habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip: rename to authentik (#361)

Browse Source 
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
This commit is contained in:
Jens L
2020-12-05 22:08:42 +01:00
committed by GitHub
parent 810a7ab50b
commit 1cfe1aff13
989 changed files with 6425 additions and 4412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
website/docs/upgrading/to-0.10.md
View File

@ -10,23 +10,23 @@ This update brings a lot of big features, such as:
- Proxy Provider
Due to this new OAuth2 Provider, the Application Gateway Provider, now simply called "Proxy Provider" has been revamped as well. The new passbook Proxy integrates more tightly with passbook via the new Outposts system. The new proxy also supports multiple applications per proxy instance, can configure TLS based on passbook Keypairs, and more.
Due to this new OAuth2 Provider, the Application Gateway Provider, now simply called "Proxy Provider" has been revamped as well. The new authentik Proxy integrates more tightly with authentik via the new Outposts system. The new proxy also supports multiple applications per proxy instance, can configure TLS based on authentik Keypairs, and more.
See [Proxy](../providers/proxy.md)
- Outpost System
This is a new Object type, currently used only by the Proxy Provider. It manages the creation and permissions of service accounts, which are used by the outposts to communicate with passbook.
This is a new Object type, currently used only by the Proxy Provider. It manages the creation and permissions of service accounts, which are used by the outposts to communicate with authentik.
See [Outposts](../outposts/outposts.md)
- Flow Import/Export
Flows can now be imported and exported. This feature can be used as a backup system, or to share complex flows with other people. Example flows have also been added to the documentation to help you get going with passbook.
Flows can now be imported and exported. This feature can be used as a backup system, or to share complex flows with other people. Example flows have also been added to the documentation to help you get going with authentik.
## Under the hood
- passbook now runs on Django 3.1 and Channels with complete ASGI enabled
- authentik now runs on Django 3.1 and Channels with complete ASGI enabled
- uwsgi has been replaced with Gunicorn and uvicorn
- Elastic APM has been replaced with Sentry Performance metrics
- Flow title is now configurable separately from the name
@ -36,7 +36,7 @@ This update brings a lot of big features, such as:
### docker-compose
The docker-compose file has been updated, please download the latest from `https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml`.
The docker-compose file has been updated, please download the latest from `https://raw.githubusercontent.com/BeryJu/authentik/master/docker-compose.yml`.
By default, the new compose file uses a fixed version to prevent unintended updates.
Before updating the file, stop all containers. Then download the file, pull the new containers and start the database.
@ -68,7 +68,7 @@ error_reporting:
### Upgrading
This upgrade only applies if you are upgrading from a running 0.9 instance. Passbook detects this on startup, and automatically executes this upgrade.
This upgrade only applies if you are upgrading from a running 0.9 instance. Authentik detects this on startup, and automatically executes this upgrade.
Because this upgrade brings the new OAuth2 Provider, the old providers will be lost in the process. Make sure to take note of the providers you want to bring over.

4
website/docs/upgrading/to-0.11.md
View File

@ -10,7 +10,7 @@ This update brings these headline features:
Shows successful and failed logins from the last 24 hours, as well as the most used applications
- Add search to all table views
- Outpost now supports a Docker Controller, which installs the Outpost on the same host as passbook, updates and manages it
- Outpost now supports a Docker Controller, which installs the Outpost on the same host as authentik, updates and manages it
- Add Token Identifier
Tokens now have an identifier which is used to reference to them, so the Primary key is not shown in URLs
@ -19,6 +19,6 @@ This update brings these headline features:
## Upgrading
This upgrade can be done as with minor upgrades, the only external change is the new docker-compose file, which enabled the Docker Integration for Outposts. To use this feature, please download the latest docker-compose from [here](https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml).
This upgrade can be done as with minor upgrades, the only external change is the new docker-compose file, which enabled the Docker Integration for Outposts. To use this feature, please download the latest docker-compose from [here](https://raw.githubusercontent.com/BeryJu/authentik/master/docker-compose.yml).
Afterwards, you can simply run `docker-compose up -d` and then the normal upgrade command of `docker-compose run --rm server migrate`.

