Differences

This shows you the differences between two versions of the page.

--- infra:services:hacker-id [2025/08/07 20:13] – [Changing account name/display name/email] d404d_idp.hackeriet.no
+++ infra:services:hacker-id [2025/08/13 21:24] (current) – [System setup] d404d_idp.hackeriet.no
@@ Line 54: / Line 54: @@
 </WRAP>
-<WRAP center round warn 60%>
+<WRAP center round important 60%>
 Note that some applications (e.g. Netbox and Wiki) will not automatically update your profile data (e.g. username/email), but they WILL give you the same account on logon through SSO after such IDP changes.
 </WRAP>
@@ Line 157: / Line 157: @@
   * Located in ''/srv/kanidm''
     * One docker compose stack with Traefik (for certificate issuance as LE needs this in-line) and Kanidm
+    * [[https://ip.hackeriet.no/ipam/prefixes/48/prefixes/|Dedicated v6 subnet]] defined in compose and in /etc/docker/daemon.json in order for XFF mapping to work properly
     * Communication between the two are encrypted using a self-signed certificate (Kanidm requires last-hop encryption)
     * Created user and group "kanidm" in the host, which will represent the kanidm container's resources. Rights configured according to https://kanidm.github.io/kanidm/stable/security_hardening.html#security-hardening