What’s everyones recommendations for a self-hosted authentication system?

My requirements are basically something lightweight that can handle logins for both regular users and google. I only have 4-5 total users.

So far, I’ve looked at and tested:

  • Authentik - Seems okay, but also really slow for some reason. I’m also not a fan of the username on one page, password on the next screen flow
  • Keycloak - Looks like it might be lighter in resources these days, but definitely complicated to use
  • LLDAP - I’d be happy to use it for the ldap backend, but it doesn’t solve the whole problem
  • Authelia - No web ui, which is fine, but also doesn’t support social logins as far as I can tell. I think it would be my choice if it did support oidc
  • Zitadel - Sounds promising, but I spent a couple hours troubleshooting it just to get it working. I might go back to it, but I’ve had the most trouble with it so far and can’t even compare the actual config yet
  • g5pw@feddit.it
    link
    fedilink
    English
    arrow-up
    14
    ·
    edit-2
    8 months ago

    I use kanidm with oauth2-proxy. No issues so far, it was pretty easy to set up.

    Note that the connection to kanidm needs to be TLS even if you have a reverse proxy!

    EDIT: currently using 80MB RAM for two users and three Service Providers.

    • sudneo@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      8 months ago

      Thanks (grazie?)! I was looking for something similar and kanidm looks great feature wise and simple to deploy!