Setting Up SSO with Zitadel for Grafana

My multi-iteration experience of setting up SSO for my Grafana in homelab

Recently, I decided to enhance the security and user experience of my Grafana instance by implementing Single Sign-On (SSO) with Zitadel as the identity provider. I have written an article a year ago for something similar with Zitadel and Tailscale. In this blog post, I’ll share my experience following the process outlined in this helpful article, along with some additional insights and tips I discovered along the way.

What is Zitadel? (to those wonder)

Zitadel is an open-source identity management platform that provides authentication, authorization, and user management functionality. It supports various authentication protocols including OAuth 2.0 and OpenID Connect (OIDC), making it an excellent choice for implementing SSO across multiple applications.

[Read More]

Automating SSL certificate issuance with Traefik, Let's Encrypt and Cloudflare

Where your laziness turns as positive and site reliability mindset

In today’s digital landscape, securing your web applications with HTTPS is not just a recommendation but a necessity. In this blog post, I’ll share how I setup automated SSL certificate issuance for my domains, including wildcard certificates, using Traefik, Let’s Encrypt, and Cloudflare.

The Setup

My goal was to automate the management of SSL certificates for various subdomains and wildcard domains like:

  • co.example.com
  • io.example.com
  • *.co.example.com
  • *.io.example.com

By combining Traefik (a modern HTTP reverse proxy), Let’s Encrypt (for free SSL certificates), and Cloudflare (for DNS management), I created a fully automated SSL certificate renewal system for my homelab setup.

[Read More]