internal: add internal healthchecking to prevent websocket errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

internal/web/proxy.go

@@ -40,6 +40,10 @@ func (ws *WebServer) configureProxy() {
 		ws.proxyErrorHandler(rw, r, fmt.Errorf("proxy not running"))
 	})
 	ws.m.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		if !ws.p.IsRunning() {
+			ws.proxyErrorHandler(rw, r, fmt.Errorf("authentik core not running yet"))
+			return
+		}
 		host := web.GetHost(r)
 		before := time.Now()
 		if ws.ProxyServer != nil {
@@ -59,8 +63,12 @@ func (ws *WebServer) configureProxy() {
 }
 
 func (ws *WebServer) proxyErrorHandler(rw http.ResponseWriter, req *http.Request, err error) {
-	ws.log.WithError(err).Warning("proxy error")
+	ws.log.Warning(err.Error())
 	rw.WriteHeader(http.StatusBadGateway)
+	_, err = rw.Write([]byte("authentik starting..."))
+	if err != nil {
+		ws.log.WithError(err).Warning("failed to write error message")
+	}
 }
 
 func (ws *WebServer) proxyModifyResponse(r *http.Response) error {

internal/web/web.go

@@ -11,6 +11,7 @@ import (
 	"github.com/pires/go-proxyproto"
 	log "github.com/sirupsen/logrus"
 	"goauthentik.io/internal/config"
+	"goauthentik.io/internal/gounicorn"
 	"goauthentik.io/internal/outpost/proxyv2"
 )
 
@@ -27,9 +28,10 @@ type WebServer struct {
 	m   *mux.Router
 	lh  *mux.Router
 	log *log.Entry
+	p   *gounicorn.GoUnicorn
 }
 
-func NewWebServer() *WebServer {
+func NewWebServer(g *gounicorn.GoUnicorn) *WebServer {
 	l := log.WithField("logger", "authentik.g.web")
 	mainHandler := mux.NewRouter()
 	if config.G.ErrorReporting.Enabled {
@@ -46,6 +48,7 @@ func NewWebServer() *WebServer {
 		m:   mainHandler,
 		lh:  logginRouter,
 		log: l,
+		p:   g,
 	}
 	ws.configureStatic()
 	ws.configureProxy()