mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.8K
active users

#authentik

3 posts3 participants0 posts today
Sebastian Mangelsdorf<p>Just did the chores and kicked out <a href="https://metalhead.club/tags/k3s" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>k3s</span></a>, <a href="https://metalhead.club/tags/longhorn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>longhorn</span></a>, <a href="https://metalhead.club/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> and <a href="https://metalhead.club/tags/tekton" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tekton</span></a>, hello <a href="https://metalhead.club/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> and <a href="https://metalhead.club/tags/hugo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hugo</span></a><br>Less complexity, more fun.</p>
Yehor 🇺🇦<p>I have <a href="https://techhub.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> now. Set it up for <a href="https://techhub.social/tags/Outline" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Outline</span></a>, <a href="https://techhub.social/tags/KitchenOwl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KitchenOwl</span></a>, and even <a href="https://techhub.social/tags/SynologyDSM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SynologyDSM</span></a>!<br><a href="https://techhub.social/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a> <a href="https://techhub.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://techhub.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://techhub.social/tags/selfhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhost</span></a></p>
tobias<p>Hab meinem blog mal ein neues theme verpasst, eine Anleitung zu <a href="https://social.xanten.cc/tags/tinyauth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tinyauth</span></a> geschrieben und die <a href="https://social.xanten.cc/tags/Immich" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Immich</span></a> und <a href="https://social.xanten.cc/tags/pocketid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pocketid</span></a> Anleitung an die neusten Versionen angepasst. </p><p>tinyauth ist ziemlich cool, ein super lightweight <a href="https://social.xanten.cc/tags/authelia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authelia</span></a> oder <a href="https://social.xanten.cc/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> alternative geschrieben in <a href="https://social.xanten.cc/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a> </p><p><a href="https://2tap2.be/posts/tinyauth/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">2tap2.be/posts/tinyauth/</span><span class="invisible"></span></a></p><p><a href="https://social.xanten.cc/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://social.xanten.cc/tags/opensouce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensouce</span></a> <a href="https://social.xanten.cc/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a></p>
gyptazy<p>Proxmox in Enterprises: I'm often asked, 'Can we use our Active Directory, LDAP, or OIDC with Proxmox?' Yes, you can!</p><p>Let's have quick dive into installing and configuring Authentik and configure Proxmox VE to use OIDC as an additional authentication realm.</p><p><a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxmox</span></a> <a href="https://mastodon.gyptazy.com/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ProxmoxVE</span></a> <a href="https://mastodon.gyptazy.com/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.gyptazy.com/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenID</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://mastodon.gyptazy.com/tags/OIDC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OIDC</span></a> <a href="https://mastodon.gyptazy.com/tags/EntraID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EntraID</span></a> <a href="https://mastodon.gyptazy.com/tags/enterprise" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>enterprise</span></a> <a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a></p><p><a href="https://gyptazy.com/proxmox-authentik-oidc-install-configure-and-connect-authentik-to-proxmox-ve/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gyptazy.com/proxmox-authentik-</span><span class="invisible">oidc-install-configure-and-connect-authentik-to-proxmox-ve/</span></a></p>
Chris Hayes<p>omg, what started as "let's bring Authentik up to the latest version",<br>turned into "Authentik requires Postgres to be upgraded",<br>turned into "Postgres needs me to dump and reimport the data to upgrade"<br>turned into "sh*t, my dump failed and I already deleted the docker volume"<br>turned into "my data is gone, and now I'm setting up a fresh Authentik server" <a href="https://floss.social/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://floss.social/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a></p>
Thestaroftheworlds<p><span class="h-card" translate="no"><a href="https://fuzzytacular.net/@dattas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>dattas</span></a></span> I still <br>Can't get it working</p><p>I created the authentik provider with application</p><p>But in Immich it asks for the issuer URL.</p><p>But what do I put. </p><p>Say my URL is dog.com and it forwards to my immich server where my authentik is also setup</p><p>So do I just put </p><p><a href="Https://www.dog.com/application/o/immich" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible"></span><span class="ellipsis">Https://www.dog.com/applicatio</span><span class="invisible">n/o/immich</span></a></p><p>I try this but no luck. So I'm stuck<br>It just spins and timesout</p><p><a href="https://meow.social/tags/immich" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>immich</span></a> <a href="https://meow.social/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a></p>
