com/gurucomputing/headscale-ui/blob/master/SECURITY.md#authentication-and-authorization

Thanks, i got it.
Also i saw its using local storage of browser , its not a big problem but tried to proxy access to /web page by Authentik.
but it seems not working in regular way like for other apps are working ...
using Nginx Proxy Manager + Authentik.

[masterwishx]

Also interesting ,in docs says for NPM i should set container port 443 and in dockerfile exposed 443 , but for now im using:
ports:
- 9943:80
and all working fine.
is it important to set port 443 in Nginx Proxy Manager ? if its still protected by https in Proxy ? Using hs.mysite.com/web

[masterwishx]

can be return 301 https://$host/web; added to /admin location in Nginx Proxy Manager ,is it safe ?

[routerino]

Closing due to no replies within 30 days and as a general cleanup