g5pw

joined 1 year ago
[–] [email protected] 7 points 1 day ago

Thank you, this was actually inspiring. I’d like to imagine I was making a better world before, and will continue to do so with all my strengths.

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago)

Aaaah, finalmente la mia pigrizia viene premiata… era nel mio backlog tirare su Omnivore ma non l’ho ancora fatto… mi orienterò su qualcos’altro…

[–] [email protected] 4 points 2 months ago

There’s SwiftFin, but it’s been a while from the last update (iOS app was updated recently though) and there’s a number of issues. It’s usable though (I’m using it).

[–] [email protected] 7 points 3 months ago (1 children)

There’s LaserWeb but apparently it doesn’t support closed source (Chinese) firmware so you’d need to change your laser’s controller…

[–] [email protected] 11 points 6 months ago (1 children)

The only alternative I know of that goes close to what FreeIPA does (minus the cert part) is kanidm. It does:

  • oauth2
  • ssh key distribution
  • RADIUS
  • PAM/SSSD
  • LDAP

I just noticed they have a beta for multimaster replication, which is nice.

I use it at home. Note, though, that it does not do any hand-holding, and all configuration is done through CLI. Also note, there are docs for the stable or dev branch and there sometimes are big differences between the two.

[–] [email protected] 1 points 7 months ago (1 children)

I mean, it is a bit rough, they’re not at 1.0 yet, also: are you looking at the stable or latest docs? That may be the reason the commands do not match with the docs.

[–] [email protected] 1 points 7 months ago (3 children)

I didn’t have any issues, do you see anything in the logs?

[–] [email protected] 1 points 7 months ago (5 children)

Yeah, sounds like a security feature… I was able to configure Traefik to connect with TLS, verifying the peer certificate.

[–] [email protected] 1 points 7 months ago (7 children)

Yes, it should cover all the use cases you mention!

I use oauth2-proxy as ForwardAuth on Traefik so I can protect apps that do not support OAuth/OIDC login/

[–] [email protected] 15 points 7 months ago* (last edited 7 months ago) (11 children)

I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.

Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!

EDIT: currently using 80MB RAM for two users and three Service Providers.

[–] [email protected] 0 points 8 months ago* (last edited 8 months ago) (1 children)

Hey there! I’m also a fellow Reddit expat, deleted my logins in the day the API limits went into effect.

I’m coming from a long pause in activity, I’m planning to try some SOTA once the weather gets a bit warmer.

I’m the proud owner of a IC-706mk2G with a couple of blown caps (I really hope the FETs are okay) and a bunch of handhelds. 73 de IV3BSI

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

I also moved away my domains and the ones of the hackerspace I manage, mainly to:

  • infomaniak (Switzerland): a bit too pushy with extra services, but not bad
  • openprovider (NL): more geared towards bulk users, have to prepay (min 20€), but okay so far
  • aruba: meh, but free mailboxes are nice

I also use Migadu, they have been great so far!

desec.io for DNS, also great and supported by Traefik for DNS-01 ACME challenge.

view more: next ›