Rémi :heart_trans:<p>Anyone have leads on getting into the IT space ? I have experience maintaining services like <a href="https://tech.lgbt/tags/nextcloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextcloud</span></a> <a href="https://tech.lgbt/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> <a href="https://tech.lgbt/tags/Vaultwarden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vaultwarden</span></a> and many more. I also maintain physical servers that have a pretty high uptime.</p><p>I do also have customer service experience so I can do helpdesk for end users. </p><p>If you have any leads on US remote opportunities or would like to take a look at my resume to see if there's any way to spice it up to look more approachable for these types of positions, please let me know and lets get me <a href="https://tech.lgbt/tags/fedihired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fedihired</span></a> !</p>
Paco Hope #resist<p>So I was messing with <a href="https://infosec.exchange/tags/drupal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>drupal</span></a> in the <a href="https://infosec.exchange/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a> and I wanted to turn on <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> with <a href="https://infosec.exchange/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a>.</p><p>Somehow I didn’t find the official drupal OIDC module, I found this other one. I installed it, got it configured, and the first time I tried to login, it said “whoops, you have to purchase this module to use it.” Fine. I like supporting software, what does it cost?</p><p>$250/year!? To LOG IN? F that. </p><p>One of its key selling points is how easy it is to configure. If I was configuring it often, maybe I could see that. But OIDC and SAML are the kinds of things you set up once per lifetime. Make it as hard as you want (many apps do!) I only have to get through it once.</p><p>I mean $10? Even as much as maybe $50 I might have paid once. But I refuse to pay annually for the ability to login. <br><a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a></p>
Audric<p><a href="https://tkz.one/tags/ayuda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ayuda</span></a> fediverso <a href="https://tkz.one/tags/tailscale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tailscale</span></a> <a href="https://tkz.one/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <br><a href="https://tkz.one/tags/ayudaTec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ayudaTec</span></a> </p><p>estoy probando nuevo setup red interna, usando funnel (tailscale serve) para exponer en web (dentro de tailscale) aplicaciones en la raspberry. ejemplo:<br>tengo <a href="https://tkz.one/tags/komodo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>komodo</span></a> en 127.0.0.1:9120. pero quiero poner varios funnels a la vez, como por ejemplo cockpit en 9090. se puede con --set-path</p><p><a href="https://tailscale.com/kb/1242/tailscale-serve#serve-command-flags" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tailscale.com/kb/1242/tailscal</span><span class="invisible">e-serve#serve-command-flags</span></a></p><p>y funciona:<br>(vease primer pantallazo)</p><p>pero no me cargan las aplicaciones. por el puto path. vease segundo pantallazo</p><p>las aplicaciones buscan todos los archivos en el root / y no en /komodo /cockpit. o lo que sea. y como resultado, no carga nada. todo roto</p><p>probe poner un reverse proxy y hacerle rewrite a las urls. pero aparte de ya parecerme muy absurdo: no puedo. al intentar desplegar nginx proxy manager (pero me pasaria con cualquier otro) me dice, con razon: que el puerto 443 esta siendo utilizado ya y que me peine. </p><p>(siento la parrafada, pero por explicarme bien, si alguien me puede dar otra solucion) la intencion de todo eso es hacer segura una red interna en la raspberry que pueda acceder servicios por urls sin saberme de memoria todos los puertos, y que pueda usar un gestor de contraseña para cada servicio sin tener que hacer copiar pegar manualmente porque no entienden de puertos.</p><p>problema muy primer mundista, ya lo se. pero me divierte.</p><p>idealmente quisiera poner un IAM como <a href="https://tkz.one/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://tkz.one/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://tkz.one/tags/authelia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authelia</span></a> o alguno de esos, con 2FA. pero soy demasiado inutil para configurarlos. me viene muy grande ese mundo aun. pero seria el objetivo final.</p><p><span class="h-card" translate="no"><a href="https://xarxa.cloud/@t3rr0rz0n3" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>t3rr0rz0n3</span></a></span> <span class="h-card" translate="no"><a href="https://rebel.ar/@matiargs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>matiargs</span></a></span> <br><span class="h-card" translate="no"><a href="https://tkz.one/@trankten" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>trankten</span></a></span> <span class="h-card" translate="no"><a href="https://neopaquita.es/@sam" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>sam</span></a></span> <span class="h-card" translate="no"><a href="https://gts.maverick-hq.org/@z3r0" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>z3r0</span></a></span></p>
