Benny<p>What a successful evening! 💪 Not only did I replace <a href="https://mastodontech.de/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> with <a href="https://mastodontech.de/tags/TinyAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TinyAuth</span></a> as the <a href="https://mastodontech.de/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> Forward Auth Provider, but I also resolved the integration issue between <a href="https://mastodontech.de/tags/PocketID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PocketID</span></a> and <a href="https://mastodontech.de/tags/Beszel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Beszel</span></a>. This allowed me to remove Authentik from my <a href="https://mastodontech.de/tags/k3s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k3s</span></a> cluster and reclaim some resources. </p><p><a href="https://mastodontech.de/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeLab</span></a> <a href="https://mastodontech.de/tags/Selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Selfhosted</span></a></p>
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.
Administered by:
Server stats:
481active users
101010.pl: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.5.0-alpha.2
#authentik
0 posts · 0 participants · 0 posts today
Brian McGonagill<p>Just updated my <a href="https://fosstodon.org/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> beyond 2025.2.2, and had to do a <a href="https://fosstodon.org/tags/PostgreSQL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostgreSQL</span></a> data migration and update for it. If you are about to attempt it, use these instructions. <a href="https://docs.goauthentik.io/docs/troubleshooting/postgres/upgrade_docker" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.goauthentik.io/docs/troub</span><span class="invisible">leshooting/postgres/upgrade_docker</span></a></p>
Makary<p>So, since I need <a href="https://gts.makary.online/tags/mobilizon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mobilizon</span></a> to use <em>only</em> my external <a href="https://gts.makary.online/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> for user base, I think I'll try to set it up via <a href="https://gts.makary.online/tags/ldap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LDAP</span></a> instead of <a href="https://gts.makary.online/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a>, since when OIDC is plugged in, it still offers it's own login form, and that's not something I like or want, fingers crossed</p>
readme.makary.online<p>So, I think I'm almost ready for some open beta of the registration on my project. Yay me?
Summary is as follows:
1. I want to run a federated discussion forum using <a href="https://readme.makary.online/tag:Mbin" class="hashtag" rel="nofollow noopener" target="_blank"><span>#</span><span class="p-category">Mbin</span></a>
2. Because I will want to put another services as a part of the same project/domain, including but not limited to <a href="https://readme.makary.online/tag:mobilizon" class="hashtag" rel="nofollow noopener" target="_blank"><span>#</span><span class="p-category">mobilizon</span></a>, and maybe even multi-user <a href="https://readme.makary.online/tag:writefreely" class="hashtag" rel="nofollow noopener" target="_blank"><span>#</span><span class="p-category">writefreely</span></a>, I need something to handle authentication and user access to all of them
3. Initially I wanted to go with <a href="https://readme.makary.online/tag:Zitadel" class="hashtag" rel="nofollow noopener" target="_blank"><span>#</span><span class="p-category">Zitadel</span></a>, but I realised that it has baked in First and Last name required fields, and to be honest, I am absolutely not interested in this data, and even explicitly <em>don't want to</em> have to keep and process it; so I don't really want to make my users have to fill this out
4. I stumbled upon <a href="https://readme.makary.online/tag:authentik" class="hashtag" rel="nofollow noopener" target="_blank"><span>#</span><span class="p-category">authentik</span></a>, and while I appreciate possibility of setting up complex auth flows and such without the need to touch raw code, it seemed a little bit daunting.
5. I found a set of really awesome tutorials by <a href="https://www.youtube.com/playlist?list=PLH73rprBo7vSkDq-hAuXOoXx2es-1ExOP" rel="nofollow noopener" target="_blank">Cooptonian on YouTube</a>, and I managed to solve not only setup, connecting the client apps, emails and password recovery, but also I got a way better grip on the inner workings of Authentik, and feel confident that if I need to do some minor tweaks to it, I will be able to.
6. I hope I will deploy the pemultimate flow today, that is the signup/invitation flow, and I will be ready to invite selected amount of people for some tests of the project, so hang on tight!</p>
<p>If you got that far, thank you for reading, I will write more on that (and unveil a related thing!) in the upcoming days, so come back!
