this post was submitted on 19 Nov 2023
10 points (91.7% liked)

Selfhosted

40226 readers
1111 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
10
NVR software recommendations that supports SSO/LDAP (lemmy.world)
submitted 1 year ago by cm0002@lemmy.world to c/selfhosted@lemmy.world
3 comments fedilink hide all child comments
 

Hi everyone, looking for some NVR software to run a bunch of Cisco 6630 cameras I picked up (I know I know, but at <20$/camera....)

I looked at a few like ZoneMinder and Frigate but they all seem to only support basic HTTP auth and I spent a lot of time and effort getting Authentik working nice and smooth and dammit I want to use it for everything I can lol

Just "classic" LDAP is fine too, at least it's still using some part of my central authentication infra lmao

top 3 comments
sorted by: hot top controversial new old
[–] node815@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

I just installed Pomerium and got it to integrate with AdguardHome and my router which both use basic HTTP, I also use Authentik. It's a bit of a learning curve, but in short, this is what the config.yaml file needs to work to get it up and running:

The basic auth header for this is just UN: example PW: Password

authenticate_service_url: https://verify.mydomain.com
idp_provider: oidc
idp_provider_url: https://Authentik.mydomain.com/application/o/pomerium/
idp_client_id: AUTHENTIK'S CLIENT ID
idp_client_secret: AUTHENTIK'S CLIENT SECRET
idp_provider_scopes: null
routes:
  - from: https://agh.mydomain.com
    to: http://192.168.1.200  ##Adguardhome address
    policy:
      - allow:
          or:
            - email:
                is: myemail@mydomain.com
    set_request_headers:
    # https://www.blitter.se/utils/basic-authentication-header-generator/
       Authorization: "Basic ZXhhbXBsZTpwYXNzd29yZA==" #AdguardHome
      allow_websockets: true


  - from: https://router.mydomain.com
    to: http://192.168.1.254
    policy:
      - allow:
          or:
            - email:
                is: myemail@mydomain.com
    set_request_headers:
    # https://www.blitter.se/utils/basic-authentication-header-generator/
      Authorization: "Basic ZXhhbXBsZTpwYXNzd29yZA=="  #Router 
    allow_websockets: true


cookie_name: pomerium
cookie_secret: RANDOM 32 CHARACTER COOKIE=
cookie_domain: mydomain.com
pomerium_debug: true

So, now when I go to my Adguardhome's URL ( agh.mydomain.com), it auto directs to my Authentik instance, then upon matching my signed in email in the browser session, it transparently logs me into Adguardhome without issue. The same applies to my router's login.

In short, if you have found an NVR which supports basic http auth, Pomerium is the missing piece I've found to work.

[–] Haphazard9479@lemm.ee 1 points 1 year ago

Check alternativeto.net. Search for any software and it will give you a list of other options and what they are all about.

[–] funkajunk@lemm.ee 1 points 1 year ago

Shinobi can do LDAP

https://shinobi.video