What is the preferred identity service for NixOS and can it be run on NixOS?
I have migrated all the client machines at my home to NixOS. I like that I can make sure that my family’s computers stay configured and up to date, keep the configuration on my shared drive, and then deploy that configuration to any computer on the network from any other computer.
All of these computers are currently running as clients to the Synology Directory Server. I am beginning to see the problems with Synology’s server and I want to move away from it. I am also having problems with Synology’s container server so I want to move away from that as well.
My first thought was to install a proxmox server to host a FreeIPA server, a container server, and then whatever else I feel I need in the future. After starting down this path I realized I could find no documentation on how to install FreeIPA on NixOS. Based on the amount of custom config it required to make my clients work with the Synology Directory Server, I am guessing freeipa is not currently on its way to NixOS.
If I use Centos for my FreeIPA server then I have another system to keep up that I can’t remote deploy with NixOPS. I would prefer to avoid that. I started to wonder if I should just go straight LDAP rather than AD since I am only maintaining Linux clients.
Does anyone have a configuration for running an all-NixOS identity,container and perhaps even NAS server? What is everyone else using?
I could just use mutable users and just push the users that way, but that doesn’t give me the ability to authenticate non-Nix systems or devices.