Multiuser support #34

New issue

Closed

opened 2026-02-20 10:22:54 -05:00 by deekerman · 5 comments

deekerman commented

2026-02-20 10:22:54 -05:00

Owner

Originally created by @nomandera on GitHub (Feb 12, 2018).

It is understood that this is not a small request and will require considerable effort and discussion.

Currently I authenticate users with traditional HTTP auth (.htaccess etc) using the Letsencrypt container and subfolders of a single domain

e.g.

https://my.notreal.domain/nzbget
https://my.notreal.domain/nextcloud
...

A surprising amount of applications are happy to inherit these credentials if the app is in turn configured with identical users. The net result is if a user logs in once and they are then fed their own applications specifics without ever needing to log in again.

It would be ideal if Heimdall could

Support mutiuser
Support inherited HTTP auth
Allow the system admin account to control which app shortcuts each user can see to separate user links e.g. nextcloud from sysadmin links e.g. pihole

There is scope for unnecessary feature creep here but I cannot imagine a household application dashboard that is not multiuser capable.

Originally created by @nomandera on GitHub (Feb 12, 2018). It is understood that this is not a small request and will require considerable effort and discussion. Currently I authenticate users with traditional HTTP auth (.htaccess etc) using the Letsencrypt container and subfolders of a single domain e.g. https://my.notreal.domain/nzbget https://my.notreal.domain/nextcloud ... A surprising amount of applications are happy to inherit these credentials if the app is in turn configured with identical users. The net result is if a user logs in once and they are then fed their own applications specifics without ever needing to log in again. It would be ideal if Heimdall could - Support mutiuser - Support inherited HTTP auth - Allow the system admin account to control which app shortcuts each user can see to separate `user` links e.g. nextcloud from sysadmin links e.g. pihole There is scope for unnecessary feature creep here but I cannot imagine a household application dashboard that is not multiuser capable. related: https://github.com/linuxserver/Heimdall/issues/45

deekerman

2026-02-20 10:22:54 -05:00

closed this issue
added the
research
label

deekerman commented

2026-02-20 10:22:56 -05:00

Author

Owner

@aptalca commented on GitHub (Feb 12, 2018):

If you're already reverse proxying through letsencrypt, you can add .htpasswd support through the reverse proxy there.

I'm currently rp'ing Heimdall at the main as well as a subdomain through letsencrypt with .htpasswd. The only trick was to use the https port for Heimdall in the proxy_pass directive (with the http port, some links break)

@aptalca commented on GitHub (Feb 12, 2018): If you're already reverse proxying through letsencrypt, you can add .htpasswd support through the reverse proxy there. I'm currently rp'ing Heimdall at the main as well as a subdomain through letsencrypt with .htpasswd. The only trick was to use the https port for Heimdall in the proxy_pass directive (with the http port, some links break)

deekerman commented

2026-02-20 10:22:56 -05:00

Author

Owner

@KodeStar commented on GitHub (Feb 12, 2018):

That something worth adding to the readme @aptalca ?

@KodeStar commented on GitHub (Feb 12, 2018): That something worth adding to the readme @aptalca ?

deekerman commented

2026-02-20 10:22:56 -05:00

Author

Owner

@aptalca commented on GitHub (Feb 12, 2018):