Skip Navigation

notquitenothing

@ notquitenothing @sh.itjust.works

Posts
20
Comments
28
Joined
10 mo. ago

  • VoidAuth Release v1.6.0 - Optimization and 1k Stars Celebration 🎉

    Jump

  • I think technically you might actually not need https termination anymore, it was required when the session cookies were set secure manually but now they should be set automatically if the request protocol was https. You can give it a try just using http or self-signed certs, if you do let me know if it works!

    You should be aware though that if you are not using https your password and other secrets will be transmitted unencrypted on that layer, so make sure that your setup is secured/encrypted in some other way like wireguard/vpn tunneling.

  • VoidAuth Release v1.5.0 - Multi-Factor Authentication 🔒

    Jump

  • There is no direct feature comparison between VoidAuth and pocket-id ('comparison is the thief of joy' after all). At least one major difference is that pocket-id does not allow users to sign in with a password since passkey-only accounts are one of their design decisions, and VoidAuth does not support LDAP integration while pocket-id does. My main motivation in creating VoidAuth was to fill gaps in my own user experience while using SSO, previously I ran Authelia+LLDAP (which is still an excellent combo) but found the setup lacking in some common use-cases and devoid of an Admin Interface.

    I am glad you like the interface and logo, it is inspired by my own black cat who right at this very moment is yelling for pets 😹

  • VoidAuth Release v1.5.0 - Multi-Factor Authentication 🔒

    Jump

  • I would recommend checking out the Getting Started page in the docs, which I realize can be a lot! Once you have an initial instance running (you can always change environment variables later to suite your needs) and have logged in with the initial admin username and password that appear in the logs on first start, you can check out the Admin Guides section in the docs sidebar. There you should be able to see pages relating to OIDC Setup (including for specific apps) and other topics. If you set up OIDC on a new app that doesn’t yet have documentation, PRs with updates to the documentation are welcome! If you have any questions you can feel free to ask in the repo issues/discussions and I will try to help out 😊

  • Self hosting Sunday! What's up, selfhosters?

    Jump

  • I have been experimenting with a btrfs raid array and am getting some new hard drives in the mail today, hoping it goes smoothly and they work 😬 All part of a larger goal of migrating my synology NAS to a purpose built machine.

    Also got my first contribution and donation on my OIDC SSO project, which is really exciting!

  • Should I replace NPM?

    Jump

  • I can recommend Caddy myself, it is dead simple to configure

  • VoidAuth Release v1.4.0 - SQLite Support 🗃️

    Jump

  • VoidAuth is an Authentik alternative that aims to be easier to use/setup (and look a bit nicer imo). It does provide OIDC and ProxyAuth (ForwardAuth), but Authentik is certainly a more mature/complex SSO provider.

  • Opensource @programming.dev
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.4.0 - SQLite Support 🗃️

    github.com /voidauth/voidauth/releases/tag/v1.4.0
  • Open Source @lemmy.ml
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.4.0 - SQLite Support 🗃️

    github.com /voidauth/voidauth/releases/tag/v1.4.0
  • Selfhosted @lemmy.world
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.4.0 - SQLite Support 🗃️

    github.com /voidauth/voidauth/releases/tag/v1.4.0

  • Release v1.3.0 VoidAuth - Sub-Directory Hosting and OIDC Security Groups

    Jump

  • Let me know how it goes! If you have any trouble getting it set up I can try to help as well. I am working on NGINX and NGINX Proxy Manager documentation right now, maybe I will do Traefik afterwards.

  • Selfhosted @lemmy.world
    notquitenothing @sh.itjust.works

    Release v1.3.0 VoidAuth - Sub-Directory Hosting and OIDC Security Groups

    github.com /voidauth/voidauth/releases/tag/v1.3.0

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • I think I got it figured out 🙂 If you want to test it, you can swap your voidauth version to :edge from :latest. I wouldn't recommend keeping it that way ('edge' is for testing the latest stuff), but if you get a chance to set it up let me know how it goes

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • VoidAuth currently only supports 2FA through passkeys, and specifically requests 2FA passkeys from passkey providers. I may look into password + passkey but for now the only way to guarantee 2FA login is to make your account passkey-only. This is currently being tracked here: https://github.com/voidauth/voidauth/issues/106

