I also went down this road recently, and discovered caddy-security, but I have security concerns [0]. Software always has vulnerabilities, but this was enough to scare me off. Something like keycloak or authentia seems more tested and secure.

[0] https://blog.trailofbits.com/2023/09/18/security-flaws-in-an...

> Software always has vulnerabilities

Yeah, that's an unfortunate reality, but

> The caddy-security plugin maintainers confirmed that there were no near-term plans to act on the reported vulnerabilities.

Ouch. That's a red flag, thanks for pointing it out. I guess it's time to check out Authelia (I think that's what you meant by authentia?).