If you're looking for something a bit simpler to work with for indiehosting use cases, I maintain a list here:
https://github.com/lastlogin-net/obligator?tab=readme-ov-fil...
If you use our managed services (https://console.ory.sh), it is easy to set up and scale because we have a bunch of defaults, UIs, and the security stuff all set up already.
If you run it completely on your own, which does require some skill especially in terms of (security) incident response, it is more work because you have to figure out a few pieces yourself (the stack is agnostic to the environment).
We have an option for self hosting with all the stuff we have built for the SaaS, but it only makes sense for businesses of a certain size.
Complexity also depends on how many services you combine, some people try to use everything at once and it's overwhelming.
What’s making Ory complex for people who do it by themselves, is that Ory is 3 different API first products that work stand alone or in concert. To wire this up, one requires understanding of every service. Here it is easier to spin up a cloud account, or use an alternate project which is e.g. just one docker container.
For indiehosting, my threat model is "what are my options if the team behind this software takes it in a direction I don't like?"
For some projects (Redis, Terraform), the answer is that a high quality fork pops up (Valkey, OpenTofu). For others (MongoDB), there's still not a FLOSS alternative included in major package managers.
But even if a fork does appear, they are relatively likely to eventually fall prey to the same incentives that impacted the original.
I try to cut this off at the root, and prefer software I would be confident forking myself. All of the options marked "simple" on my list fall under that category.
Sometimes you can't avoid complicated software, but you often can. For an indiehosted identity server, 5,000-10,000 lines of code provides pretty much all the features I need. I don't think the extra ~100,000-900,000k lines of code of the major players is worth the risk.
I'm not sure that either of these are what I'd called "difficult"
FROM openjdk:21
sudo apt install openjdk-21-jdkI'd like to add FusionAuth if the latter (we have a full featured free option but are not open source).
Should I just add a comment on the google sheet or is there a better way?
You can send it to aeneas at ory.sh. It may not be OAuth2 related, and I'd like to make sure.
What is going on with the continuous redirects? I think they are pushing users to either sign up and/or pay up and/or disable ublock. What kind of BS is that?
No worries - It forces me to use claude more and I’m cool with that.
PS: no affiliation, heard 1st time today about them.
Like I get Keycloak is complicated but it is also very useful.
There you can combine all authentication methods in any shape or form you wish!
Easy enough to set up CloudSQL with Postgres and run the Ory software on Cloud Run? Any weird issues/hiccups?
I'll be interested to see what pops up here, but you'd probably have better luck joining their slack community and asking there: https://www.ory.sh/community/
To save you one click you can go here directly: https://slack.ory.sh/
(Disclosure: in charge of community at Ory ;-))
(Disclosure: I work with the community and customers at Ory)