outposts: make AUTHENTIK_HOST_BROWSER configurable from central config

closes #1471 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:00:51 +02:00
parent 05db9e5c40
commit b248f450dd
6 changed files with 19 additions and 2 deletions
--- a/authentik/outposts/controllers/docker.py
+++ b/authentik/outposts/controllers/docker.py
@ -38,6 +38,7 @@ class DockerController(BaseController):
            "AUTHENTIK_HOST": self.outpost.config.authentik_host.lower(),
            "AUTHENTIK_INSECURE": str(self.outpost.config.authentik_host_insecure).lower(),
            "AUTHENTIK_TOKEN": self.outpost.token.key,
+            "AUTHENTIK_HOST_BROWSER": self.outpost.config.authentik_host_browser,
        }

    def _comp_env(self, container: Container) -> bool:
@ -215,6 +216,7 @@ class DockerController(BaseController):
                        "AUTHENTIK_HOST": self.outpost.config.authentik_host,
                        "AUTHENTIK_INSECURE": str(self.outpost.config.authentik_host_insecure),
                        "AUTHENTIK_TOKEN": self.outpost.token.key,
+                        "AUTHENTIK_HOST_BROWSER": self.outpost.config.authentik_host_browser,
                    },
                    "labels": self._get_labels(),
                }
--- a/authentik/outposts/controllers/k8s/deployment.py
+++ b/authentik/outposts/controllers/k8s/deployment.py
@ -89,6 +89,15 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
                                            )
                                        ),
                                    ),
+                                    V1EnvVar(
+                                        name="AUTHENTIK_HOST_BROWSER",
+                                        value_from=V1EnvVarSource(
+                                            secret_key_ref=V1SecretKeySelector(
+                                                name=self.name,
+                                                key="authentik_host_browser",
+                                            )
+                                        ),
+                                    ),
                                    V1EnvVar(
                                        name="AUTHENTIK_TOKEN",
                                        value_from=V1EnvVarSource(
--- a/authentik/outposts/controllers/k8s/secret.py
+++ b/authentik/outposts/controllers/k8s/secret.py
@ -26,7 +26,7 @@ class SecretReconciler(KubernetesObjectReconciler[V1Secret]):
    def reconcile(self, current: V1Secret, reference: V1Secret):
        super().reconcile(current, reference)
        for key in reference.data.keys():
-            if current.data[key] != reference.data[key]:
+            if key not in current.data or current.data[key] != reference.data[key]:
                raise NeedsUpdate()

    def get_reference_object(self) -> V1Secret:
@ -40,6 +40,9 @@ class SecretReconciler(KubernetesObjectReconciler[V1Secret]):
                    str(self.controller.outpost.config.authentik_host_insecure)
                ),
                "token": b64string(self.controller.outpost.token.key),
+                "authentik_host_browser": b64string(
+                    self.controller.outpost.config.authentik_host_browser
+                ),
            },
        )

--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@ -64,6 +64,7 @@ class OutpostConfig:

    authentik_host: str = ""
    authentik_host_insecure: bool = False
+    authentik_host_browser: str = ""

    log_level: str = CONFIG.y("log_level")
    error_reporting_enabled: bool = CONFIG.y_bool("error_reporting.enabled")