Wiring MISP to Authentik over OIDC on the official misp-docker image (OIDC_* vs OIDCAUTH_*, JSON role mapping) and getting it to trust an internal CA — the cURL #60 fix is one cert per .crt file.
Category: IT
Docker on Synology DSM requires sudo for every command. if you’re tired of typing your password every time, here’s how to allow passwordless sudo docker via a sudoers drop-in file. add docker to your PATH […]
Notes on getting Open WebUI working with Authentik SSO on a Docker Swarm setup with Traefik. Took me a bit to get all the pieces right, the main gotchas are the JWT signing key (Authentik […]
Real-world benchmarks of OVHcloud VPS instances using Geekbench 6, fio, and sysbench. CPU scores, NVMe disk IOPS, storage latency, and memory bandwidth on Intel Haswell hardware running Debian 12.
I have a bunch of indoor cameras to keep an eye on my pet and monitor my home when I’m away. They work great for that. But when I’m home, I want the mental peace […]
Ubiquiti’s WiFiMan lets you host your own public speed test server. The official install script works great on a standard Linux box, but on a Synology NAS you need a different approach. Here’s how I […]
You have a web app. You want to put it behind authentication without touching the app’s code. Traefik and Authentik make this possible with forward authentication – Traefik asks Authentik “is this user allowed?” before […]
LiteLLM is an OpenAI-compatible proxy that lets you route requests to multiple LLM providers through a single API. It has a built-in admin UI with SSO support. Authentik is an open-source identity provider that supports […]
Notes to my future self Get a bundle of the CA + if applicable the sub CA and append themThrow them into a docker secret mount them as a secret, under your service mount them […]
A collection of notes and fixes from setting up authentik as an identity provider with Active Directory LDAP sync, Traefik forward auth, and Docker Swarm. The two main gotchas: AD syncs computer objects as users […]
Recent Comments