Keycloak is decent. It has its own built in user database, or it can connect to an “upstream” idp like AD, GitHub, google, fb, basically anything that speaks openid or SAML. Then, it can act as an idp to each service you run. It is a bit of a chore to configure, but compared to other SSO servers it’s pretty good (looking at you shibboleth)
nbailey
joined 2 years ago
You could probably get a used x280 or x390 for that price. Both are great machines even 4 years later. Check local refurbishers for off-lease machines on the cheap.
Write install and maintenance guides, save them somewhere public. Automation is good, but documentation and practicing technical writing is better.
Not for a new selfhoster, no. It’s fairly complex and has lots of moving pieces. Start with a simple syslog server before going way into the deep end.
Wazuh is a neat tool, but it’s really just good old OSSEC bolted into Elasticsearch with some custom plugins and middleware. You can get nearly the same result by just shipping logs from ossec and osquery with a lot less complexity.
Why not Debian? It’s a fantastic distro on its own, without the need to bolt on vendor’s stuff if you already know what you’re doing.
Will this be offered to refugees from Syria, Yemen, Sudan, etc?
The model has become inbred because it’s now impossible to scrape the web without AI content getting ingested, which is full of “hallucinations” and other weird artifacts. The last opportunity to get “uncontaminated” training data was sometime in mid 2022.
Not to say that it’s causing this particular problem, but this issue will emerge eventually. Garbage in = garbage out. Eventually GPT-19 will grow a mighty Habsburg chin.
The config dsl syntax is a bit strange, can’t run a script on “recovery”, but it’s generally not bad honestly. I use it on loads of servers as a monitoring-tool-of-last-resort if the main system fails.
Very cool! I like the idea of a less-weird Monit. I might try this on some one-off servers later…
This is not as good of an idea as you may think.
First is where the hydrogen comes from. Most commercially available hydrogen comes from fossil fuels. The most common process involves superheated steam, methane (aka natural gas), and a catalyst. Very little hydrogen comes from renewable energy via hydrolysis.
Second is efficiency. The total process of transforming renewable energy to hydrogen, storing and transporting the gas, then using it to move a locomotive is only about 30% efficient. There are significant losses at every stage, and it’s a very complex supply chain.
Now, compare this to very boring overhead electrified railroads, which have existed for over one hundred years. Modern systems can achieve nearly 85% efficiency from generation to locomotion, are cheap and easy to build, and have some of the most reliable rolling stock around since they’re essentially a really big slot car. The only downside is the big up-front investment in overhead lines, but that quickly pays for itself with the overall efficiency of the railroad system.
If you ask me, this is a bad idea. It’s somewhere between well intentioned but poorly thought through engineering, and the good old fashioned greenwashing of the fossil fuel industry.
It looks like it’s not able to reload the service. Could be permissions? As the nginx user (www-data often), try
touch /run/nginx.pid