There’s LaserWeb but apparently it doesn’t support closed source (Chinese) firmware so you’d need to change your laser’s controller…
The only alternative I know of that goes close to what FreeIPA does (minus the cert part) is kanidm. It does:
- oauth2
- ssh key distribution
- RADIUS
- PAM/SSSD
- LDAP
I just noticed they have a beta for multimaster replication, which is nice.
I use it at home. Note, though, that it does not do any hand-holding, and all configuration is done through CLI. Also note, there are docs for the stable or dev branch and there sometimes are big differences between the two.
I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.
Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!
EDIT: currently using 80MB RAM for two users and three Service Providers.
I think you can create a group for friends and a group for family. If you want more separation I think Authentik handles multi-tenancy as well
Saving this for all my future pro-systemd flames, thank you!
I’m using sops
with my GPG key currently.
Sure, but it’s a question of principle. I try to use and support FLOSS software if possible.
Aw man… and I was just thinking about deploying Nomad in my homelab…
Exactly this. In a federated network, the instance with the majority of users could dictate the protocol, forcing the smaller issues to continually adapt or die. See this post for a very real example of this.
There’s SwiftFin, but it’s been a while from the last update (iOS app was updated recently though) and there’s a number of issues. It’s usable though (I’m using it).