cf5e70c759 
					 
					
						
						
							
							lifecycle: revert to non-h11 worker  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-11-04 13:16:10 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9679be39fa 
					 
					
						
						
							
							lifecycle: bump celery healthcheck to 5s timeout  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#1627  
						
						
					 
					
						2021-10-16 14:28:05 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						98907ec889 
					 
					
						
						
							
							root: remove structlog.processors.format_exc_info for new structlog version  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-13 09:42:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						48f96ea55f 
					 
					
						
						
							
							lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-12 14:44:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6c603cdf80 
					 
					
						
						
							
							internal: add internal healthchecking to prevent websocket errors  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-05 22:21:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e8420957b1 
					 
					
						
						
							
							lifecycle: fix syntax error in ak wrapper  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-05 21:03:54 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						aee58c8d53 
					 
					
						
						
							
							root: add docker-native healthcheck for web and celery  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-05 20:45:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e22a286a6f 
					 
					
						
						
							
							lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-04 23:14:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9778050dda 
					 
					
						
						
							
							lifecycle: switch to h11 uvicorn worker for now  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-10-04 18:03:08 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8e59b06611 
					 
					
						
						
							
							lifecycle: migrate to gunicorn instead of runserver  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-09-13 17:54:23 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c5cf17b60b 
					 
					
						
						
							
							lifecycle: fix worker startup error when docker socket's group is not called docker  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-09-09 15:24:35 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						52f2838f57 
					 
					
						
						
							
							lifecycle: rename to ak  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-23 14:54:02 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						229468175a 
					 
					
						
						
							
							lifecycle: fix error in gunicorn config  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-09 01:07:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4cd3466e56 
					 
					
						
						
							
							root: ignore known warnings  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-09 00:27:29 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						919946609d 
					 
					
						
						
							
							web/elements: add separate flag for chips when checkboxes are enabled  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-05 10:16:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						13a8ad3126 
					 
					
						
						
							
							lifecycle: decrease default worker count on compose  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-05 09:37:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						77ed25ae34 
					 
					
						
						
							
							root: reformat to 100 line width  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-08-03 17:45:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						89fafff0af 
					 
					
						
						
							
							lifecycle: fix postgresql port not being passed for migrations  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-07-16 12:04:36 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a5bb583268 
					 
					
						
						
							
							root: optional TLS support on redis connections ( #1147 )  
						
						... 
						
						
						
						* root: optional TLS support on redis connections
* root: don't use f-strings when not interpolating variables
* root: use f-string in redis protocol prefix interpolation
* root: glaring typo
* formatting
* small formatting change I missed
* root: swap around default redis protocol prefixes 
						
						
					 
					
						2021-07-15 11:48:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5cfbb0993a 
					 
					
						
						
							
							Allow for Configurable Redis Port ( #1124 )  
						
						... 
						
						
						
						* root: make redis port configurable
* root: parse redis port from config as an integer
* code formatting
* lifecycle: truncate line under 100 chars
* lifecycle: incorrect indenting on newline 
						
						
					 
					
						2021-07-12 11:01:41 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b73de96aa6 
					 
					
						
						
							
							lifecycle: fix permissions for unittest xml  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-06-09 16:03:51 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4ee2f951da 
					 
					
						
						
							
							lifecycle: fix check_if_root not working without docker  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-06-09 15:56:12 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						01c5235e82 
					 
					
						
						
							
							ci: use bootstrap for testing  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-06-09 15:54:47 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						20493252e2 
					 
					
						
						
							
							lifecycle: fix custom port not being set for postgres healthcheck  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-06-09 10:59:48 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c1c55a6005 
					 
					
						
						
							
							lifecycle: fix permission error with local docker  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-22 20:47:05 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						634ea61b50 
					 
					
						
						
							
							lifecycle: check if group of docker socket exists  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-14 00:50:20 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						934e62d5be 
					 
					
						
						
							
							lifecycle: fix error when worker is not running as root  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-13 22:55:35 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						72e41c03f5 
					 
					
						
						
							
							lifecycle: run worker as root and drop perms later to fix docker permission issues  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-13 20:11:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f072c600cc 
					 
					
						
						
							
							lifecycle: use URl for redis on startup to prevent errors with no paswords  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-09 20:13:58 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ca5761652c 
					 
