Je viens de faire la mise à jour d'#Authentik à la version 2.8.0. J'ai participé à la traduction de plusieurs dizaines de lignes via Transifex il y a quelques semaines, mais ça n'a pas été pris en compte. Du moins, pas dans leurs images docker... :flan_sad:
For anyone running #Apache #Guacamole for #RemoteDesktop stuff, build the server from source they say "has" to be built from source (?? Why??) or use Docker?
(Beginning to think I should have #Portainer on the #LXC container running #Authentik to manage stacks, but that's probably serious overkill versus just using watchtower to keep things updated)
#apache #guacamole #remotedesktop #portainer #lxc #authentik
I just had to steal this #meme from #reddit, it's about #selfhosting all your stuff. Instead of being relient on the constant threath of loosing your #google account. Or what about losing your centrally accessed #twitter account because #elonmusk thinks you are not worty of his platform?
This is the exact reason why I started to #selfhost more stuff like a #vaultwarden / #bitwarden vault, my own #authentik instance and for fun, a #warpgate instance. Planning to setup #portainer later probably.
#meme #reddit #selfhosting #google #twitter #elonmusk #selfhost #vaultwarden #bitwarden #authentik #warpgate #portainer
Current #homelab projects:
- migrating everything off of my first and primary server to others do I can start over with SSD storage to replace the current failing disks
- slowly migrating service into HashiCorp #nomad
- moving secrets into HashiCorp #vault and eventually using #1password as the backend
- need to setup sso, should I use # #keycloak, #authelia, or #authentik?
#homelab #nomad #vault #1password #keycloak #authelia #authentik
@bjoern Thanks for the update! I used to integrate my #authentik-instance with Nextcloud via SSO/SAML with help of this article - also worth a read, depending on your SSO-platform:
https://blog.cubieserver.de/2022/complete-guide-to-nextcloud-saml-authentication-with-authentik/ 👍🏻
Just managed to build my own #authentik instance and link it to my #Mastodon account to make use of an OAuth2/OpenID Provider-based login flow. Feeling quite blessed right now... 😇 #security #sso
#authentik #mastodon #security #sso
Like it says. I'm moving my apps (not blimps) to a new home server, which is running #proxmox, whereas I was running docker on ubuntu with Portainer to help out on my old Dell micro.
I'm unsure between #Keycloak and #Authentik as to which I should use. Already used Authentik but that's kinda #docker only now, which I don't have on Proxmox. Am unsure what to do. Losing LDAP sucks for VPN auth on pfSense. And keycloak seems complicated somehow?
Halp please.
#proxmox #keycloak #authentik #docker
Urrg.. I hate #discord! Searching for some #Oauth2 tingue i decided to give #authentik a try. It installed fine enough but something in connecting to my FreeIPA was not obvious. So I tried to access the discord group: Discord first tried to create a new account - then decided that my mail was already in use - not allowing me to login - and upon retry it now declares the invite from authentik invalid.
I dont get why any opensource project uses discord.
Yay, #Authentik working with undockerized #PostgreSQL, now to see how nice it is to work with for personal #SSO with #OIDC.
#authentik #postgresql #sso #oidc
So, Arbeiten sind abgeschlossen, ich präsentiere #SSO.
Da wir mittlerweile einige Dienste haben, die einen Log-in erfordern, dachte ich mir, es wäre für euch ein schönes Feature, wenn ihr nur einen Log-in benötigen würdet.
Daher gibt es jetzt eine #authentik Instanz, die darum kümmert.
@mike I can definitely recommend #authentik. I've been running an instance for quite a while, and it just continues to improve.
Update your #authentik #sso instance to 2022.11.4!
I've discovered CVE-2022-23555, which allows an attacker to access a different invitation flow than the one specified in the invite link! #CVE #security #infosec #vulnerability
#authentik #sso #cve #security #infosec #vulnerability
Still stuck on #authentik for some reason the auth cookies are set wrong. I am geting very annoyed.
Have been trying to set up #traefik and #authentik for the last week. It has not been going well
@yojimbo @lightweight I agree with the requirement for k8s as a must. Though, I think #authentik is aiming for larger use cases that have needs for these types of deployments anyway.
Also agree with the annoyance of doing support via Discord (only).
@lightweight Looks like #Authentik may be more what I'm looking for, as #Authelia seems to be more of a 'shielding proxy' in front.
https://goauthentik.io/
https://www.reddit.com/r/selfhosted/comments/q721e9/comment/hggnqsw/?context=3
Somewhat of an #InfoSec #Fail in #Authentik - https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf #CVE-2022-46145 - "Unauthorized user creation and potential account takeover"
Seems to have been handled well, and I'm still going to continue evaluating it for my own needs.
#infosec #fail #authentik #cve
@michcia https://goauthentik.io/docs/providers/ldap/
You can set up #Authentik, using either internal database for users, or external source, and then it has a concept of Outposts, one of things which they can do is act as an #LDAP server, though a bit limited, and expose that information to applications that don't understand #OIDC / #OAuth.
Another thing that an Outpost can apparently do is basically oauth2_proxy thing.
My #blog is back up and running using #ghost and #mysql now on the updated version because hey, if I had to redo everything why not update the whole shebang.
I rewrote a few of my old posts and will hopefully have all my old posts back soon when I write them. And new posts on the new services that I have started running.
#Ghost blog: https://stetsed.xyz/ghost-blog-with-mysql-backend/
#Gitea #Git sever: https://stetsed.xyz/selfhosted-git-server-with-gitea/
#authentik with #caddy reverse proxy: https://stetsed.xyz/authentik-with-docker-compose-setup/
And lastly remember everybody, don't work on production. It can never go well.
#blog #ghost #mysql #gitea #git #authentik #caddy #homelab #selfhosted #selfhosting
Just published a guide on how to use Caddy with Authentik authentiction. Quick writeup as I found it hard to find the info myself so I hope it helps incase anybody was thinking of setting something similar up.
https://stetsed.xyz/caddy-reverse-proxy-with-authentik-authentication/
#authentik #caddy #selfhosted #homelab