Chad :vbike:<p>Anyone else out there running authentik in their home network? I’m starting to roll it out on my public-facing apps, but I’m nervous about adding another layer to the cake.</p><p><a href="https://vault37.xyz/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://vault37.xyz/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HomeLab</span></a> <a href="https://vault37.xyz/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://vault37.xyz/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://vault37.xyz/tags/selfhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhost</span></a></p>
Steffo :steffo:<p>So... I switched from Keycloak to authentik. And this is how it went!</p><p><a href="https://steffo.blog/i-switched-from-keycloak-to-authentik/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">steffo.blog/i-switched-from-ke</span><span class="invisible">ycloak-to-authentik/</span></a></p><p>Sure, it's not the best blog post, but it's better than nothing, I guess.</p><p><a href="https://fellies.social/tags/blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blog</span></a> <a href="https://fellies.social/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://fellies.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://fellies.social/tags/selfhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhost</span></a></p>
Nic Roland :mastodon:<p>Okay, authentik is up! Took a while, I was fighting against flux and the helm release because it deployed with the wrong StorageClass (I forgot to have that configuration ready before release.) Helm wasn't able to modify the PVC because they're immutable, updating the release has to wait for the initial release to succeed (which it won't) or timeout and flux is quiet on the reasons for all of this unless you know where to look 😔 lots of learning was had though! </p><p>Anyway, admin and personal user accounts created, MFA enabled. Got my first application integrated too! (actual budget)</p><p>What next? The world is my oyster... Probably gitea or semaphore. I'm hesitant to integrate services like jellyfin before I have more users onboarded and this gives me an opportunity to experiment with other edge cases like other providers and service accounts and such </p><p><a href="https://techhub.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://techhub.social/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a> <a href="https://techhub.social/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://techhub.social/tags/sso" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sso</span></a> <a href="https://techhub.social/tags/fluxcd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fluxcd</span></a> <a href="https://techhub.social/tags/gitops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gitops</span></a> <a href="https://techhub.social/tags/helm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>helm</span></a></p>
Habr<p>Мой опыт настройки SSO OpenID Connect в 1С с помощью Authentik</p><p>При внедрении единой системы аутентификации в компании я столкнулся с задачей организовать SSO-доступ к 1С через протокол OpenID Connect. За основу я взял статью на InfoStart ( <a href="https://infostart.ru/1c/articles/1538390/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infostart.ru/1c/articles/15383</span><span class="invisible">90/</span></a> ), однако в качестве провайдера аутентификации использовал не Keycloak, как в оригинале, а Authentik — современную и удобную альтернативу с простым UI и богатым функционалом.</p><p><a href="https://habr.com/ru/articles/895294/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/895294/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/sso" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sso</span></a> <a href="https://zhub.link/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://zhub.link/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://zhub.link/tags/1c" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1c</span></a> <a href="https://zhub.link/tags/%D1%82%D1%83%D1%82%D0%BE%D1%80%D0%B8%D0%B0%D0%BB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>туториал</span></a></p>
Robin Vleij<p>Spent way too much time today setting up <a href="https://social.vleij.com/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> and moving over my self hosted stuff to SSO... Good stuff.</p>
christianlempa<p>Check out this insightful 🎬 video, in which I show you how to set up a self-hosted AI platform in your HomeLab using :</p><p>- Ollama<br>- OpenWebUI<br>- Traefik<br>- Authentik</p><p>Watch Now &amp; Subscribe 👉&nbsp;<a href="https://youtu.be/RQFfK7xIL28?si=6hVHdWZL0VFTDsf8" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/RQFfK7xIL28?si=6hVHdW</span><span class="invisible">ZL0VFTDsf8</span></a></p><p><a href="https://mastodon.social/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HomeLab</span></a> <a href="https://mastodon.social/tags/Ollama" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ollama</span></a> <a href="https://mastodon.social/tags/OpenWebUI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenWebUI</span></a> <a href="https://mastodon.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Traefik</span></a> <a href="https://mastodon.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.social/tags/TechTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechTips</span></a></p>