20
website/docs/upgrading/to-0.12.md
View File

@ -4,23 +4,23 @@ title: Upgrading to 0.12
This update brings these headline features:
- Rewrite Outpost state Logic, which now supports multiple concurrent Outpost instances.
- Add Kubernetes Integration for Outposts, which deploys and maintains Outposts with High Availability in a Kubernetes Cluster
- Add System Task Overview to see all background tasks, their status, the log output, and retry them
- Alerts now disappear automatically
- Audit Logs are now searchable
- Users can now create their own Tokens to access the API
- docker-compose deployment now uses traefik 2.3
- Rewrite Outpost state Logic, which now supports multiple concurrent Outpost instances.
- Add Kubernetes Integration for Outposts, which deploys and maintains Outposts with High Availability in a Kubernetes Cluster
- Add System Task Overview to see all background tasks, their status, the log output, and retry them
- Alerts now disappear automatically
- Audit Logs are now searchable
- Users can now create their own Tokens to access the API
- docker-compose deployment now uses traefik 2.3
Fixes:
- Fix high CPU Usage of the proxy when Websocket connections fail
- Fix high CPU Usage of the proxy when Websocket connections fail
## Upgrading
### docker-compose
Docker-compose users should download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml). This includes the new traefik 2.3.
Docker-compose users should download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/authentik/master/docker-compose.yml). This includes the new traefik 2.3.
Afterwards, you can simply run `docker-compose up -d` and then the normal upgrade command of `docker-compose run --rm server migrate`.
@ -62,4 +62,4 @@ config:
in order to be consistent with the rest of the settings.
There is also a new setting called `kubernetesIntegration`, which controls the Kubernetes integration for passbook. When enabled (the default), a Service Account is created, which allows passbook to deploy and update Outposts.
There is also a new setting called `kubernetesIntegration`, which controls the Kubernetes integration for authentik. When enabled (the default), a Service Account is created, which allows authentik to deploy and update Outposts.

58
website/docs/upgrading/to-0.13.md Normal file
View File

@ -0,0 +1,58 @@
---
title: Upgrading to 0.13 (passbook -> authentik)
---
After a long back and forth, we've finally switched to a more permanent name. Whilst the upgrade is pretty much seamless, there are some things you have to change before upgrading.
## Upgrading
### docker-compose
Docker-compose users should download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/authentik/master/docker-compose.yml).
:::caution
If you decided to rename the folder you're running the docker-compose file from, be aware that this will also change the name, that docker-compose will give the database volume. To mitigate this, either
- Keep the original directory name
- Move the directory and set `COMPOSE_PROJECT_NAME` to the name of the old directory (see [here](https://docs.docker.com/compose/reference/envvars/#compose_project_name))
- Create a backup, rename the directory and restore from backup.
:::
The only manual change you have to do is replace the `PASSBOOK_` prefix in your `.env` file, so `PASSBOOK_SECRET_KEY` gets changed to `AUTHENTIK_SECRET_KEY`.
Afterwards, you can simply run `docker-compose up -d` and then the normal upgrade command of `docker-compose run --rm server migrate`.
### Kubernetes
The helm repository changes from passbook to authentik. To update your repository, execute these commands:
```
helm repo remove passbook
helm repo add authentik https://docker.beryju.org/chartrepo/authentik
```
:::notice
If you've set any custom image names in your values file, make sure to change them to authentik before upgrading.
:::
Additionally, you need to change the database name that authentik uses, as the database name doesn't change. Add this snippet to your `values.yaml` file:
```yaml
postgresql:
postgresqlDatabase: passbook
```
Afterwards you can upgrade as usual from the new repository:
```
helm upgrade passbook authentik/authentik --devel -f values.yaml
```
## Post-upgrade notes
- Some default values change, for example the SAML Provider's default issuer.
This only makes a difference for newly created objects.
- Expression Policies variables change
Anything prefixed with `pb_` changes to `ak_`, this change is done **automatically**

