🌐 Cloudflare

Introduction Authentik is an open-source identity provider that can be used to manage authentication and authorization for your applications. In this guide, I will explain how to install Authentik in a Kubernetes cluster to secure applications. Prerequisites A Kubernetes cluster with Traefik installed. Helm package manager installed and has required permissions to install and manage resources in the cluster. Cloudflare account with your domain configured. Already configured Cloudflare tunnel to use Traefik Ingress Controller. Installation Guide Step 1: Generate Secrets Before we prepare the Helm chart values file, we need to create a secretKey for Authentik to sign the JWT tokens and create a password for PostgreSQL database. ...

Introduction In this guide, we will explore how to secure public web applications running on Kubernetes using Authentik, a modern open-source identity provider. We will also leverage Cloudflare for additional security and performance enhancements. The setup will include Traefik as the ingress controller to manage incoming traffic to our applications. Prerequisites A Kubernetes cluster up and running. Helm installed for managing Kubernetes applications. Traefik installed as the ingress controller. Authentik installed in your Kubernetes cluster. Please check my previous posts for detailed instructions on how to set up Traefik and Authentik in Kubernetes. ...

Introduction In this guide, I will explain how to securely expose the Traefik dashboard in a Kubernetes cluster using Cloudflare. The Traefik dashboard provides insights into the traffic and routing within your cluster, but it should be secured to prevent unauthorized access. Prerequisites A Kubernetes cluster with Traefik installed. Helm package manager installed and has required permissions to install and manage resources in the cluster. Cloudflare account with your domain configured. Already configured Cloudflare tunnel to use Traefik Ingress Controller.

Introduction I am using Nginx Ingress Controller for my Kubernetes cluster, but I wanted to set up Traefik as well for specific use cases. This guide explains how I installed Traefik on my Kubernetes cluster using Helm. Why I want to use Traefik I want to use authentication features for my applications, and my Nginx Ingress Controller setup requires enabling allow-snippet-annotations and setting annotations-risk-level to Critical. This is because Nginx Ingress Controller uses annotations for advanced configurations, which can be risky if not managed properly. Traefik, on the other hand, does not require such risky configurations and provides a safer way to manage ingress rules and features. So I decided to switch to Traefik as my primary Ingress Controller. ...

Introduction In this guide, we will learn how to expose a Kubernetes application securely to the internet using Cloudflare Tunnel and Nginx Ingress. This setup allows you to leverage Cloudflare’s security features while managing your application traffic efficiently. We are going to use: Cloudflare Tunnel to expose our application securely to the internet. Kubernetes Nginx Ingress to route traffic to our application. Prerequisites A Cloudflare account with the domain added. A Kubernetes cluster set up with Nginx Ingress Controller installed. Root or sudo access to the Kubernetes cluster. Deployment Guide Step 1: Install Cloudflare Tunnel sudo mkdir -p --mode=0755 /usr/share/keyrings curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared any main" | sudo tee /etc/apt/sources.list.d/cloudflared.list sudo apt-get update && sudo apt-get install cloudflared Step 2: Authenticate Cloudflare Tunnel sudo cloudflared tunnel login Don’t worry, if you see a login url in the server terminal, just copy it and paste it in your personal browser. After logging in, you will see a success message in the server terminal. ...