gregkare
commented
5 years ago I don't have experience with running LDAP, but it sounds like a great idea with all of this software supporting it!
Closed raucao closed 4 years ago
gregkare
commented
5 years ago I don't have experience with running LDAP, but it sounds like a great idea with all of this software supporting it!
bkero
commented
5 years ago Having a single source of identities and access management is basically what LDAP is for. Unfortunately I don't have any good resources for getting an example LDAP server up and running so that client libraries can be written and tested with.
It should basically boil down to setting up a server (probably still OpenLDAP), adding an example schema, then creating some users in it. Then, creating a credentials object for your service to use, then adding those details to (for example) gitea. Then you should be able to use it as a single identity provider.
There should be a decent docker image out there that simplifies setup.
raucao
commented
4 years ago Continued in https://gitea.kosmos.org/kosmos/chef/issues/107 (and actually almost done).
All of ejabberd, Mastodon, and Gitea support LDAP out of the box. So if we also add LDAP support to whatever RS server we'll use for Kosmos, we could just have a single database for accounts and have all the various apps use that.