My god, #1 a million times over.
My god, #1 a million times over.
I’ve learned some Esperanto and still think the name is stupid. Make your app have a sane, pronounceable name to any old person.
Official spin isn’t enough. Oh no…
I might give this a go. Have been using bog standard ingress nginx for my k8s but have wanted to try a gateway supporting ingress product for a while.
Thanks op.
deleted by creator
I think you’d be better off stating people are too lazy to install Linux.
Just because they proved you completely wrong and millions of others using Linux daily prove you wrong too doesn’t mean they’re bringing “animosity.”
Just accept the L and move on.
Disagree. I’ve self hosted nextcloud for years without issue.
Just go with what you need. Some only need contacts and calendars, others want the whole thing.
It’s only made worse that they are now so tied to whatever versioning they’re using instead of semver.
Bingo.
Yes that’s why the top enterprise distros all avoid systemd.
Could simplify it by making a 28 block at most. That is 14 IPs per bridge which seems like way more than one would generally need anyhow.
{
"default-address-pools": [
{ "base":"172.16.0.0/12", "size":28 },
]
}
I will have to check. Still willing to try again. I’ll update if i get it going better on round 2.
Thanks for the hint about the docs. I hadn’t thought of that.
0e2475ba-882a-4f61-8938-2642ca80193b WARN │ ┝━ 🚧 [warn]: WARNING: index "displayname" Equality was not found. YOU MUST REINDEX YOUR DATABASE
0e2475ba-882a-4f61-8938-2642ca80193b WARN │ ┝━ 🚧 [warn]: WARNING: index "name_history" Equality was not found. YOU MUST REINDEX YOUR DATABASE
0e2475ba-882a-4f61-8938-2642ca80193b WARN │ ┝━ 🚧 [warn]: WARNING: index "jws_es256_private_key" Equality was not found. YOU MUST REINDEX YOUR DATABASE
I had to drop it for a few days. I got that at some point though. It’s all brand new so I wouldn’t know why. Seems a bit rough around the edges so far. I’ll try to reindex and attempt again. I really want this to be the product I use since it’s a nice AIO solution but we’ll see.
Edit:
[~]$ podman run --rm -i -t -v kanidm:/data \
kanidm/server:latest /sbin/kanidmd reindex -c /data/server.toml
error: unrecognized subcommand 'reindex'
Phew boy. Straight from the docs. Same with the vacuum command.
Looks like the docs need updated to specify the command is kanidm database reindex -c /data/server.toml
And further upon trying to login…
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO handle_request [ 188µs | 0.00% / 100.00% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO ┕━ request [ 188µs | 72.94% / 100.00% ] method: GET | uri: /v1/auth/valid | version: HTTP/1.1
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO ┝━ handle_auth_valid [ 50.8µs | 25.54% / 27.06% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO │ ┝━ validate_client_auth_info_to_ident [ 2.85µs | 1.51% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 WARN │ │ ┕━ 🚧 [warn]: No client certificate or bearer tokens were supplied
300e55b7-e30a-42a5-ac3e-ec0e69285605 ERROR │ ┕━ 🚨 [error]: Invalid identity: NotAuthenticated | event_tag_id: 1
300e55b7-e30a-42a5-ac3e-ec0e69285605 WARN ┕━ 🚧 [warn]: | latency: 204.504µs | status_code: 401 | kopid: "300e55b7-e30a-42a5-ac3e-ec0e69285605" | msg: "client error"
I think I’m gonna have to just nuke it and start fresh but yeah, this is not a great first impression at all.
I could do this but sadly even just the trial did not work. I’m using podman but it gives me “invalid state” just trying to login with a user per the quickstart, etc. Can’t reset the password cleanly, can’t add a passkey via bitwarden, etc.
Unsure if I’m doing something wrong or if it’s very alpha/beta.
Awesome. Thank you.
Now to see how i make this work in k8s since they evidently mandate the cert inside instead of just allowing the ingress to have it.
Does this do it all? It seems that it holds all your users like LDAP and can auth that way too. But it can also do simple oidc integrations too? Basically just want to see if it is the all in one. Looks like it does which is why i wonder why you use oauth2-proxy in addition.
I’ve otherwise been trailing keycloak/authelia as the oidc portion and lldap/freeipa as the ldap Backend that actually holds the users. Would love to simplify if possible.
Yep. I’ve got a test instance working with keycloak. Post up the problem you’re having and i can check it against mine. I think all of it was configured via UI on both except there are two changes in the gitea config.INI that allowed that auth and auto created users if they didn’t exist yet.
Maybe give photoview a shot.
You are like the most miserable poster with so many axes to grind.
Relax man.
Dendrite iirc is essentially in maintenance mode. I run a small one but I don’t think it’s expected to get any new features until there is more funding.