I've been putting off some necessary maintenance and overall system streamlining on my home server for a while. Everything works, and services are secure and up to date, but I've got a bit of a messy setup that mixes #podman with #docker containers, #tailscale with #tsdproxy. I set this all up before I had my own domain, hence tsdproxy.

Now I have my own domain, I want to refactor my server using #netbird with #caddy and #pocketid.

It's a little daunting, but I'm going to take the plunge

As promised in the last weeknote, here's the write up for how I use #caddyserver and #pocketid to enable OIDC for my #calibre_web server

https://msfjarvis.dev/posts/setting-up-forward-auth-with-caddy-and-pocket-id/

#blogging

So far i am liking PocketID as an OIDC provider.
Clean interface, LDAP integration is a breeze.

Just need to find out why the cli cannot connect to the service. Guess it is a NixOS/systemd thing.

#PocketID #NixOS

While I was away, I finally got NetBird back up and running, and damn it was hard but it’s worth the effort

Setting it up with PocketID for authentication was probably the most headachy thing I could’ve pulled off, but now that it’s done and stable, I ain’t touching it

If you are looking for a stable and fully self hosted Tailscale replacement, I highly recommend !

#tailscale #headscale #netbird #vpn #wireguard #selfhosted #selfhosting #homelab #pocketid #kubernetes #k3s

So I started to look over again for self hosting #oidc #authn. #pocketid, #voidauth, and #hanko are the simplest. All #passkey focused.

Yet still, Pocket ID is by far the easiest to run. Strictly Unix like focused on doing one thing. But doing one thing really well. 😎

https://pocket-id.org/