What’s up, what’s down and what are you not sure about?

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

  • bluGill@fedia.io
    3·
    4 days ago

    Ann reason you choose authenik? There are a nmber of options and I’m not sure why to choose one over the other.

    • kate@lemmy.uhhoh.comEnglish
      6·
      3 days ago

      I did no research whatsoever and picked the one I’d seen the name of more often. I figured if it didn’t work for me I’d try something else, same as when plex wasn’t working for me so I switched to jellyfin. I have no idea how it compares to the other options but it feels pretty solid so far

    • dan@upvote.auEnglish
      5·
      4 days ago

      I’m not the person you’re replying to, but Authentik:

      • Has a UI for configuring it, including adding users.
      • Supports LDAP if you need it. Authelia needs a separate LDAP server.
      • Supports practically every two factor auth protocol you’d need: OIDC (OpenID Connect), OAuth2, SCIM, SAML, RADIUS, LDAP, and proxying for apps that don’t support any of them (which is getting rarer).
      • Supports permissions and permission groups, i.e. only allow certain users to access particular apps.
      • Can be used as the source of truth for Google Workspace and Microsoft Entra. Maybe not as relevant for home use.

      I haven’t tried Keycloak but I hear it’s pretty good, albeit a heavier app to deploy.

      I have tried Authelia, and it’s much less powerful than Authentik. Authelia requires you to manually modify config files rather than using a web UI. It also only supports OIDC (which is in beta) and proxying. Proxying is not recommended and has several issues since it’s not “true” single sign-on.

      • timbuck2themoon@sh.itjust.worksEnglish
        2·
        3 days ago

        Keycloak is very much lighter actually. Can run under half a gig ram whereas authentik uses about 1GB.

        Authelia is king though in running with just about 30MB of ram.

        • dan@upvote.auEnglish
          2·
          3 days ago

          That’s interesting… It used to be a lot heavier.

          Authelia is definitely the lightest in terms of RAM, but it’s also the lightest in terms of features. As far as I can remember, they only added OIDC support fairly recently - previously it only supported proxying.

      • sugar_in_your_tea@sh.itjust.worksEnglish
        3·
        3 days ago

        I’m considering Keycloak myself because it’s trusted by security professionals (I think it’s a RedHat project), whereas Authentik is basically a passion project.

        • StaticFlow@feddit.ukEnglish
          2·
          3 days ago

          I hear keycloak has quarkus builds as well these days which should be much slimmer than how it used to be built.

          • sugar_in_your_tea@sh.itjust.worksEnglish
            1·
            3 days ago

            I hadn’t heard of it, and looking into quarkus just reminded me of how complicated the whole Java ecosystem is. Gross.

            Hosting Go, Rust, etc stuff is dead simple, but with Java, there’s all this complexity…

            • dan@upvote.auEnglish
              2·
              3 days ago

              Nothing’s as bad as trying to host and maintain a Ruby on Rails app :)

              Docker has made a lot of it a non-issue though, since the apps are already preconfigured within the Docker image.