I was a user, I even recommended it to people, but since the discovery of this issue I feel uneasy to continue using/recommending it. That dev response is appalling.

Thank you, this was actually inspiring. I’d like to imagine I was making a better world before, and will continue to do so with all my strengths.

There’s LaserWeb but apparently it doesn’t support closed source (Chinese) firmware so you’d need to change your laser’s controller…

The only alternative I know of that goes close to what FreeIPA does (minus the cert part) is kanidm. It does:

• oauth2
• ssh key distribution
• RADIUS
• PAM/SSSD
• LDAP

I just noticed they have a beta for multimaster replication, which is nice.

I use it at home. Note, though, that it does not do any hand-holding, and all configuration is done through CLI. Also note, there are docs for the stable or dev branch and there sometimes are big differences between the two.

I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.

Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!

EDIT: currently using 80MB RAM for two users and three Service Providers.

I think you can create a group for friends and a group for family. If you want more separation I think Authentik handles multi-tenancy as well

Saving this for all my future pro-systemd flames, thank you!

Molise, Italy, which is a whole region that doesn’t exists!

Sure, but it’s a question of principle. I try to use and support FLOSS software if possible.

Aw man… and I was just thinking about deploying Nomad in my homelab…

Perhaps you could find some info in the translation project wiki page?

Exactly this. In a federated network, the instance with the majority of users could dictate the protocol, forcing the smaller issues to continually adapt or die. See this post for a very real example of this.