8x48/homepage
1
0
Fork 0
mirror of https://github.com/gethomepage/homepage.git synced 2026-02-08 00:40:52 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
8792337133118eebd95d8dc93b0c52454217f4f8
homepage/docs/installation/index.md
shamoon c4afced5fa Basic password
2026-02-04 21:29:01 -08:00

2.3 KiB
Raw Blame History

title, description, icon
title description icon
Installation Docs intro simple/docker

You have a few options for deploying homepage, depending on your needs. We offer docker images for a majority of platforms. You can also install and run homepage from source if Docker is not your thing. It can even be installed on Kubernetes with Helm.

!!! info

Please note that when using features such as widgets, Homepage can access personal information (for example from your home automation system) and Homepage currently does not (and is not planned to) include any authentication layer itself. Thus, we recommend homepage be deployed behind a reverse proxy including authentication, SSL etc, and / or behind a VPN.

Security & Authentication

Public deployments of Homepage should be secured via a reverse proxy, VPN, or similar. As of version 2.0, Homepage supports a simple authorization gate with a password or OIDC. When enabled, Homepage will use password login by default unless OIDC variables are provided.

Required environment variables for authentication:

  • HOMEPAGE_AUTH_ENABLED=true
  • HOMEPAGE_AUTH_SECRET (random string for signing/encrypting cookies)

For password-only login:

  • HOMEPAGE_AUTH_PASSWORD (password-only login; required unless OIDC settings are provided)

For OIDC login (overrides password login):

  • HOMEPAGE_OIDC_ISSUER (OIDC issuer URL, e.g., https://auth.example.com/realms/homepage)
  • HOMEPAGE_OIDC_CLIENT_ID
  • HOMEPAGE_OIDC_CLIENT_SECRET
  • HOMEPAGE_EXTERNAL_URL (external URL to your Homepage instance; used for callbacks)
  • Optional: HOMEPAGE_OIDC_NAME (display name), HOMEPAGE_OIDC_SCOPE (defaults to openid email profile)

All app pages and /api routes will require a signed-in session. Static assets remain public. Homepage still does not implement per-user dashboards or roles; authentication is a simple gate only.