| 29 May 2026 |
 raitobezarius | also Keycloak has proper forced PKCE, DPoP and will probably have transaction tokens | 21:19:27 |
| raitobezarius | if i could put the keycloak ui on my screenlocker, i would | 21:19:46 |
| raitobezarius | keycloak can log oidc tokens | 21:26:04 |
 hexa (signing key rotation when) | fine | 21:31:58 |
| hexa (signing key rotation when) | I don't care too strongly anyhow | 21:32:10 |
| hexa (signing key rotation when) | nobody ever got fired for running keycloak | 21:33:26 |
| 30 May 2026 |
 dish [Fox/It/She] | In reply to @hexa:lossy.network
Question is: Keycloak vs Authentik neither >:3 /jk
but i ran authentik for a while and its very complicated and heavyweight feeling so its not my preferred. no experience with keycloak so idk how it is in that regard | 00:00:01 |
| dish [Fox/It/She] | also authentik can feel slow at times >.> | 00:00:14 |
| hexa (signing key rotation when) | keycloak is a java enterprise app :p | 00:02:24 |
 Bart | And Authentik is a beefy Django + Go app :p | 00:12:53 |
| hexa (signing key rotation when) | If in doubt, I'd rather debug python and go over java | 00:26:49 |
| hexa (signing key rotation when) | Redacted or Malformed Event | 00:26:55 |
| Bart | oh definitely | 00:46:47 |
| Bart | and authentik docs are way better than keycloak as well | 00:47:29 |
| dish [Fox/It/She] | In reply to @hexa:lossy.network
keycloak is a java enterprise app :p JVM can be fast 🤷♀️ | 01:54:31 |
| hexa (signing key rotation when) | but annoying to debug | 01:54:41 |
| hexa (signing key rotation when) | and not easy to patch | 01:54:49 |
| dish [Fox/It/She] | oh absolutely | 01:54:51 |
| hexa (signing key rotation when) | we just fetch something pre-built in nixpkgs and tada.wav | 01:55:32 |
 leona | I try self compiling keycloak for a while … maybe soon lol (it’s awful) | 07:38:02 |
 ma27 | you forget the RUst part in 2026.5 that's surprisingly annoying to package (almost done with it as well, then I'll open my promised PR :p) ;-) | 08:38:27 |
 sterni | keycloak had massive issues with GitHub logins when you had (some) emails marked as private, probably wise to check whether that’s fixed if GH backed logins are needed | 09:14:36 |
| raitobezarius | It was fixed | 09:27:41 |
| Bart | oh no 😭 | 09:54:45 |
| Bart | I did not know | 09:54:50 |
| Bart | It seems like Hydra is having troubles uploading artifacts to S3 | 10:56:10 |
| Bart | 
Download image.png | 10:56:10 |
| hexa (signing key rotation when) | regularly | 10:56:54 |
| Bart | I noticed this because status.nixos.org is almost entirely red 😭 | 10:57:17 |
| hexa (signing key rotation when) | I think that's because somone abort non-current builds | 10:57:53 |
