What problem does this solve?

If you’re running a homelab or a small infrastructure with multiple self-hosted services, you’ve probably hit this wall: every service has its own user database. Nextcloud has one, Gitea has another, Portainer has its own, and so on. Add a new team member? You’re creating accounts in five different places. Someone leaves? Good luck remembering where they had access.

LDAP solves this by giving you a single directory where all your users and groups live. Each service connects to this directory instead of maintaining its own user list. You create a user once, assign them to groups, and every connected service knows who they are and what they can access.

You’ve got a Go API. Or a PHP app. Or both. And you need to protect them. The instinct is to reach for a library, bolt on JWT handling, wire up a database for sessions, and build yet another login form. But there’s a better way — one that separates authentication from your application entirely.

External authorization systems sit in front of your app, handle the messy parts (login flows, MFA, session management), and pass you clean, trusted headers with user information. Your app just reads them. That’s it.

MikroTik RouterOS v7: Dual WAN Failover & Policy-Based Routing

If you have a MikroTik router and two internet connections (a primary high-speed line and a secondary backup line), you probably have two goals:

1. Automatic Failover: If the Main Connection drops, the router should switch to the Backup Connection automatically.
2. Policy Routing: You may want to force specific destinations (like a work server, a gaming server, or a specific streaming service) to always use the for example Backup Connection, regardless of the main connection status.

This guide covers how to set this up using RouterOS v7 via the Command Line (CLI).

Getting Real Client IPs in Fiber Behind a Proxy

When your Fiber application runs behind a reverse proxy like Caddy, Nginx, or Cloudflare, you’ll notice that c.IP() returns the proxy’s IP address instead of your actual visitor’s IP. This happens because Fiber sees the direct connection, which is from the proxy server, not the original client.

Why This Happens

By default, Fiber reads the IP from the direct TCP connection for security reasons. Without proper configuration, it doesn’t know there’s a trusted proxy in front of it passing along the real client information in HTTP headers.

Level Up Your Go Web Server: Mastering Advanced Routing with net/http

Building robust and maintainable web applications in Go often hinges on how effectively you manage incoming HTTP requests. While Go’s built-in net/http package provides foundational tools, its advanced routing features empower you to create sophisticated and organized application logic. This article will guide you through practical code examples for path parameters, HTTP method constraints, host-based routing, middleware, sub-routing, and context-elevating your Go web server development.