I’m interested to install taiga for a small team (<20 members) and not an intensive usage.
Self hosting is interesting to integrate taiga in internal service with SSO.
Is it possible to integrated taiga with oidc (keycloak, working really). Is there a way to have a light weight installation without deploying 8 containers over 2 docker-compose.
thanks
Hi @malys,
I am working with an org that is similar in size to yours, and are self-hosting Taiga with the 2 docker-compose file approach. We have been running it since the start of this year.
The server is a t3.medium AWS instance, currently using about 1.5 of 4GB RAM. Here’s a snapshot of docker stats that you might find interesting
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
0bb6e3b96e01a9a20c524a607189802b6dfac1fa219e55c30d4a3b293465ba36 taiga-taiga-async-1 0.00% 281.3MiB / 3.762GiB 7.30% 121MB / 107MB 267MB / 296MB 6
bd7aef4ba3834585f96e4b5eca7e84584bf3f3c35a462701b425576c6ed03a60 taiga-taiga-back-1 0.01% 632.9MiB / 3.762GiB 16.43% 719MB / 263MB 264MB / 162MB 7
d0668cb269d9d4e9022b8e1ee8eba77d1fcc6705cfb3ce8d16015c83e332f78c taiga-taiga-front-1 0.00% 6.254MiB / 3.762GiB 0.16% 4.11MB / 386MB 32.2MB / 872kB 3
eb6b8a3752ebe6a0a1068635bb52646f3b5533482831203c78ba2446c83af869 taiga-taiga-gateway-1 0.00% 10.02MiB / 3.762GiB 0.26% 705MB / 769MB 31.4MB / 2.29MB 3
ae91ecae7e4243c4c9d56a89cd0f460d5ddfa46e74e7a3c2a28936f3853b315d taiga-taiga-events-1 0.00% 37.32MiB / 3.762GiB 0.97% 13.2MB / 8.29MB 76.3MB / 22.9MB 22
390c5968a4e546cedd7df75cb914ccee2e568d2c292cacb24062a45890481bcf taiga-taiga-protected-1 0.01% 37.78MiB / 3.762GiB 0.98% 4.58MB / 1.81MB 29MB / 61.4MB 5
3629aefe10079bca341251882a2b5fe384ff0a43159b449ee83c663800be6766 taiga-taiga-db-1 6.12% 175.1MiB / 3.762GiB 4.54% 81.7MB / 728MB 2.24GB / 1.64GB 7
fb7f7e285a45692355105d250f75381d7eee5940bb5dcc7befe5951ebe764893 taiga-taiga-async-rabbitmq-1 0.32% 77.41MiB / 3.762GiB 2.01% 99.2MB / 101MB 55.7MB / 87.5MB 25
314935b826c2e368eb1e647142d512353d200a7231b3cfbbabb2fa9f93252239 taiga-taiga-events-rabbitmq-1 0.59% 83.57MiB / 3.762GiB 2.17% 2.82MB / 3.1MB 30.1MB / 72.8MB 25
I keep logs of all CPU load throughout the day, Monday it didn’t jump above 0.65 during peak time. The 5 minute average was generally about 0.10. This is with two vCPUs.
We also are running OIDC. Not with keycloak but with another self-hosted OIDC (we are hosting Ory Hydra as the OIDC OP, on separate infrastructure). I had to make some tweaks to this OIDC plugin to support our needs (such as locking down which users can login) but it works well enough. You can see the 3 PRs there are from me.
There are other OIDC plugins too,GitHub - robrotheram/taiga-contrib-openid-auth: Taiga plugin for openid authentication (but I didn’t like the way that one doesn’t set a state/nonce etc, I’m not convinced it’s safe enough to use as an OIDC RP). Some people have filed issues in that one about problems with Keycloak too. Search for ‘Keycloak’ on this forum, I think quite a few people are using it.
I’d be happy to help you if you run into any issues with setting it up. The usual OIDC pain points are not unique to Taiga but typical to any RP, e.g making sure you set the correct post-login redirect URI callback correctly, etc.
