Keycloak & Cloudron
-
@girish Sure thing! We operate a few websites both on our Cloudron server and external hosts. Cloudron really is used for a mix of personal usage, projects, and a small amount of business use. We don't provide many people with accounts on our server and try to keep things separate. For our use case, we'd like to integrate Keycloak as an SSO Solution with a few different projects -- but we do not want user management to touch Cloudron in anyway. Essentially we host some apps for external usage on Cloudron, because it's just much easier to manage with all of the Cloudron features. Does this help?
@Sam_uk said in Keycloak & Cloudron:
@JLX89 @marcusquinn do you have access to any budgets that might help part-fund this work?
Not really at the moment, we had planned on using this for an open source project if it's rolled out on Cloudron.
-
@marcusquinn So far the plan would be using Keycloak for Discourse, a few JavaScript Apps, and potentially a few yet to be determined external SaaS services.
-
@JLX89 OK. I think I get what you're thinking. With OpenID as a feature in Cloudron, Cloudron is still performing the function of an App, but with limited functionality.
Whereas with Keycloak you have a genuine, dedicated portable app.
I see the value. I guess now a question of official app store understanding, packaging and maintenance bandwidth, compared to the total demand for using.
-
-
@jdaviescoates @Sam_uk I think this was on /r/selfhosted some years ago...
Edit: here - https://old.reddit.com/r/selfhosted/comments/szhqq1/launching_a_fully_managed_opensource_platform_for/ . Note that it's not (in my definition) selfhosted.
-
@Sam_uk said in Keycloak & Cloudron:
It looks like those pages are sorted by popularity, so interesting to see where each thing is ranking with their users.
-
My costs would be about 10x Cloudron for the compute resources I'm hosting it on: https://elest.io/pricing
-
Update - @nj thanks for the repo
https://github.com/njsubedi/cloudron-keycloak/pull/9
Upgraded from 20.0.3.
Looks good and working so far.
-
@BrutalBirdie said in Keycloak & Cloudron:
Looks good and working so far.
get it into the app store?
-
@jdaviescoates For that is needs the unit tests writing, that's the typical difference between custom self-install and app store.
-
@girish said in Keycloak & Cloudron:
@BrutalBirdie Ah nice, so this works with the latest version ? I think that is what @Sam_uk was facing a while ago.
I upgraded the latest version from his git repo to the latest upstream version.
And as far as I could tell it worked. -
Update: @nj https://github.com/njsubedi/cloudron-keycloak/pull/10
Also created release and images on my fork:
https://github.com/BrutalBirdie/cloudron-keycloak/releases/tag/v22.0.1
-
Been following Keycloak for a while but still have meta question - why is this valuable for Cloudron? Isn't CR moving over to a similar auth mechanism? The nerd in me wants to deploy this, but not sure what it gives me beyond what's already provided by CR?
-
From a technical perspective: Since Cloudron - the platform - is capable of being an OIDC provider, there is no need for Keycloak on Cloudron. From a documentation and integration perspective, Keycloak is widely used in the documentation of various FOSS and proprietary software.
If Cloudron - the company - is able to provide more documentation and integration guidance (perhaps with the help of the community), the gap between Keycloak and Cloudron may be smaller in the future.
From an IAM perspective, I have no idea if Cloudron - the platform and the company - is ready to support more enterprise features.
IMHO: if you are happy with Cloudron's OIDC features, you are well served by Cloudron and don't need any more features from Keycloak.
IMHO: Having Keycloak in a private repo to have it as an app on Cloudron is a quick way to have a development environment for your software development. In this case: Keycloak is just another app on Cloudron among the other 100+ apps to fulfill your needs in projects or your personal digital life.