Why has authentication of web services to be so fucking complicated?
PAM, OpenID, LDAP, SSO...
Every fucking service supports something different and I have a hard time finding a decent tutorial on LDAP and the likes.

because the people working on it dont actually know what user experience is and probably never had to deal with people in general.

Its all just another project from some basement fedora wearing nerds trying to get noticed by some venture firm to make them rich "ooohh look at us, we made oauth ladida"

at this point im just considering storing access and refresh tokens plain text in a cookie or something

What is your problem?

@stop
I want to setup some stuff on my Pi.
Cloud storage, Git-Server, Streaming server,...
All of those support LDAP, however I hardly found any useful tutorial on setting up an LDAP Server and building a proper directory structure.

http://idevelopment.info/data/LDAP/...
For administration i would use shelldap (commandline) or apache directory studio

Below your base you are free to make what you want.