tayiorrobinson 5 days ago

and also requires you to relogin every so often (to be fair it's 90 days not 24h)

and you can just use a custom OIDC IDP with tailscale, for all 15 of us that have custom OIDC IDPs

Reply View 0 replies
pfych 5 days ago

It at least got me to learn how to self-host my own identity provider!

Reply View 2 replies
  • gausswho 5 days ago

    Do tell!

    Reply View 1 reply
    • pfych 5 days ago

      I set up Authentik[^1] on my NAS in a docker container and went from there! Just had to add a .well-known webfinger file to my domain that pointed to the Authentik instance and it "just worked" with Tailscale.

      [^1]: https://goauthentik.io/

      Reply View 0 replies