NobleMajo<p>I have now installed and tested Authentik for CoreUnit.NET. So far I am satisfied. Keycloak, dex and other IDP's made me dissatisfied in some steps. As a developer I just dont like the container image taging, please use semver so I can pin major/minor versions. </p><p><a href="https://mastodon.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.social/tags/CoreUnitNET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CoreUnitNET</span></a> <a href="https://mastodon.social/tags/IDP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IDP</span></a> <a href="https://mastodon.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://mastodon.social/tags/Dex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dex</span></a> <a href="https://mastodon.social/tags/Containerization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Containerization</span></a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareDevelopment</span></a> <a href="https://mastodon.social/tags/SemVer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SemVer</span></a> <a href="https://mastodon.social/tags/VersionControl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VersionControl</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdentityManagement</span></a> <a href="https://mastodon.social/tags/DeveloperExperience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeveloperExperience</span></a> <a href="https://mastodon.social/tags/TechSatisfaction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechSatisfaction</span></a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://mastodon.social/tags/OAUTH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAUTH</span></a></p>
viq<p>Running <a href="https://social.hackerspace.pl/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> with `latest` tag was convenient for <a href="https://social.hackerspace.pl/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a>, but they're moving away from making it possible (edit: from having :latest tag available, nothing else changes). What are the alternatives? Is there maybe something like "<a href="https://social.hackerspace.pl/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a> but for <a href="https://social.hackerspace.pl/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> images"? (I'm currently running on <a href="https://social.hackerspace.pl/tags/podman" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>podman</span></a> on nixos, but I'm considering finally playing with <a href="https://social.hackerspace.pl/tags/k8s" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>k8s</span></a>, and regardless, this should be able to make it so I have proper image on nixos as well, I think)</p>
Zrnek<p>Když už používáte ten <a href="https://mastodonczech.cz/tags/cloudflaretunnel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudflaretunnel</span></a> pro přístup k docker aplikacím na vaší NAS, tak <a href="https://mastodonczech.cz/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> je vlastně dobrá věcička. Aspoň nemusíte vyplňovat email a zadávat pin kód. Ale on se dá použít i pro login i do těch aplikací. A můžete ho hostit u sebe. <a href="https://mastodonczech.cz/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://goauthentik.io/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">goauthentik.io/</span><span class="invisible"></span></a></p>
Oliver<p>Has anyone managed to implement a password expiration policy in an <a href="https://lfnt.site/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> flow? </p><p>There's little to no documentation available and I can't figure it out for the life of me 🙈</p>
The Uberduck<p>I'm looking at setting up a bunch of self hosted services to replace our (self, family, friends) dependence on corporate cloud stuff. Email (custom, since none of the Just Add Server offerings do everything I need for free), shared drive (likely nextcloud, ugh), docs (likely collabora), jitsi for video, discourse for group forums, and so on. </p><p>I'd like to make all of this SSO, to the extent that it reasonably can be. </p><p>I'm probably going to use FreeIPA as the identity source of truth, but I'm finding that there are enough new things I need to learn about centralized authentication that I'm having a hard time finding a starting point that doesn't require a bunch of other context. So I'm asking for help. </p><p>Does anyone know of a good guide to these sorts of concepts, preferably available online? I'm familiar with most of the other Linux sysadmin concepts and have plenty of hardware and bandwidth at my disposal.</p><p><a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://hachyderm.io/tags/SelfHostedApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHostedApps</span></a> <a href="https://hachyderm.io/tags/freeipa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freeipa</span></a> <a href="https://hachyderm.io/tags/ldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ldap</span></a> <a href="https://hachyderm.io/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://hachyderm.io/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://hachyderm.io/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://hachyderm.io/tags/authelia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authelia</span></a> <a href="https://hachyderm.io/tags/kerberos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kerberos</span></a> <a href="https://hachyderm.io/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://hachyderm.io/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a></p>