You can also give this blog a follow at <a href="https://readme.makary.online" rel="nofollow noopener" target="_blank">https://readme.makary.online</a>, on your RSS reader at <a href="https://readme.makary.online/feed" rel="nofollow noopener" target="_blank">https://readme.makary.online/feed</a>, or on your favourite Mastodon/Fediverse account at <a href="https://readme.makary.online/@/makary@readme.makary.online" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>makary@readme.makary.online</span></a>
Be warned tho, that it was created with more technical posts in mind!</p>
Yehor 🇺🇦<p>I have <a href="https://techhub.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> now. Set it app for <a href="https://techhub.social/tags/Outline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Outline</span></a>, <a href="https://techhub.social/tags/KitchenOwl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KitchenOwl</span></a>, and even <a href="https://techhub.social/tags/SynologyDSM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SynologyDSM</span></a>!<br><a href="https://techhub.social/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> <a href="https://techhub.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://techhub.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a> <a href="https://techhub.social/tags/selfhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhost</span></a></p>
gyptazy<p>Proxmox in Enterprises: I'm often asked, 'Can we use our Active Directory, LDAP, or OIDC with Proxmox?' Yes, you can!</p><p>Let's have quick dive into installing and configuring Authentik and configure Proxmox VE to use OIDC as an additional authentication realm.</p><p><a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxmox</span></a> <a href="https://mastodon.gyptazy.com/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProxmoxVE</span></a> <a href="https://mastodon.gyptazy.com/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.gyptazy.com/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenID</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://mastodon.gyptazy.com/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://mastodon.gyptazy.com/tags/EntraID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EntraID</span></a> <a href="https://mastodon.gyptazy.com/tags/enterprise" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>enterprise</span></a> <a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p><p><a href="https://gyptazy.com/proxmox-authentik-oidc-install-configure-and-connect-authentik-to-proxmox-ve/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gyptazy.com/proxmox-authentik-</span><span class="invisible">oidc-install-configure-and-connect-authentik-to-proxmox-ve/</span></a></p>
Chad :vbike:<p>Anyone else out there running authentik in their home network? I’m starting to roll it out on my public-facing apps, but I’m nervous about adding another layer to the cake.</p><p><a href="https://vault37.xyz/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://vault37.xyz/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeLab</span></a> <a href="https://vault37.xyz/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a> <a href="https://vault37.xyz/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://vault37.xyz/tags/selfhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhost</span></a></p>
NobleMajo<p>I have now installed and tested Authentik for CoreUnit.NET. So far I am satisfied. Keycloak, dex and other IDP's made me dissatisfied in some steps. As a developer I just dont like the container image taging, please use semver so I can pin major/minor versions. </p><p><a href="https://mastodon.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.social/tags/CoreUnitNET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CoreUnitNET</span></a> <a href="https://mastodon.social/tags/IDP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IDP</span></a> <a href="https://mastodon.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> <a href="https://mastodon.social/tags/Dex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dex</span></a> <a href="https://mastodon.social/tags/Containerization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Containerization</span></a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareDevelopment</span></a> <a href="https://mastodon.social/tags/SemVer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SemVer</span></a> <a href="https://mastodon.social/tags/VersionControl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VersionControl</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentityManagement</span></a> <a href="https://mastodon.social/tags/DeveloperExperience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeveloperExperience</span></a> <a href="https://mastodon.social/tags/TechSatisfaction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechSatisfaction</span></a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> <a href="https://mastodon.social/tags/OAUTH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAUTH</span></a></p>
