• dan@upvote.au
    link
    fedilink
    arrow-up
    12
    ·
    9 months ago

    For any self-hosted services you use, run something like Authentik and configure all the apps to use it for auth via OIDC (OpenID Connect). Makes the experience a lot nicer, instead of every service having its own separate user system.

      • moonpiedumplings@programming.dev
        link
        fedilink
        arrow-up
        3
        ·
        9 months ago

        Why? In case authentik goes down, so you can recover data? Or something else?

        I am settting up authentik and other selfhosted services right now and my plan was for authentik to have all the accounts.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        I’ve never tried Keycloak so I’m not sure, sorry.

        One feature Authentik has that I don’t think Authelia nor Keycloak support is operating as an LDAP server. With Authelia at least, you have to run a separate LDAP server if you need LDAP. With Authentik, it’s built in.

        • shastaxc@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          I guess I’ll have to do the research myself. Ohh bother. I can tell you that Keycloak can use a postgresql db or ldap but it is not built in. I honestly really dislike LDAP though. It’s an old protocol that has terrible client support and the only real reason to use it imo is if you need to support really high number of users and traffic, like in the millions.

          • dan@upvote.au
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            I don’t like it either, but there’s probably some apps that only support LDAP.