-
Notifications
You must be signed in to change notification settings - Fork 55
PTS Shield
Table of Contents
NOTE: Watching the Video will provide the deepest insight in deploying PTSShield!
What does it provide you? Protection through Google Authentication by shielding your container/apps from unauthorized users! Unlike PTS's Legacy ApPTSuard, you sign in once and your apps are protected without having to sign in each time... over and over!
PTS Shield utilizes Google's OAuth in conjunction with Traefik and Thomseddon's Authentication Project - PLEASE STAR HIS PROJECT.
*WARNING: Will need to create another GSuite OAuth Key labeled web
- First, you must have a Google GSuite Business Account
- Deployed Traefik and ensure that your Portainer is working @ https://portainer.yourdomain.com
Note: If you have sonarr/radarr/etc on a separate server than nzbget/sab/etc, you CANNOT use PTSShield for these apps, it won't work. PTSShield is basically a firewall and requires google authentication. Your apps don't know about and can't handle this "firewall". You have to disable PTSShield for these apps in this case. If your apps are on the same server, use the traefik internal access URL, not your domain!
- Next, visit Google's Credential Console and select WEB Application!
- This is not the same OAuth Key from PTS Blitz (which was --- other)
- Selecting the wrong version will have you troubleshooting all day!
- Name: Call it whatever you like!
- Authorized Redirects: Make sure it matches as such https://oauth.yourdomain.com/_oauth
- If you see a red warning about needing to add the domain to the trusted list, click it and do so!
- Make sure you hit Enter to actually add it before you save!
- Create: When finished, click the create button.
Just notes until snapshots are taken:
- Enter your CLIENT ID and SECRET from above
- Add whitelisted users to access your apps
- Exempt apps that you do not want to be touched by PTS Shield
- Deploy!
Lesson Learned
- If you fail to pay attention, you can end up copying the wrong key from another project and you'll wonder why it's not working. It happened to myself; so please pay attention!
PTS Shield is an awesome tool to provide you simple security powered by Google! Ensure to stop by Thomseddon's Authentication Project and give him a STAR if you like it!
Wiki - Wiki
- Recommended Pre-Reading
- Server - Storage Planning
- Usenet or BitTorrent
- PTS Editions
- PTS Folder Structure
- PTS-Repos
- Common Issues
Data Transport
- Traefik
- Port Guard
- PTS Shield
- PTS Press
- Google Cloud - GCE
- Hetzner Cloud
- PTS Fork
- Extra PTS Commands
- PTS Vault - Data Storage
- PTSPatrol
- Plex AutoScan in Docker Container
- Plex_Dupefiner
- Traktarr
- System & Network Auditor
- PreInstaller & UnInstaller
Core Apps [Expand]
Community Apps [Expand]
- AirSonic
- Bazarr
- Bitwarden
- BookSonic
- cAdvisor
- Cloud Commander
- Deluge
- DelugeVPN
- Dozzle
- Duplicati
- Filebrowser
- FlexGet
- Gazee
- Headphones
- Heimdall
- HomeAssistant
- jd2-openvpn
- Kitana
- Logarr
- MakeMKV
- MariaDB
- McMyadmin
- MEDUSA
- Mellow
- Miniflux
- Monitorr
- Muximux
- Mylar
- NextCloud
- NowShowing
- NZBHydra2
- Organizr
- plpp
- pyLoad
- qBittorrent
- QBittorrent VPN
- radarrsyncarr
- Resilio
- rflood-openvpn
- rutorrent-openvpn
- Shoko Anime Server
- SpeedTest
- SyncLounge
- Teamspeak3
- The Lounge
- Transmission
- Trakt.or
- Ubooquity
- Varken
- vnc-xfce
- vnstat
- ZeroTier