viq<p>Running <a href="https://social.hackerspace.pl/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> with `latest` tag was convenient for <a href="https://social.hackerspace.pl/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a>, but they're moving away from making it possible (edit: from having :latest tag available, nothing else changes). What are the alternatives? Is there maybe something like "<a href="https://social.hackerspace.pl/tags/dependabot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dependabot</span></a> but for <a href="https://social.hackerspace.pl/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> images"? (I'm currently running on <a href="https://social.hackerspace.pl/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> on nixos, but I'm considering finally playing with <a href="https://social.hackerspace.pl/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a>, and regardless, this should be able to make it so I have proper image on nixos as well, I think)</p>
Zrnek<p>Když už používáte ten <a href="https://mastodonczech.cz/tags/cloudflaretunnel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudflaretunnel</span></a> pro přístup k docker aplikacím na vaší NAS, tak <a href="https://mastodonczech.cz/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> je vlastně dobrá věcička. Aspoň nemusíte vyplňovat email a zadávat pin kód. Ale on se dá použít i pro login i do těch aplikací. A můžete ho hostit u sebe. <a href="https://mastodonczech.cz/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://goauthentik.io/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">goauthentik.io/</span><span class="invisible"></span></a></p>
The Uberduck<p>I'm looking at setting up a bunch of self hosted services to replace our (self, family, friends) dependence on corporate cloud stuff. Email (custom, since none of the Just Add Server offerings do everything I need for free), shared drive (likely nextcloud, ugh), docs (likely collabora), jitsi for video, discourse for group forums, and so on. </p><p>I'd like to make all of this SSO, to the extent that it reasonably can be. </p><p>I'm probably going to use FreeIPA as the identity source of truth, but I'm finding that there are enough new things I need to learn about centralized authentication that I'm having a hard time finding a starting point that doesn't require a bunch of other context. So I'm asking for help. </p><p>Does anyone know of a good guide to these sorts of concepts, preferably available online? I'm familiar with most of the other Linux sysadmin concepts and have plenty of hardware and bandwidth at my disposal.</p><p>If you don't have an answer but have followers who might, boosts would be appreciated.</p><p><a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a> <a href="https://hachyderm.io/tags/SelfHostedApps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHostedApps</span></a> <a href="https://hachyderm.io/tags/freeipa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freeipa</span></a> <a href="https://hachyderm.io/tags/ldap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ldap</span></a> <a href="https://hachyderm.io/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> <a href="https://hachyderm.io/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://hachyderm.io/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://hachyderm.io/tags/authelia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authelia</span></a> <a href="https://hachyderm.io/tags/kerberos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kerberos</span></a> <a href="https://hachyderm.io/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a> <a href="https://hachyderm.io/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a></p>
Jonathan Cremin<p>I set up Pocket ID (<a href="https://docs.pocket-id.org/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">docs.pocket-id.org/</span><span class="invisible"></span></a>) for self-hosted OIDC SSO at the weekend. It was incredibly simple to get going (though testing out Authentik taught me a lot that carried over). I'd been ignoring Passkeys up until now, and it's the only credential type Pocket ID supports. I think I'm sold on them now, though the story on migrating them is still poor.</p><p><a href="https://social.crem.in/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a> <a href="https://social.crem.in/tags/pocketid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pocketid</span></a> <a href="https://social.crem.in/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://social.crem.in/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a></p>
Paco Hope #resist<p>For about 30 years I have <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> my <a href="https://infosec.exchange/tags/email" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>email</span></a>. Just family and friends on there. About 7-8 people. About 6 months ago I converted the <a href="https://infosec.exchange/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> to using <a href="https://infosec.exchange/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> for single sign on. For the first time in those 30 years, my users can change their own passwords and recover them if they lose them. 🤷♂️</p><p>Interestingly, the “I forgot my password” workflow is not built and turned on by default in authentik. It’s easy to add and the steps are clear, but you have to turn that on.</p>
