* root: move database calls from ready() to dedicated startup signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* optimise gunicorn startup to only do DB code in one worker
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* always use 2 workers in compose
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* send startup signals for test runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove k8s import that isn't really needed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ci: bump nested actions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix @reconcile_app not triggering reconcile due to changed functions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* connect startup with uid
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* adjust some log levels
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove internal healthcheck
we didn't really use it to do anything, and we shouldn't have to since the live/ready probes are handled by django anyways and so the container runtime will restart the server if needed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add setproctitle for gunicorn and celery process titles
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* configure structlog early to use it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Revert "configure structlog early to use it"
This reverts commit 16778fdbbca0f5c474d376c2f85c6f8032c06044.
* Revert "adjust some log levels"
This reverts commit a129f7ab6aecf27f1206aea1ad8384ce897b74ad.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# authentik/root/settings.py
* optimize startup to not spawn a bunch of one-off processes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* idk why this shows up
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
With this special route for outpost.goauthentik.io, misdirected requests to /outpost.goauthentik.io/auth/start will create a cookie for the domain authentik is accessed under, which will cause issues with the actual full auth flow. Requests to /outpost.goauthentik.io will still be routed to the outpost, but with this change only when the hostname matches
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
web/outpost: make metrics compliant with Prometheus best-practices
Today, all NewHistogramVec store values in nanoseconds without changing
the default histogram bucket, which are made for seconds, making them
a bit useless. In addition, some metrics names are not self-explanatoryand
and do not comply with Prometheus best practices.
This commit tries to fix all of this "issues".
NOTE: I kept old metrics in order to avoid breaking changes with
existing dashboards and metrics.
Signed-off-by: Alexandre NICOLAIE <xunleii@users.noreply.github.com>
