pkg/caddy-tailscale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Basic README.md

Browse source
This commit is contained in:
akp 2024-10-11 15:57:46 +01:00
parent 256b583e40
commit 707ad4a78a
No known key found for this signature in database
GPG key ID: CF8D58F3DEB20755
1 changed files with 32 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

32
README.md Normal file
View file

@ -0,0 +1,32 @@
# Tailscale authentication in Caddy
This is a plugin for the [Caddy webserver](https://caddyserver.com) that enables Tailscale-based authentication. It
functions similarly to the default `basic_auth` Caddyfile directive except using the local Tailscale daemon and the
remote address of a connection to authenticate based on if a connection is coming via a Tailnet and if so, who it is.
Optionally, the `Tailscale-User-{Id,Login,Name}` headers are set on the incoming request to allow this to be used as an
analogue for [`forward_auth`](https://caddyserver.com/docs/caddyfile/directives/forward_auth).
## Limitations
This module requires the Tailscale daemon to be running on the same machine as the Caddy server.
## Example usage
**Require all incoming connections to be from within a Tailnet**
```
www.example.com {
tailscale_auth
reverse_proxy localhost:9090
}
```
**Require all incoming connections to be from within a Tailnet, setting headers**
```
www.example.com {
tailscale_auth set_headers
reverse_proxy localhost:9090
}
```