The weekly post. As usual, not my blog, just a good community share. Authors are on Mastodon at @selfhst@fosstodon.org.
Anyone use authentik? Seems useful, most of my homelab services are unsecured ATM (just local only/vpn)
I use authentik and I love how easy it is to create users, give them access to my services and even manage an LDAP outpost for the less-advanced services (Jellyfin, Calibre-Web). I heard that Keycloak is a better alternative to authentik, but I never used it, it looks very similar to it though.
Id like to centralize auth but I haven’t dug into it yet. My concern is, can it be distributed? I have services spread across my homelab and multiple vpses. I don’t want to lose auth if any of those is down.
It seems that Keycloak can sync multiple instances, but I don’t know how good of an idea that is. I found something in it’s documentation: https://www.keycloak.org/high-availability/introduction
Looks like single site cam be done using the operator and k8s. Think I might have to try it out.
Saw that ChrisLempa made a video about it recently, looks very interesting. Defo gonna give it a try some time soon 🌻
Also, that CLI trick is crazy! Never knew that and I’m a fairly proficient shell user.
I’ve got something I’m hoping to see on here in a couple weeks.
I started work yesterday on a self hosted security camera system that uses v4l2 (so it works with webcams).
https://github.com/sciactive/soteria
Locally, I’ve got it loading the stream from the camera, encoding, and muxing, then pushing to a filesystem write stream, but I’ve discovered software based encoding in single threaded WASM is just too slow for what I’m trying to do. I’m going to rewrite it today to use FFMPEG externally for encoding.
It’s meant to be used with my WebDAV server
https://github.com/sciactive/nephele
which supports encryption and storage in a S3 compatible service. So you’ll get the benefits of a cloud security camera, but Google/Amazon/whatever won’t have access to your video.
You should reach out to the authors! I have no clue how they create their “new” section
I’m gonna wait until it’s ready to install. Right now it’s just in the early stages of development.
This is really cool! Do you know of any existing tools doing similar stuff to this ?
There’s a few. You can search for “open source security camera” to find them.
The reason I’m building mine, instead of going with another solution is because I have a hard requirement that if all of my devices are offline, destroyed, or stolen, I want to still be able to see my videos (so cloud storage is required), and I want everything that goes into the cloud to be end to end encrypted.
That basically means everything necessary to view videos has to be stored in the cloud except the decryption password. So anything with a local database or unencrypted storage is out.
Some existing systems support some of those requirements, but afaik, there aren’t any that support all of the above (at least not easily). With Soteria and Nephele, if all of your cameras are offline and your WebDAV server is offline, you can just spin up a local WebDAV server with your S3 info, and you’ve got a working client to view all of your footage.
Having that can really help when something goes wrong. For example, I currently use Google Nest cams, and I was able to tell why my cameras went offline while I was away when the camera caught the transformer down the street blowing up right before the video cut out.
The thought of colocating my homelab is intriguing… But also sounds like way too much effort and money
Gonna try Janitorr!