[solved] How to protect an app that doesn't have login authentication?

[Hakisak]

I have an app that doesn't have a login. I can access the app with any pc on the same LAN by typing the 'truenasIP : port' to the app.
How would I go about making a layer of security for the app? just the web ui access.

• I would prefer to have a username + password that would allow the connection.
• I guess you could somehow block/allow certain ip's access to that port but would much rather the first method above^

if it matters; the app is plex.

-thank you

 

[sretalla]

Plex has authentication outside the LAN defined subnet.

You can either turn that feature off in the settings of Plex or don't define the subnet as LAN.

 

[danb35]

The "normal" answer would be to put the app behind a reverse proxy, and have that reverse proxy handle authentication. With TrueCharts apps, that would be done using Traefik, and all the plumbing is built into their apps to make this work. Some documentation on that here:

Add Traefik Basic Auth to Apps | TrueCharts

Our traefik chart has the ability to add various middlewares to the chart can add extra functionality to your setup. You can see the full list of middlewares inside the traefik menu options. In this guide we'll go over setting up the Basic Auth traefik middleware.

truecharts.org