There are reasons why I'm proud of my "home" setup:

1. It just works.
2. I know what I build, so I can fix it.
3. It's all a single login.
4. Maintenance is fully automated.
5. It federates in many ways and therefore doesn't limit, but enable me to share things.

What runs on my setup?

- for authentication
- as microblog
- for storage
- Synapse for as chat
- Postfix/dovecot/SOGo for email
- for notes
- And to rule and maintain it.

And for those who wonder how it works, well, it's all publicly available:

For the non-federated services (CodiMD and GitLab) you can actually sign-up on keycloak and get access to them.

It's easy, it's fast and the entire backend is encrypted. There are also automated daily backups to another cloud provider. And hosting static websites is available as well.

Take time, build things slowly but steady and you'll get wonderful integrated services.

@sheogorath oh nice! I was looking at setting up keycloak last week. Currently I have a partial openLDAP backend. How'd you manage that?

@vbatts I don't use LDAP. I decided to not use it, due to a missing GUI for management.

I'm definitely capable of managing LDAP from the CLI, but to be honest, I simply don't want.

Therefore I use the keycloak internal user database and it seems to serve me well. We are talking about 5 users authenticating once a day in a worst case scenario, so performance is not that much of an issue.

@sheogorath do you run it in a container, or just have the wildfly server running on the host? Are you using the OIDC as well?

@vbatts Except of the mail server which is confined by SELinux, everything is running in unprivileged containers.

And I rarely used ODIC, I think only for CodiMD. For everything else, I use SAML. (Mastodon for example, doesn't support OIDC and nextcloud has an official plugin for SAML but only an unofficial one for ODIC.)

@sheogorath What backends is Keycloak using?
I have Keycloak running, and authenticating against my FreeIPA servers, but to be honest I haven't really pointed anything to actually use Keycloak yet 😂

@mhamzahkhan I actually use the keycloak internal user backend. I thought about using LDAP but 🤷 There is no really nice management interface for LDAP (besides freeIPA but I don't use that because k5 over the internet is tricky, it's hard to containerize, …) and at the end of the day, for 5 users authenticating once a day in worst case, it's really not needed.

@sheogorath 6. It takes up every minute of your free time... but you wouldn't swap it for anything :)

Mine is...
Nextcloud/collabora office
A Wordpress blog

@m4rk see, exactly that is not what I want it to be. Yes, it can take up an evening to try something new, to change something etc. But it shouldn't take your free time when you decide that you need free time. That's why updates are automated pretty much completely. And everything is buiod on a well-aging distribution.

@sheogorath admittedly, I could have made it much easier for myself... I just can't resist tinkering though! In all honesty, I'm a person that struggles to relax and so I often end up generating extra work to keep my head busy.

@sheogorath >codiMD

Dude/Dudette, this is a short note to say thank you. I never knew this exists, but now I want to try it. I want my notes somewhere other than my machine.

Thank you again, your setup notes have helped make a life better.

@m4iler Hope you don't get confused about "Which CodiMD" as sadly, there are two. I'm currently the maintainer of @CodiMD which you can find at

We sadly had to hardfork a few months ago and still fight to keep the name :/

@sheogorath @CodiMD Call it MD++ and you're golden.

Also, don't worry, I'll go through YOUR gitlab to find it, once I get to installing it.

(just a thought from a wanker on the internet)

Sign in to participate in the conversation
Sheogorath's Microblog

This is my personal microblog. It's filled with my fun, joy and silliness.