pkg/caddy-tailscale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
caddy-tailscale/README.md
AKP 707ad4a78a
Basic README.md
2024-10-11 15:57:46 +01:00

1 KiB
Raw Blame History

Tailscale authentication in Caddy

This is a plugin for the Caddy webserver that enables Tailscale-based authentication. It functions similarly to the default basic_auth Caddyfile directive except using the local Tailscale daemon and the remote address of a connection to authenticate based on if a connection is coming via a Tailnet and if so, who it is.

Optionally, the Tailscale-User-{Id,Login,Name} headers are set on the incoming request to allow this to be used as an analogue for forward_auth.

Limitations

This module requires the Tailscale daemon to be running on the same machine as the Caddy server.

Example usage

Require all incoming connections to be from within a Tailnet

www.example.com {
  tailscale_auth
  reverse_proxy localhost:9090
}

Require all incoming connections to be from within a Tailnet, setting headers

www.example.com {
  tailscale_auth set_headers
  reverse_proxy localhost:9090
}