					
						
						
							
							lifecycle: show errors when initial db check fails  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-05 20:15:01 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8a666535a8 
					 
					
						
						
							
							website/docs: update container explanation  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-04 17:49:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						988cf15b71 
					 
					
						
						
							
							root: initial go proxy, update compose and helm  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-05-03 09:39:09 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7b8e5c4272 
					 
					
						
						
							
							root: auto-migrate on startup, lock database using pg_advisory_lock  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-04-18 14:47:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5627848fad 
					 
					
						
						
							
							lifecycle: allow adjustment of worker cores  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-04-11 13:20:27 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4054e6da8c 
					 
					
						
						
							
							helm: don't automount Service token when integration is not enabled, improve k8s detection  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-04-07 16:16:17 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8708e487ae 
					 
					
						
						
							
							stages: add WebAuthn stage ( #550 )  
						
						... 
						
						
						
						* core: add User.uid for globally unique user ID
* admin: fix ?next for Flow list
* stages: add initial webauthn implementation
* web: add ak-flow-submit event to submit flow stage
* web: show error message for webauthn registration
* admin: fix next param not redirecting correctly
* stages/webauthn: remove form
* stages/webauthn: add API
* web: update flow diagram on ak-refresh
* stages/webauthn: add initial authentication
* stages/webauthn: initial authentication implementation
* web: cleanup webauthn utils
* stages: rename otp_* to authenticator and move webauthn to authenticator
* docs: fix broken links
* stages/authenticator_*: fix template paths
* stages/authenticator_validate: add device classes
* stages/authenticator_webauthn: implement django_otp.devices
* stages/authenticator_*: update default stage names
* web: add button to create stage on flow page
* web: don't minify HTML, remove nbsp
* admin: fix typo in stage list
* stages/*: use common base class for stage serializer
* stages/authenticator_*: create default objects after rename
* tests/e2e: adjust stage order 
						
						
					 
					
						2021-02-17 20:49:58 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bfe8bb5e61 
					 
					
						
						
							
							lifecycle: fix typo causing single process in docker-compose  
						
						
						
						
					 
					
						2021-01-27 10:13:23 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1ccf6dcf6f 
					 
					
						
						
							
							events: Notifications ( #418 )  
						
						... 
						
						
						
						* events: initial alerting implementation
* policies: move error handling to process, ensure policy UUID is saved
* policies: add tests for error handling in PolicyProcess
* events: improve loop detection
* events: add API for action and trigger
* policies: ensure http_request is not used in context
* events: adjust unittests for user handling
* policies/event_matcher: add policy type
* events: add API tests
* events: add middleware tests
* core: make application's provider not required
* outposts: allow blank kubeconfig
* outposts: validate kubeconfig before saving
* api: fix formatting
* stages/invitation: remove invitation_created signal as model_created functions the same
* stages/invitation: ensure created_by is set when creating from API
* events: rebase migrations on master
* events: fix missing Alerts from API
* policies: fix unittests
* events: add tests for alerts
* events: rename from alerting to notifications
* events: add ability to specify severity of notification created
* policies/event_matcher: Add app field to match on event app
* policies/event_matcher: fix EventMatcher not being included in API
* core: use objects.none() when get_queryset is used
* events: use m2m for multiple transports, create notification object in task
* events: add default triggers
* events: fix migrations return value
* events: fix notification_transport not being in the correct queue
* stages/email: allow sending of email without backend
* events: implement sending via webhook + slack/discord + email 
						
						
					 
					
						2021-01-11 18:43:59 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bc9e7e8b93 
					 
					
						
						
							
							build(deps): bump structlog from 20.1.0 to 20.2.0 ( #445 )  
						
						... 
						
						
						
						* build(deps): bump structlog from 20.1.0 to 20.2.0
Bumps [structlog](https://github.com/hynek/structlog ) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases )
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* *: use structlog.stdlib instead of structlog for type-hints
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2021-01-01 15:39:43 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						dc16a8a4c9 
					 
					
						
						
							
							providers/proxy: set proxy-size for nginx for larger response  
						
						
						
						
					 
					
						2020-12-28 00:45:58 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a4dc6d13b5 
					 
					
						
						
							
							events: rename audit to events and use for more metrics ( #397 )  
						
						... 
						
