There are reasons why I'm proud of my "home" setup:
1. It just works.
2. I know what I build, so I can fix it.
3. It's all a single login.
4. Maintenance is fully automated.
5. It federates in many ways and therefore doesn't limit, but enable me to share things.
What runs on my setup?
@sheogorath oh nice! I was looking at setting up keycloak last week. Currently I have a partial openLDAP backend. How'd you manage that?
@vbatts I don't use LDAP. I decided to not use it, due to a missing GUI for management.
I'm definitely capable of managing LDAP from the CLI, but to be honest, I simply don't want.
Therefore I use the keycloak internal user database and it seems to serve me well. We are talking about 5 users authenticating once a day in a worst case scenario, so performance is not that much of an issue.
@vbatts Except of the mail server which is confined by SELinux, everything is running in unprivileged containers.
And I rarely used ODIC, I think only for CodiMD. For everything else, I use SAML. (Mastodon for example, doesn't support OIDC and nextcloud has an official plugin for SAML but only an unofficial one for ODIC.)
This is my personal microblog. It's filled with my fun, joy and silliness.