Rad Web Hosting<p>Install Authentik IdP on Debian VPS<br><a href="https://mastodon.social/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://mastodon.social/tags/certbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>certbot</span></a> <a href="https://mastodon.social/tags/debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>debian</span></a> <a href="https://mastodon.social/tags/debian12" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>debian12</span></a> <a href="https://mastodon.social/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker</span></a> <a href="https://mastodon.social/tags/identityprovider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identityprovider</span></a> <a href="https://mastodon.social/tags/installguide" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>installguide</span></a> <a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>letsencrypt</span></a> <a href="https://mastodon.social/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.social/tags/reverseproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseproxy</span></a> <a href="https://mastodon.social/tags/vpsguide" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpsguide</span></a> <a href="https://mastodon.social/tags/Cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloud</span></a> <a href="https://mastodon.social/tags/Guides" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Guides</span></a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VPS</span></a> <br><a href="https://blog.radwebhosting.com/install-authentik-idp-on-debian-vps" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.radwebhosting.com/install</span><span class="invisible">-authentik-idp-on-debian-vps</span></a></p>
La Contre-Voie<p>À La Contre-Voie, ces deux dernières années, nous avons testé plus d’une dizaine d’outils d’authentification centralisée (<a href="https://toot.aquilenet.fr/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a>)… On vous livre les conclusions de nos recherches !<br><a href="https://lacontrevoie.fr/blog/2024/comparatif-de-onze-solutions-de-sso-libres/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lacontrevoie.fr/blog/2024/comp</span><span class="invisible">aratif-de-onze-solutions-de-sso-libres/</span></a></p><p>La semaine prochaine, nous vous présenterons notre troisième et dernier article sur la partie technique de notre association, avec un coup de projecteur sur nos « fermes à services » :)</p><p><a href="https://toot.aquilenet.fr/tags/authelia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authelia</span></a> <a href="https://toot.aquilenet.fr/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://toot.aquilenet.fr/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://toot.aquilenet.fr/tags/ory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ory</span></a> <a href="https://toot.aquilenet.fr/tags/canaille" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>canaille</span></a> <a href="https://toot.aquilenet.fr/tags/zitadel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zitadel</span></a></p>
Felix<p>It would be super helpful, if <a href="https://social.linux.pizza/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> would keep their patch-updates free from breaking changes;<br>just updated from 2024.10.1 -> 2024.10.4 and now the oauth-proxy-outpost is no longer working.<br>This makes people afraid of updates and we don't want people to not update their security-applications.</p><p><a href="https://social.linux.pizza/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://social.linux.pizza/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Ihr wollt #Mastodon auch mit (zusätzlichem) #SSO betreiben? Eure bisherigen Nutzer sollen dabei erhalten bleiben?
Ich hab da was zusammen gesucht aus der Dokumentation und verschiedenen Issues auf Github. Hier eine funktionierende Konfiguration. Ich verwende sie selbst in Verbindung mit #authentik
https://crypt.storagemte.eu/code/#/2/code/view/BSTU+Rg5Wfxl-nRt0ATUrHr86IeqYwhD5kOyMmJfYFQ/
Bitte beachtet, das ihr bei Mastodon dieselbe E-Mailadresse wie in eurem Identitätsprovider haben müsst!
crypt.storagemte.euEncrypted CodeCryptPad: end-to-end encrypted collaboration suite
️
Je me suis mis en tête de configurer un serveur d'authentification pour centraliser et simplifier un peu l'accès aux services auto-hébergés que j'ai mis en place pour la famille et les amis.
Donc je découvre OAuth/OpenID d'un peu plus près que ce que j'ai pu faire auparavant.
Eh ben pour certaines applis c'est 2 modifs, on relance et ça marche tout seul, mais pour d'autres c'est une telle plaie si tu veux pouvoir conserver tes utilisateurs locaux préexistants... 
I had a vauge failure message when trying to login to #tailscale with my OIDC provider via #authentik
After a some yak shaving fixing my kubeconfig to get into my cluster, fix the broken webfinger implementation to work correctly again, and it turns out that the signing certificate used for the provider in Authentik had expired and needed replacing with a new RSA based cert.
Why is nothing ever a simple fix in #selfhosting land...
#authentik is an #IdP (Identity Provider) and #SSO (single sign on) that is built with #security at the forefront of every piece of code, every feature, with an emphasis on flexibility and versatility.
goauthentik.ioWelcome | authentikBring all of your authentication into a unified platform.
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload