0c55eea678
outposts: Adding more flexibility to outposts in Kubernetes. ( #1617 )
...
* outposts/ldap: Support hard coded `uidNumber` and `gidNumber`.
* outposts: more options for image + labels
- Set outpost docker image in config.
- Set image pull secrets in outpost config.
- Add additional labels for easier targeting from
custom services.
* Fix some linting errors.
* outposts: Rename `docker_image` to `container_image
2021-10-14 19:54:56 +02:00
ecfc3a6d93
*: migrate everything to goauthentik.io docker proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-10-12 11:04:47 +02:00
d959b7a930
Merge branch 'version-2021.9'
2021-10-10 14:35:40 +02:00
619203c177
release: 2021.9.8
2021-10-10 13:12:26 +02:00
8c27616d0c
Merge branch 'version-2021.9'
2021-10-06 21:04:16 +02:00
e444d0d640
release: 2021.9.7
2021-10-06 20:57:56 +02:00
d75c63d38b
Merge branch 'version-2021.9'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
# Conflicts:
# web/src/locales/fr_FR.po
2021-10-06 00:04:09 +02:00
2b730dec54
release: 2021.9.6
2021-10-05 22:22:54 +02:00
1c340ddbbd
Merge branch 'version-2021.9'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
# Conflicts:
# web/package-lock.json
# web/package.json
2021-10-04 22:02:56 +02:00
bcf7e162a4
release: 2021.9.5
2021-10-04 20:08:46 +02:00
4715e7bf04
website/docs: fix description for docker outpost settings ( #1513 )
...
Changed the first "Kubernetes outpost specific settings" to Docker
2021-10-03 19:43:56 +02:00
1a6ea72c09
release: 2021.9.4
2021-10-01 09:51:51 +02:00
10b45d954e
outposts: allow disabling of docker controller port mapping
...
closes #1474
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-30 00:11:50 +02:00
941bc61b31
release: 2021.9.3
2021-09-27 17:31:50 +02:00
b248f450dd
outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
...
closes #1471
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 12:00:51 +02:00
ba44fbdac8
website/docs: fix typos and grammar ( #1459 )
2021-09-24 15:37:54 +02:00
eddca478dc
release: 2021.9.2
2021-09-23 12:34:02 +02:00
2fe6de0505
release: 2021.9.1
2021-09-22 19:11:20 +02:00
0aec504170
website/docs: add ssl port for ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-21 15:44:05 +02:00
ac52667327
release: 2021.9.1-rc3
2021-09-19 21:52:49 +02:00
fcbcfbc3c0
website/docs: Minor LDAP and NGINX Documentation Updates ( #1406 )
...
* update LDAP documentation
* include domain level nginx forward auth example
* wrap in banner
* update placeholder
2021-09-17 09:47:27 +02:00
28189bdddf
release: 2021.9.1-rc2
2021-09-16 23:23:36 +02:00
bdd5e16db1
release: 2021.9.1-rc1
2021-09-15 20:20:54 +02:00
128b582dd6
website/docs: fix inconsistent version number
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-13 22:05:35 +02:00
e59ede5422
website/docs: fix ports for current outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-13 22:03:02 +02:00
bf771f8b6c
release: 2021.8.5
2021-09-11 19:20:13 +02:00
7158c9d2ea
core: metrics v2 ( #1370 )
...
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-09 15:52:24 +02:00
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-08 18:04:56 +00:00
276d8fe5cf
release: 2021.8.4
2021-09-02 20:21:21 +02:00
d9a6ec2ac0
webiste/docs: update extensionvs/v1beta ingress
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-31 21:11:01 +02:00
e872371970
website/docs: add embedded outpost docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-29 14:43:13 +02:00
160139813d
release: 2021.8.3
2021-08-28 16:58:44 +02:00
dc41d0af27
outposts: add configurable docker_network for outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-27 19:26:11 +02:00
c4f72c2bc1
release: 2021.8.2
2021-08-26 17:58:20 +02:00
897f6f3473
release: 2021.8.1
2021-08-26 16:03:45 +02:00
4d27694706
release: 2021.8.1-rc2
2021-08-24 21:29:29 +02:00
7639cdad0a
release: 2021.8.1-rc1
2021-08-22 20:17:35 +02:00
18211a2033
release: 2021.7.3
2021-08-05 19:23:03 +02:00
add7a80fdc
release: 2021.7.2
2021-08-01 19:11:50 +02:00
e6b515e3f7
release: 2021.7.1
2021-07-27 10:35:45 +02:00
3041a30193
release: 2021.7.1-rc2
2021-07-24 18:32:05 +02:00
285a9b8b1d
website/docs: remove duplicate proxy docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-22 10:48:10 +02:00
39ad9d7c9d
release: 2021.7.1-rc1
2021-07-21 10:44:40 +02:00
efa09d5e1d
providers/ldap: fix: Return user DN with virtual group ( #1142 )
...
* fix: incorrect ldap virtual group member DN
Signed-off-by: Toboshii Nakama <toboshii@gmail.com >
* fix: imports
Signed-off-by: Toboshii Nakama <toboshii@gmail.com >
2021-07-14 10:59:40 +00:00
7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. ( #1138 )
...
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.
The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.
The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.
I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.
* Add a 'fake' primary group for each user
* First attempt att adding config to interface
* Updated API to support new fields
* Refactor code, update documentation and remove obsolete comment
Simplify `GetRIDForGroup`, was a bit overcomplicated before.
Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User
Add proper support in the interface for changing gidNumber and uidNumber starting points
* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
7dfc621ae4
LDAP Provider: TLS support ( #1137 )
2021-07-13 18:24:18 +02:00
5e03b27348
website/docs: add note about logging out
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#1113
2021-07-06 14:26:11 +02:00
adc4cd9c0d
release: 2021.6.4
2021-07-05 16:59:29 +02:00
ade8644da6
outposts/ldap: add support for boolean fields in ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-01 11:51:07 +02:00
1e6c081e5c
website/docs: update forward_auth for nginx config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-29 20:32:49 +02:00
