Merge branch 'master' into publish-api-to-npm

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/package-lock.json
#	web/src/pages/sources/oauth/OAuthSourceForm.ts

website/docs/installation/docker-compose.md

@@ -12,9 +12,9 @@ This installation method is for test-setups and small-scale productive setups.
 
 ## Preparation
 
-Download the latest `docker-compose.yml` from [here](https://raw.githubusercontent.com/goauthentik/authentik/version/2021.7.3/docker-compose.yml). Place it in a directory of your choice.
+Download the latest `docker-compose.yml` from [here](https://raw.githubusercontent.com/goauthentik/authentik/version/2021.8.1-rc1/docker-compose.yml). Place it in a directory of your choice.
 
-To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.7.3 >> .env`
+To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.8.1-rc1 >> .env`
 
 If this is a fresh authentik install run the following commands to generate a password:
 
@@ -92,10 +92,10 @@ The docker-compose project contains the following containers:
 
 - worker
 
-    This container executes backgorund tasks, everything you can see on the *System Tasks* page in the frontend.
+    This container executes background tasks, everything you can see on the *System Tasks* page in the frontend.
 
 - redis & postgresql
 
     Cache and database respectively.
 
-Additionally, if you've enabled GeoIP, there is a container running which regularly updates the GeoIP database.
+Additionally, if you've enabled GeoIP, there is a container running that regularly updates the GeoIP database.

website/docs/integrations/services/wordpress/index.md

@@ -45,11 +45,11 @@ Assumption is being made that you have successfully downloaded and activated the
 
 In Wordpress, under _Settings_, Select _OpenID Connect Client_
 
-::note
+:::note
 Only settings that have been modified from default have been listed.
 :::
 
-- Login Type: OpenID Connect Button of Login (This option display a button to login using OpenID as well as local WP login)
+- Login Type: OpenID Connect Button on Login (This option display a button to login using OpenID as well as local WP login)
 - Client ID: Client ID from step 1
 - Client Secret: Client Secret from step 1
 - OpenID Scope: `email profile openid`

website/docs/outposts/manual-deploy-docker-compose.md

@@ -11,7 +11,7 @@ version: "3.5"
 
 services:
   authentik_proxy:
-    image: ghcr.io/goauthentik/proxy:2021.7.3
+    image: ghcr.io/goauthentik/proxy:2021.8.1-rc1
     ports:
       - 4180:4180
       - 4443:4443
@@ -21,7 +21,7 @@ services:
       AUTHENTIK_TOKEN: token-generated-by-authentik
   # Or, for the LDAP Outpost
   authentik_proxy:
-    image: ghcr.io/goauthentik/ldap:2021.7.3
+    image: ghcr.io/goauthentik/ldap:2021.8.1-rc1
     ports:
       - 389:3389
     environment:

website/docs/outposts/manual-deploy-kubernetes.md

@@ -14,7 +14,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.7.3
+    app.kubernetes.io/version: 2021.8.1-rc1
   name: authentik-outpost-api
 stringData:
   authentik_host: "__AUTHENTIK_URL__"
@@ -29,7 +29,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.7.3
+    app.kubernetes.io/version: 2021.8.1-rc1
   name: authentik-outpost
 spec:
   ports:
@@ -54,7 +54,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.7.3
+    app.kubernetes.io/version: 2021.8.1-rc1
   name: authentik-outpost
 spec:
   selector:
@@ -62,14 +62,14 @@ spec:
       app.kubernetes.io/instance: __OUTPOST_NAME__
       app.kubernetes.io/managed-by: goauthentik.io
       app.kubernetes.io/name: authentik-proxy
-      app.kubernetes.io/version: 2021.7.3
+      app.kubernetes.io/version: 2021.8.1-rc1
   template:
     metadata:
       labels:
         app.kubernetes.io/instance: __OUTPOST_NAME__
         app.kubernetes.io/managed-by: goauthentik.io
         app.kubernetes.io/name: authentik-proxy
-        app.kubernetes.io/version: 2021.7.3
+        app.kubernetes.io/version: 2021.8.1-rc1
     spec:
       containers:
         - env:
@@ -88,7 +88,7 @@ spec:
               secretKeyRef:
                 key: authentik_host_insecure
                 name: authentik-outpost-api
-        image: ghcr.io/goauthentik/proxy:2021.7.3
+        image: ghcr.io/goauthentik/proxy:2021.8.1-rc1
         name: proxy
         ports:
           - containerPort: 4180
@@ -110,7 +110,7 @@ metadata:
     app.kubernetes.io/instance: __OUTPOST_NAME__
     app.kubernetes.io/managed-by: goauthentik.io
     app.kubernetes.io/name: authentik-proxy
-    app.kubernetes.io/version: 2021.7.3
+    app.kubernetes.io/version: 2021.8.1-rc1
   name: authentik-outpost
 spec:
   rules:

website/docs/providers/ldap.md

@@ -14,7 +14,7 @@ Binding against the LDAP Server uses a flow in the background. This allows you t
 
 You can configure under which base DN the information should be available. For this documentation we'll use the default of `DC=ldap,DC=goauthentik,DC=io`.
 
-Users are available under `ou=users,<base DN>` and groups under `ou=groups,<base DN>`.
+Users are available under `ou=users,<base DN>` and groups under `ou=groups,<base DN>`. To aid compatibility, each user belongs to its own "virtual" group, as is standard on most Unix-like systems. This group does not exist in the authentik database, and is generated on the fly. These virtual groups are under the `ou=virtual-groups,<base DN>` DN.
 
 You can bind using the DN `cn=<username>,ou=users,<base DN>`, or using the following ldapsearch command for example:
 

website/docs/releases/v2021.8.md

@@ -23,7 +23,9 @@ slug: "2021.8"
  - core: allow changing of groups a user is in from user api
  - flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event
  - lifecycle: decrease default worker count on compose
+ - outpost/ldap: Performance improvements, support for (member=) lookup
  - providers/proxy: don't create ingress when no hosts are defined
+ - sources/plex: add API to get user connections
  - web: add API Drawer
  - web/admin: add UI to copy invitation link
  - web/admin: allow modification of users groups from user view

website/sidebars.js

@@ -174,6 +174,7 @@ module.exports = {
             type: "category",
             label: "Release Notes",
             items: [
+                "releases/v2021.8",
                 "releases/v2021.7",
                 "releases/v2021.6",
                 "releases/v2021.5",