						
						
						* events: rename audit to events
* policies/expression: log expression exceptions as event
* policies/expression: add ExpressionPolicy Model to event when possible
* lib/expressions: ensure syntax errors are logged too
* lib: fix lint error
* policies: add execution_logging field
* core: add property mapping tests
* policies/expression: add full test
* policies/expression: fix attribute name
* policies: add execution_logging
* web: fix imports
* root: update swagger
* policies: use dataclass instead of dict for types
* events: add support for dataclass as event param
* events: add special keys which are never cleaned
* policies: add tests for process, don't clean full cache
* admin: create event when new version is seen
* events: move utils to separate file
* admin: add tests for admin tasks
* events: add .set_user method to ensure users have correct attributes set
* core: add test for property_mapping errors with user and request 
						
						
					 
					
						2020-12-20 22:04:29 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d2862ddc93 
					 
					
						
						
							
							lifecycle: clean full redis as part of system migration  
						
						
						
						
					 
					
						2020-12-12 23:30:49 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2caa1e7650 
					 
					
						
						
							
							build(deps-dev): bump bandit from 1.6.2 to 1.6.3 ( #371 )  
						
						... 
						
						
						
						* build(deps-dev): bump bandit from 1.6.2 to 1.6.3
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3 )
Signed-off-by: dependabot[bot] <support@github.com >
* root: update for new bandit version
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2020-12-07 11:21:07 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e0bc4f1da5 
					 
					
						
						
							
							lifecycle: fix outpost service connections not being migrated  
						
						
						
						
					 
					
						2020-12-06 12:22:51 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1cfe1aff13 
					 
					
						
						
							
							wip: rename to authentik ( #361 )  
						
						... 
						
						
						
						* root: initial rename
* web: rename custom element prefix
* root: rename external functions with pb_ prefix
* root: fix formatting
* root: replace domain with goauthentik.io
* proxy: update path
* root: rename remaining prefixes
* flows: rename file extension
* root: pbadmin -> akadmin
* docs: fix image filenames
* lifecycle: ignore migration files
* ci: copy default config from current source before loading last tagged
* *: new sentry dsn
* tests: fix missing python3.9-dev package
* root: add additional migrations for service accounts created by outposts
* core: mark system-created service accounts with attribute
* policies/expression: fix pb_ replacement not working
* web: fix last linting errors, add lit-analyse
* policies/expressions: fix lint errors
* web: fix sidebar display on screens where not all items fit
* proxy: attempt to fix proxy pipeline
* proxy: use go env GOPATH to get gopath
* lib: fix user_default naming inconsistency
* docs: add upgrade docs
* docs: update screenshots to use authentik
* admin: fix create button on empty-state of outpost
* web: fix modal submit not refreshing SiteShell and Table
* web: fix height of app-card and height of generic icon
* web: fix rendering of subtext
* admin: fix version check error not being caught
* web: fix worker count not being shown
* docs: update screenshots
* root: new icon
* web: fix lint error
* admin: fix linting error
* root: migrate coverage config to pyproject 
						
						
					 
					
						2020-12-05 22:08:42 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5faafbbca6 
					 
					
						
						
							
							root: ensure manual loggers also have timestamp  
						
						
						
						
					 
					
						2020-11-16 01:41:33 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						287cb72d6f 
					 
					
						
						
							
							root: fix websockets not working correctly  
						
						
						
						
					 
					
						2020-11-11 14:51:26 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b775f2788c 
					 
					
						
						
							
							build(deps): bump channels from 2.4.0 to 3.0.0 ( #309 )  
						
						... 
						
						
						
						* build(deps): bump channels from 2.4.0 to 3.0.0
Bumps [channels](https://github.com/django/channels ) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/django/channels/releases )
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt )
- [Commits](https://github.com/django/channels/compare/2.4.0...3.0.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* root: update for channels 3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2020-11-02 10:26:26 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c3917ebc2e 
					 
					
						
						
							
							lifecycle: fix formatting  
						
						
						
						
					 
					
						2020-10-19 16:13:45 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7203bd37a3 
					 
					
						
						
							
							outposts: replace migration with string backup handler  
						
						
						
						
					 
					
						2020-10-19 16:04:38 +02:00