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • Unfortunately I have not been able to get that to work 😞 I did look into it, but there is quite a lot of redirecting going on during the OIDC flows and it was a real pain to try to get it all sorted. For now you will have to use a subdomain, like https://voidauth.example.com/

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • I have never used Smallstep, but based on the documentation it looks like a native+id_token client. If you can get an error message or debug trace, you can sent it to me or open a GitHub issue and I will take a look at it 🙂

  • Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    Jump

  • 😹 Let me know how it goes! If you have any trouble setting it up feel free to ping me, or open an issue on GitHub

  • Open Source @lemmy.ml
    notquitenothing @sh.itjust.works

    Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    github.com /voidauth/voidauth/releases/tag/v1.2.0
  • Opensource @programming.dev
    notquitenothing @sh.itjust.works

    Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    github.com /voidauth/voidauth/releases/tag/v1.2.0
  • Selfhosted @lemmy.world
    notquitenothing @sh.itjust.works

    Release v1.2.0 VoidAuth - Passkey Prompting and Sent Mail Viewing

    github.com /voidauth/voidauth/releases/tag/v1.2.0

  • VoidAuth Release v1.1.0 - Passkey-only Users 🔑

    Jump

  • Pretty much as answered already, passkeys (sometimes branded like FaceID or Windows Hello but it is an open spec) are an alternative to passwords. Your public key that identifies your user is stored in VoidAuth and your private key is stored on your device. Some password managers support syncing passkeys, so you don’t have to set up a new passkey on every device.

    The advantage over passwords is that they are domain and device specific, so are much harder to be leaked from the client side. VoidAuth (or other services) should only be storing your public key so a leak on the server side would not allow someone to log in as you.

  • Open Source @lemmy.ml
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.1.0 - Passkey-only Users 🔑

    github.com /voidauth/voidauth/releases/tag/v1.1.0
  • Opensource @programming.dev
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.1.0 - Passkey-only Users 🔑

    github.com /voidauth/voidauth/releases/tag/v1.1.0
  • Selfhosted @lemmy.world
    notquitenothing @sh.itjust.works

    VoidAuth Release v1.1.0 - Passkey-only Users 🔑

    github.com /voidauth/voidauth/releases/tag/v1.1.0

  • GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    Jump

  • Thank you!

  • Authentik vs Authelia?

    Jump

  • You can try VoidAuth, it is kinda similar to Authelia+lldap. I am the developer and I created it because I wasn’t satisfied with Authelia’s user management. If you decide you want to try it and run into any issues or questions I will try to help :)

  • How to enhance Caddy's basic_auth?

    Jump

  • I don’t think you could do that directly in the Caddyfile, but you can create those groups/policies inside VoidAuth and assign them to users there.

    The steps would be to (in VoidAuth) create the access group/policy, create the ProxyAuth Domain (protected.example.com/*) with the allowed group(s), make sure the user(s) have that group, then in Caddy add the forward_auth directive to the same route you want to protect.

    Then when you go to access that route in a browser it will redirect you to VoidAuth login, or if you pass an Authentication header with Basic Auth (like when using an API) it will use that.

  • How to enhance Caddy's basic_auth?

    Jump

  • Developer of VoidAuth here, you could give that a try! If you have any issues or questions I can help :) VoidAuth

    It does support basic_auth to ProxyAuth protected domains, so you can set up a user for that purpose. Docs for that are here: ProxyAuth

  • GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    Jump

  • You can do this with VoidAuth as well, by setting the DB_NAME variable

  • GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    Jump

  • VoidAuth is simpler to setup/use than Authentik for sure, but of course Authentik has more features. They both support proxy-auth, OIDC, and have user management UIs so in that way they are similar. I like VoidAuth for its simplicity but you can always run both and decide, if you have any questions about setup I will try to answer!

  • Open Source @lemmy.ml
    notquitenothing @sh.itjust.works

    GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    github.com /voidauth/voidauth
  • Opensource @programming.dev
    notquitenothing @sh.itjust.works

    GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    github.com /voidauth/voidauth
  • Selfhosted @lemmy.world
    notquitenothing @sh.itjust.works

    GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    github.com /voidauth/voidauth
  • Self Hosted - Self-hosting your services. @lemmy.ml
    notquitenothing @sh.itjust.works
    Project

    GitHub - voidauth/voidauth: An Easy to Use and Self-Host Single Sign-On Provider 🐈‍⬛🔒

    github.com /voidauth/voidauth