Hackeriet

User Tools

Site Tools

You are here: start » infra » services » hacker-id
infra:services:hacker-id

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
infra:services:hacker-id [2025/08/13 21:24] – [System setup] d404d_idp.hackeriet.noinfra:services:hacker-id [2026/04/11 17:41] (current) d404d_idp.hackeriet.no
Line 5: Line 5:
  
 Hacker-ID is a member-initiated service to provide a simple-to-use and universal base for implementing SSO services at Hackeriet. Hacker-ID is a member-initiated service to provide a simple-to-use and universal base for implementing SSO services at Hackeriet.
- 
-<WRAP center round important 60%> 
-This is a proof-of-concept to see how one could reasonably deploy IDP in a simple yet flexible way with few moving parts. 
-Ask if you have any questions, need help, need an account, or want to integrate something. 
- 
-Regards, 404'd 
-</WRAP> 
  
 A simple self-service portal on https://idp.hackeriet.no provides basic account management features, together with a list of any Hacker-ID web applications you have access to. A simple self-service portal on https://idp.hackeriet.no provides basic account management features, together with a list of any Hacker-ID web applications you have access to.
Line 25: Line 18:
 All services enrolled into Hacker-ID are documented using tags in Netbox: All services enrolled into Hacker-ID are documented using tags in Netbox:
   * [[https://ip.hackeriet.no/extras/tags/10/|Hacker-ID: LDAP]] -- Not currently implemented   * [[https://ip.hackeriet.no/extras/tags/10/|Hacker-ID: LDAP]] -- Not currently implemented
-  * [[https://ip.hackeriet.no/extras/tags/8/|Hacker-ID: RADIUS]] -- Not currently implemented+  * [[https://ip.hackeriet.no/extras/tags/8/|Hacker-ID: RADIUS]] -- Select Nettlauget infrastructure
   * [[https://ip.hackeriet.no/extras/tags/6/|Hacker-ID: SSH]] -- SSH daemon reads authorized keys from Hacker-ID   * [[https://ip.hackeriet.no/extras/tags/6/|Hacker-ID: SSH]] -- SSH daemon reads authorized keys from Hacker-ID
   * [[https://ip.hackeriet.no/extras/tags/7/|Hacker-ID: SSO]] -- OpenID/OAuth2 authentication flow   * [[https://ip.hackeriet.no/extras/tags/7/|Hacker-ID: SSO]] -- OpenID/OAuth2 authentication flow
Line 77: Line 70:
 | ''service-dokuwiki-users'' | ''hackeriet-styret'' | Login as regular users to Dokuwiki | | ''service-dokuwiki-users'' | ''hackeriet-styret'' | Login as regular users to Dokuwiki |
 | ''service-hedgedoc-users'' | ''nettlaug-operators'' | Logon rights to pad.hackeriet.no | | ''service-hedgedoc-users'' | ''nettlaug-operators'' | Logon rights to pad.hackeriet.no |
-| ''service-idp-sysops'' | ''d404d@idp.hackeriet.no'' | Administrative privileges to Hacker-ID (Kanidm, SSH, sudo, and docker) |+| ''service-idp-sysops'' | ''service-idp-sysops'' | Administrative privileges to Hacker-ID (Kanidm, SSH, sudo, and docker) |
 | ''service-librenms-users'' | ''nettlaug-operators'' | Logon rights to nms.hackeriet.no | | ''service-librenms-users'' | ''nettlaug-operators'' | Logon rights to nms.hackeriet.no |
 | ''service-netbox-staff'' | ''nettlaug-operators'' | Django staff rights in Netbox | | ''service-netbox-staff'' | ''nettlaug-operators'' | Django staff rights in Netbox |
Line 128: Line 121:
  
 ===== Administrative actions ===== ===== Administrative actions =====
 +Slideset from admin workshop:
 +{{ :infra:services:main.pdf |}}
 ==== Onboarding users through the CLI ==== ==== Onboarding users through the CLI ====
 If for some reason a user needs to be onboarded through the CLI, use the following sequence of commands: If for some reason a user needs to be onboarded through the CLI, use the following sequence of commands:
/srv/hackeriet-wiki/dokuwiki/data/attic/infra/services/hacker-id.1755120265.txt.gz · Last modified: by d404d_idp.hackeriet.no