21
website/docs/upgrading/to-0.13.md_
View File

@ -1,21 +0,0 @@
---
title: Upgrading to 0.13
---
**WIP**
# TODO: Changelog for 0.13
## Upgrading
### docker-compose
Docker-compose users should download the latest docker-compose file from [here](https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml).
This includes a new shared volume, which is used for file Uploads.
Afterwards, you can simply run `docker-compose up -d` and then the normal upgrade command of `docker-compose run --rm server migrate`.
### Kubernetes
The Helm chart contains a new PVC which is used to store all the files uploaded by users. This PVC is shared between the Server pods and the static pods.

22
website/docs/upgrading/to-0.9.md
View File

@ -2,38 +2,38 @@
title: Upgrading to 0.9
---
Due to some database changes that had to be rather sooner than later, there is no possibility to directly upgrade. You must extract the data before hand and import it again. It is recommended to spin up a second instance of passbook to do this.
Due to some database changes that had to be rather sooner than later, there is no possibility to directly upgrade. You must extract the data before hand and import it again. It is recommended to spin up a second instance of authentik to do this.
To export data from your old instance, run this command:
- docker-compose
```
docker-compose exec server ./manage.py dumpdata -o /tmp/passbook_dump.json passbook_core.User passbook_core.Group passbook_crypto.CertificateKeyPair passbook_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken
docker cp passbook_server_1:/tmp/passbook_dump.json passbook_dump.json
docker-compose exec server ./manage.py dumpdata -o /tmp/authentik_dump.json authentik_core.User authentik_core.Group authentik_crypto.CertificateKeyPair authentik_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken
docker cp authentik_server_1:/tmp/authentik_dump.json authentik_dump.json
```
- kubernetes
```
kubectl exec -it passbook-web-... -- ./manage.py dumpdata -o /tmp/passbook_dump.json passbook_core.User passbook_core.Group passbook_crypto.CertificateKeyPair passbook_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken
kubectl cp passbook-web-...:/tmp/passbook_dump.json passbook_dump.json
kubectl exec -it authentik-web-... -- ./manage.py dumpdata -o /tmp/authentik_dump.json authentik_core.User authentik_core.Group authentik_crypto.CertificateKeyPair authentik_audit.Event otp_totp.totpdevice otp_static.staticdevice otp_static.statictoken
kubectl cp authentik-web-...:/tmp/authentik_dump.json authentik_dump.json
```
After that, create a new passbook instance in a different namespace (kubernetes) or in a different folder (docker-compose). Once this instance is running, you can use the following commands to restore the data. On docker-compose, you still have to run the `migrate` command, to create all database structures.
After that, create a new authentik instance in a different namespace (kubernetes) or in a different folder (docker-compose). Once this instance is running, you can use the following commands to restore the data. On docker-compose, you still have to run the `migrate` command, to create all database structures.
- docker-compose
```
docker cp passbook_dump.json new_passbook_server_1:/tmp/passbook_dump.json
docker-compose exec server ./manage.py loaddata /tmp/passbook_dump.json
docker cp authentik_dump.json new_authentik_server_1:/tmp/authentik_dump.json
docker-compose exec server ./manage.py loaddata /tmp/authentik_dump.json
```
- kubernetes
```
kubectl cp passbook_dump.json passbook-web-...:/tmp/passbook_dump.json
kubectl exec -it passbook-web-... -- ./manage.py loaddata /tmp/passbook_dump.json
kubectl cp authentik_dump.json authentik-web-...:/tmp/authentik_dump.json
kubectl exec -it authentik-web-... -- ./manage.py loaddata /tmp/authentik_dump.json
```
Now, you should be able to login to the new passbook instance, and migrate the rest of the data over.
Now, you should be able to login to the new authentik instance, and migrate the rest of the data over.