Comment on Self hosting Sunday! What's up, selfhosters?s
F04118F@feddit.nl 1 week ago
I’m hosting foundryvtt on a k8s cluster. I’m using Authelia+lldap to have only authenticated users passed on to that behemoth of a NodeJS app that is undoubtedly full of vulnerabilities.
I have Authelia set up to enforce 2FA for any request outside my users’ home networks. Or so I thought, but one of my players kept getting asked to 2FA.
Turns out I forgot about IPv6. He connects over IPv6 by default.
SolarpunkSoul@slrpnk.net 1 week ago
I’m also running foundryvtt and have the basics of network security down but not much more. Is there anything I should be particularly wary of if I’m hosting it via a cloudflare tunnel for my group?
F04118F@feddit.nl 1 week ago
You probably have your network locked down much better than me.
For me, it was easier to set up authelia to limit access. I don’t trust the “authorization” portal in foundry so I set up a real authentication proxy.