8 Nov
2024
8 Nov
'24
5:04 p.m.
I am currently deploying a couple of Keycloak instances for work, and the learning from
that would be readily recyclable into a hackerspace instance. We'd replace LDAP with
Keycloak for user management and use OIDC for whatever application needs to authenticate
users. LDAP doesn't support two-factor and if we use federated identities with
Keycloak then you can also just login with your social account and not require yet another
username and password for the hackerspace which you'll end up needing to reset. It
would however need to run somewhere. The deployment will need a Linux VM that can have
podman installed on it, and then Keycloak and PostgreSQL runs in podman.
MemberMatters looks like a thing to explore and would support using Keycloak as the
authentication provider via OIDC, but it really needs someone to champion it.
--
*Iain Learmonth* MSci MBCS AICB PM.Dip (he/him)
This email is sent in a personal capacity. The views expressed in this email do not
necessarily reflect the views of SR2 Group Limited, its subsidaries, or any other
organisation in which I am a member, officer, employee, or volunteer.
On Fri, Nov 8, 2024, at 4:54 PM, Dave Hibberd wrote:
Hello friends!
Things haven't changed much since August!
It is still out of date, and it's very clear that no one really has the spoons
to write/upgrade/deal with/etc the software.
On Tuesday, 6 August 2024 22:07:27 GMT Robert McWilliam wrote:
Anyone else want to pick up any of this? Or
replace hub with something
else?¹ Or pester me about it until I actually do it?
Given we primarily use it for membership management and payment history, I
think it's worth looking at whether we can chuck most of what we have out and
start again with someone else's software that they're maintaining.
I see two strands of value here - we're no longer tied to maintaining the
system (which isn't happening anyway) and we can take the time to assess how
easy the mechanics of joining the hackerspace are to make us an easier and
more welcoming group to opt in and out of.
I had a quick look through hackerspaces wiki [1], and membermatters [2] stood
out as an option for an all-in-one package. Used by other spaces, reasonably
active development, and understands memebership, payment (via stripe), access
control, SSO, tuck shop payments (lol) and more. It does more than we need,
but that's fine, we can use less of it.
We'd need to use config menus to teach it about us, member categories
and find a
way for it to recognise payment history - getting the data for the last
x
years into a format it understands is probably the biggest challenge.
Alternatively, we could replace LDAP (which I understand underpins everything)
with LLDAP [3] which will act as an SSO backend, and we can integrate hub/home
assistant/wiki/other services. This might be the cleanest solution while
keeping all our current data intact, but means any expansion we have ambitions
to do like access control needs to be fully built by us.
We'd need to understand how we teach it about member categories, membership
flow, etc etc, which might be more work than otherwise. It does have a web
frontend for log in and **PASSWORD RESET**, the latter of which is better than
we have now 😅. I don't know if it supports allowing users to create their own
account however.
¹ I'd take quite a lot of convincing that
something else would cover
everything hub does with less work than fixing hub, and be maintainable
over long term. But I'm not entirely opposed to it if someone else is doing
the work. And also I'm not in charge, so convincing me that what you want
to do is actually a good idea is not necessarily required.
Dunno if I can convince you, but at least a conversation would work!
Cheers
H
[1] https://wiki.hackerspaces.org/Hackerspace_Software
[2] https://github.com/membermatters/membermatters
[3] https://github.com/lldap/lldap
--
Hibby <hibby(a)debian.org>
Debian Developer
Packet Radioist
MM0RFN
_______________________________________________
57north-discuss mailing list -- 57north-discuss(a)lists.57north.org.uk
To unsubscribe send an email to 57north-discuss-leave(a)lists.57north.org.uk
Attachments:
* signature.asc