I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.
Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!
EDIT: currently using 80MB RAM for two users and three Service Providers.
I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.
Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!
EDIT: currently using 80MB RAM for two users and three Service Providers.
I think you can create a group for friends and a group for family. If you want more separation I think Authentik handles multi-tenancy as well
Saving this for all my future pro-systemd flames, thank you!
I’m using sops
with my GPG key currently.
Molise, Italy, which is a whole region that doesn’t exists!
I’m also leaving, migrates to infomaniak as a registrar, DeSec as DNS provider and Migadu for email… no regrets!
Sure, but it’s a question of principle. I try to use and support FLOSS software if possible.
Aw man… and I was just thinking about deploying Nomad in my homelab…
I found the definition of Coordi-Nations interesting. It could also be applied to hackerspaces/hackbases. I need to look into that
Perhaps you could find some info in the translation project wiki page?
Exactly this. In a federated network, the instance with the majority of users could dictate the protocol, forcing the smaller issues to continually adapt or die. See this post for a very real example of this.
The only alternative I know of that goes close to what FreeIPA does (minus the cert part) is kanidm. It does:
I just noticed they have a beta for multimaster replication, which is nice.
I use it at home. Note, though, that it does not do any hand-holding, and all configuration is done through CLI. Also note, there are docs for the stable or dev branch and there sometimes are big differences between the two.