For any self-hosted services you use, run something like Authentik and configure all the apps to use it for auth via OIDC (OpenID Connect). Makes the experience a lot nicer, instead of every service having its own separate user system.

slazer2au
link
fedilink
English
28M

You still want a local account though. Learnt that the hard way.

Why? In case authentik goes down, so you can recover data? Or something else?

I am settting up authentik and other selfhosted services right now and my plan was for authentik to have all the accounts.

shastaxc
link
fedilink
28M

I use Keycloak at work. How does Authentik compare?

I’ve never tried Keycloak so I’m not sure, sorry.

One feature Authentik has that I don’t think Authelia nor Keycloak support is operating as an LDAP server. With Authelia at least, you have to run a separate LDAP server if you need LDAP. With Authentik, it’s built in.

shastaxc
link
fedilink
18M

I guess I’ll have to do the research myself. Ohh bother. I can tell you that Keycloak can use a postgresql db or ldap but it is not built in. I honestly really dislike LDAP though. It’s an old protocol that has terrible client support and the only real reason to use it imo is if you need to support really high number of users and traffic, like in the millions.

I don’t like it either, but there’s probably some apps that only support LDAP.

Create a post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

  • Posts must be relevant to programming, programmers, or computer science.
  • No NSFW content.
  • Jokes must be in good taste. No hate speech, bigotry, etc.
  • 1 user online
  • 141 users / day
  • 300 users / week
  • 692 users / month
  • 2.83K users / 6 months
  • 1 subscriber
  • 1.56K Posts
  • 34.7K Comments
  • Modlog