Identity and Access Management for home-lab environments.
Gandalf is designed to be a lightweight OIDC provider and run on very limited resource devices. It is written in Rust and uses SQLite as its database.
Compared to Keycloak (require Java and 2GB+ RAM) and Authentik (500MB+ RAM), Gandalf can work on 16MB RAM devices (but 32MB+ is recommended). It is optimized for home-lab environments and gateways.
-
Copy
docker-compose.ymlandconf.ymlfrom the repo. -
Change
base_url(must) and other settings as needed. -
Start with Docker Compose:
docker compose up -d
-
Create
rootuser (or any username), the initial password will be generated for you:docker compose exec gandalf /app/gandalf user add root --admin sudo chown 1000:1000 data.db docker compose restart -
Open
base_urlin your browser and login with the user you just created.
-
Download the latest release from Releases.
-
Change
base_url(must) and other settings as needed. -
Create
rootuser (or any username), the initial password will be generated for you:./gandalf user add root --admin
-
Start gandalf:
./gandalf run
-
Open
base_urlin your browser and login with the user you just created.
Usage: gandalf [OPTIONS] <COMMAND>
Commands:
run Run gandalf
user User management
check Check config file
help Print this message or the help of the given subcommand(s)
Options:
-c, --config <FILE> Config file [default: conf.yml]
-v, --verbose Show verbose/debug log
-q, --quiet Do not print any log
--log-json Use JSON to format log
-h, --help Print help
-V, --version Print version