Hacker News new | past | comments | ask | show | jobs | submit login

As I'm also running a homelab, I was curious, what's your overall experience with IAM in this context?

What was your original goal? Which services are linked to your lldap? How many users? Does it simplify things or make it more complex?




It's been pretty good, I never really used LDAP before so I had a bit of a learning curve, but it's not too complicated.

1. My original goal was not having 5 different passwords for my own server because although I have a password manager it's still a bit annoying. Also just for learning.

2. You can see the services here[1], since my entire setup is provisioned from GitHub with Terraform and Ansible.

3. I have about 5 users.

4. I would say simplify so far, but it depends on what kind of complexity you care about, and which services you want to integrate.

[1] https://github.com/RedlineTriad/private_server/tree/master/s...


> My original goal was not having 5 different passwords for my own server because although I have a password manager it's still a bit annoying.

I "solved" that problem by having configuration management deploy same password (hash) on all of my servers. Requires keeping the repo with password hashes relatively safe and of course changing them is a bit of a process but extremely easy and low tech if there is already CM in place.


Authelia actually supports a yaml file with password hashes as the user database. I thought about using that, but decided to try lldap instead.

But I wouldn't want to figure out how to write the password hash into the databases of each application like grafana, or grocy.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: