What’s everyones recommendations for a self-hosted authentication system?

My requirements are basically something lightweight that can handle logins for both regular users and google. I only have 4-5 total users.

So far, I’ve looked at and tested:

  • Authentik - Seems okay, but also really slow for some reason. I’m also not a fan of the username on one page, password on the next screen flow
  • Keycloak - Looks like it might be lighter in resources these days, but definitely complicated to use
  • LLDAP - I’d be happy to use it for the ldap backend, but it doesn’t solve the whole problem
  • Authelia - No web ui, which is fine, but also doesn’t support social logins as far as I can tell. I think it would be my choice if it did support oidc
  • Zitadel - Sounds promising, but I spent a couple hours troubleshooting it just to get it working. I might go back to it, but I’ve had the most trouble with it so far and can’t even compare the actual config yet
  • g5pw@feddit.itEnglish
    14·
    7 months ago

    I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.

    Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!

    EDIT: currently using 80MB RAM for two users and three Service Providers.

    • sudneo@lemmy.worldEnglish
      31·
      7 months ago

      Thanks (grazie?)! I was looking for something similar and kanidm looks great feature wise and simple to deploy!