Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
I used to think Authelia will allow you to consume external SSO… turns out I was wrong, maybe? So now I think I’m the odd ball here and think it might not be a good idea to deploy Authelia.
Here’s my thought process:
I have some apps I want to secure — they may or may not have already got a bake in authentication where they’ve got my password (ideally, just for that one app managed via password manager, but I’ll be the first to admit that’s not always the case). Passwords are icky, and even though they’re hashed, ideally hundreds of thousands of times, a leak / compromise is not unheard of.
Now, in order to secure these apps, the last thing I want is now to also worry about another app storing the password becoming the single point of failure.
In my mind, if it is literally just for me, I’d look at getting my reverse proxy to handle forward auth via OAuth to some much larger and trusted provider with MFA — Google, Microsoft, GitHub, etc. — and trust that their entire department responsible for auth will be smarter than some open source deployment I try to maintain/keep up.
In my mind, if it is more than just me, I’d look at getting something to consume multiple external providers, such that allows for the users to choose their desired provider, as well as allow me to slap an unified branding. So in this case I’d be looking at something like Authentik, Keycloak, or FusionAuth.
I just really don’t want to deal with handling/storing passwords.
But hey what kind of issues are you running into with Authelia? Is it just deploying/setting up? Or is it integrating with their supported identity provider (ie ldap)? Or something else all together?
Thanks for the advice! I'd personally like to stay away from big companies, I made the server in the first place to escape from them, so it'd be weird for me to still use them. Maybe if I had a password manager or something sensetive I'd go with external so though
Problems I was having were just with the setup, problems with redis and mariadb, and getting them all linked together. I can attach some relevant logs if you're willing to help, thanks!!!
I haven’t deployed Authelia specifically before so I probably won’t be the best when it comes to debugging. But i’d be happy to take a look if you think an extra fresh pair of eyes might help :)