I am often asked why we like to use FreeBSD so much. Sometimes I catch myself giving very detailed and theoretical answers. Since that isn’t always the clearest way, here is a practical example.
A Single Sign-On (SSO) solution was to be created for various applications. The components used are:
- Keycloak
- PostgreSQL for Keycloak
- OAuth2-Proxy for applications that don’t support OAuth2 / OIDC.
- A custom web application that provides an overview of all offered applications (Spring Boot, Java).
- nginx as a reverse proxy
Five different services. In our setup, each service runs in its own jail. The jails are managed with BastilleBSD, a very lightweight jail manager. We use so-called thin jails: they share a common base system, so a typical installation only consumes storage for the installed packages (keycloak, postgres, etc.):
[Read More]