Hacker News new | ask | show | jobs
by atonse 1509 days ago
This is such a damn elegant solution for an Auth Proxy, using Wireguard and all the existing, solid abstractions. You guys are just on fire.

I may have missed this in the post, but is there any plans to make a general purpose one rather than Grafana, etc? like tailscaled --proxy --to or (and I saw mholt's post) just rely on something like Caddy for that?
1 comments
xena 1509 days ago
I'm not sure yet. A lot of this is still experimental to feel out the problem space. Doing this as sidecars/extra things you run on the side lets us learn more about how people want to use this until we make this an actual product. If you have feedback/suggestions though, I am welcome to hear it and forward it along to the team.
link
atonse 1509 days ago
Just thinking "out loud" here – this isn't standards compliant or anything.

I'd love to be able to control some of these kinds of things right in the Admin UI.

Like being able to say "create new proxy, use this relay that gets me into this network, look at this acl to decide who gets in"

I could see this as really useful for the long tail of "admin" type services. Like admin UIs for Sidekiq (Ruby bg jobs) or Oban (Elixir bg job), our HashiCorp Nomad or Consul admin screens, etc without having to mess around with extra tokens.

link