Selfhosted

49879 readers

375 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Deploy Authentik to already working services and accounts. (lemmy.world)

submitted 3 days ago* (last edited 3 days ago) by Daaric@lemmy.world to c/selfhosted@lemmy.world

6 comments fedilink hide all child comments

Hi,

TLDR: Does anyone have an experience with setting Authentik to already existing user accounts, most importantly in Immich?

I am currently thinking (and studying how to) about deploying Authentik and using it as SSO for the stuff I host. The main reason is to rise the WAF and make them more accessible and appealing for perhaps other family members.

I already see some roadblocks ahead and am trying to understand, how to go over them in a smooth and safe way.

For most of the services, there shouldn't be much risk (loosing watch history in jellyfin might be unfortunate but not mission critical).

Though, I'm running Immich with three users, each with several years of photos.. And here I'm afraid of how to link these already existing photos to the new accounts introduced by Authentik.

The other service is Nextcloud, but I'm the only one using it now and I could prepare and move the data, contacts and so on, though calendars might be PITA...

If anybody have some experience with it, I'd be so grateful.

I run most of my stuff in docker containers on an Unraid server at home, behind a hell of a cgnat and a tiny VPS where my caddy proxy and synapse HS live, and where I'd like to set up the Authentik as well.

you are viewing a single comment's thread
view the rest of the comments

[–] nickiam2@aussie.zone 2 points 1 day ago* (last edited 1 day ago)

I implemented authentik for my immich server just last week and I can confirm that Immich will merge the accounts as long as they have the same email address. My other services I had to configure to use email matching. Paperless-ngx needed an environment variable added to allow it, and Grafana I didn't even have a user created for myself, just used the default admin account.

Jellyfin doesn't support OIDC without a 3rd party plugin, so I haven't set that one up yet. I also don't use nextcloud, so can't comment on that.