Security & Access Control
Protect your infrastructure with authentication and VPN
Overview
Harden your self-hosted infrastructure with Authelia for SSO/2FA, Keycloak for identity management, CrowdSec for intrusion detection, WireGuard for VPN, and Vaultwarden for password management.
Included Applications (5)
Authelia
22.0kThe single sign-on multi-factor portal for web apps. An authentication and authorization server.
Keycloak
23.0kOpen Source Identity and Access Management. Add authentication to applications with minimum effort.
CrowdSec
9.0kAn open-source and collaborative IPS. Analyze visitor behavior and provide an adapted response to all kinds of attacks.
WireGuard
15.0kAn extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.
Docker Compose
version: '3.8'
services:
authelia:
image: authelia/authelia:latest
ports:
- "9091:9091"
volumes:
- ./authelia:/config
restart: always
keycloak:
image: quay.io/keycloak/keycloak:latest
ports:
- "8080:8080"
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
command: start-dev
restart: always
crowdsec:
image: crowdsecurity/crowdsec:latest
ports:
- "8082:8080"
volumes:
- crowdsec_data:/etc/crowdsec
- /var/log:/var/log:ro
restart: always
wireguard:
image: lscr.io/linuxserver/wireguard
cap_add:
- NET_ADMIN
ports:
- "51820:51820/udp"
volumes:
- wg_data:/config
restart: always
vaultwarden:
image: vaultwarden/server:latest
ports:
- "8083:80"
volumes:
- vw_data:/data
restart: always
volumes:
crowdsec_data:
wg_data:
vw_data:Setup Guide
Configure Authelia YAML with your authentication preferences
Deploy with docker-compose up -d
Set up Keycloak realm and users
Configure CrowdSec with your log sources
Generate WireGuard peer configs for VPN clients
Access Vaultwarden and create your vault