I’ve got 2 hosts. A slightly more powerful sff tower running my media stuff and arr services. VPN gateway that the arr’s route through etc. I have a raspberry pi that’s running my Adblocker, reverse proxy, Wireguard some stuff for a small business I run… So a website platform and invoice/time logging system.
Anyway these various services are mostly secured by password. Only the website is accessible externally. Any other service is only accessible internally or via Wireguard VPN.
Just at that stage asking myself “where do I draw the line?”
Would be nice to centrally manage logins but I suspect the mismash of services I run wont all support SSO.
I think In today it must be near 25-30 services / containers.
Authentik looks good. But wondering whether it’s just going to be something I only use a fraction of and “a bit overkill” for my needs?
I use Authentik exclusively for Immich and I have no regrets. The application is wonderful and I can use for other things if needed.
Immich is the only service that I host and expose that contains important data, so having the SSO (which I also have 2FA) already adds a lot of comfort to my mind.