The original post: /r/homelab by /u/prometaSFW on 2024-12-22 23:22:07.

I’m running several services in my homelab, each of which has a username and a password. Currently I am keeping track of all of them in a password manager, but it’s becoming a hassle.

I’ve been looking into auth solutions. Looks like every service I run supports LDAP, but then I tie accessibility of all of my services to the availability of the LDAP service. Azure AD DS could fill that gap but it’s too pricy for home use. I have an O365 tenant with Azure AD premium licenses and experience configuring SAML and OIDC for 3rd party services. But many of the services I run don’t support either protocol natively. Looks like I could use traefik as a front end behind an AzureAD auth prompt, but would still need to remember the passwords for each service.

I see Canonical is working on authd, which seems like a reasonable solution for some use cases but isn’t widely supported.

What options do I have to use SSO across the homelab, without creating a new single point of failure? Ideally it would have native MFA too.