The Uberduck<p>I'm looking at setting up a bunch of self hosted services to replace our (self, family, friends) dependence on corporate cloud stuff. Email (custom, since none of the Just Add Server offerings do everything I need for free), shared drive (likely nextcloud, ugh), docs (likely collabora), jitsi for video, discourse for group forums, and so on. </p><p>I'd like to make all of this SSO, to the extent that it reasonably can be. </p><p>I'm probably going to use FreeIPA as the identity source of truth, but I'm finding that there are enough new things I need to learn about centralized authentication that I'm having a hard time finding a starting point that doesn't require a bunch of other context. So I'm asking for help. </p><p>Does anyone know of a good guide to these sorts of concepts, preferably available online? I'm familiar with most of the other Linux sysadmin concepts and have plenty of hardware and bandwidth at my disposal.</p><p>If you don't have an answer but have followers who might, boosts would be appreciated.</p><p><a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://hachyderm.io/tags/SelfHostedApps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHostedApps</span></a> <a href="https://hachyderm.io/tags/freeipa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freeipa</span></a> <a href="https://hachyderm.io/tags/ldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ldap</span></a> <a href="https://hachyderm.io/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://hachyderm.io/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://hachyderm.io/tags/authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentik</span></a> <a href="https://hachyderm.io/tags/authelia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authelia</span></a> <a href="https://hachyderm.io/tags/kerberos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kerberos</span></a> <a href="https://hachyderm.io/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://hachyderm.io/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a></p>