habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,352 Commits 205 Branches 395 Tags
adf41910666c2743886f1b8a53302930c7550af1
Commit Graph

120 Commits

Author SHA1 Message Date
Jens Langhammer
5914bbf173 Merge branch 'master' into version-2021.12 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Dockerfile
 2021-12-13 10:54:21 +01:00
Jens Langhammer
552ddda909 lifecycle: use custom worker class 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-11 19:55:09 +01:00
Jens Langhammer
ee0ddc3d17 Merge branch 'master' into version-2021.12 2021-12-09 13:23:28 +01:00
Jens Langhammer
5dd979d66c root: add flower entrypoint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 11:38:57 +01:00
Jens Langhammer
f8a6aa3250 root: fix missing certs directly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-04 20:06:02 +01:00
Jens Langhammer
572f6d4ea0 crypto: add certificate discovery to automatically import certificates from lets encrypt 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1835
 2021-12-03 18:27:36 +01:00
Jens Langhammer
39acb044fb lifecycle: allow custom worker count in k8s 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-29 14:27:55 +01:00
Jens L
ef994e0084 lifecycle: improve redis connection debug py printing full URL 2021-11-25 13:44:42 +01:00
Jens L
e1ef196283 core: remove dump_config, handle directly in config loader without booting django, don't check database 2021-11-25 13:38:31 +01:00
Jens Langhammer
61621e7d60 lifecycle: improve backup restore by dropping database before 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-20 00:32:24 +01:00
Jens Langhammer
cf5e70c759 lifecycle: revert to non-h11 worker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-04 13:16:10 +01:00
Jens Langhammer
9679be39fa lifecycle: bump celery healthcheck to 5s timeout 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1627
 2021-10-16 14:28:05 +02:00
Jens Langhammer
98907ec889 root: remove structlog.processors.format_exc_info for new structlog version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-13 09:42:49 +02:00
Jens Langhammer
48f96ea55f lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-12 14:44:32 +02:00
Jens Langhammer
6c603cdf80 internal: add internal healthchecking to prevent websocket errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 22:21:14 +02:00
Jens Langhammer
e8420957b1 lifecycle: fix syntax error in ak wrapper 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 21:03:54 +02:00
Jens Langhammer
aee58c8d53 root: add docker-native healthcheck for web and celery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 20:45:18 +02:00
Jens Langhammer
e22a286a6f lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 23:14:16 +02:00
Jens Langhammer
9778050dda lifecycle: switch to h11 uvicorn worker for now 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 18:03:08 +02:00
Jens Langhammer
8e59b06611 lifecycle: migrate to gunicorn instead of runserver 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 17:54:23 +02:00
Jens Langhammer
c5cf17b60b lifecycle: fix worker startup error when docker socket's group is not called docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 15:24:35 +02:00
Jens Langhammer
52f2838f57 lifecycle: rename to ak 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:54:02 +02:00
Jens Langhammer
229468175a lifecycle: fix error in gunicorn config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 01:07:50 +02:00
Jens Langhammer
4cd3466e56 root: ignore known warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:27:29 +02:00
Jens Langhammer
919946609d web/elements: add separate flag for chips when checkboxes are enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 10:16:13 +02:00
Jens Langhammer
13a8ad3126 lifecycle: decrease default worker count on compose 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 09:37:14 +02:00
Jens Langhammer
77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens Langhammer
89fafff0af lifecycle: fix postgresql port not being passed for migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-16 12:04:36 +02:00
Starz0r
a5bb583268 root: optional TLS support on redis connections (#1147) 
* root: optional TLS support on redis connections

* root: don't use f-strings when not interpolating variables

* root: use f-string in redis protocol prefix interpolation

* root: glaring typo

* formatting

* small formatting change I missed

* root: swap around default redis protocol prefixes
 2021-07-15 11:48:52 +02:00
Starz0r
5cfbb0993a Allow for Configurable Redis Port (#1124) 
* root: make redis port configurable

* root: parse redis port from config as an integer

* code formatting

* lifecycle: truncate line under 100 chars

* lifecycle: incorrect indenting on newline
 2021-07-12 11:01:41 +02:00
Jens Langhammer
b73de96aa6 lifecycle: fix permissions for unittest xml 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 16:03:51 +02:00
Jens Langhammer
4ee2f951da lifecycle: fix check_if_root not working without docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 15:56:12 +02:00
Jens Langhammer
01c5235e82 ci: use bootstrap for testing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 15:54:47 +02:00
Jens Langhammer
20493252e2 lifecycle: fix custom port not being set for postgres healthcheck 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 10:59:48 +02:00
Jens Langhammer
c1c55a6005 lifecycle: fix permission error with local docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-22 20:47:05 +02:00
Jens Langhammer
634ea61b50 lifecycle: check if group of docker socket exists 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 00:50:20 +02:00
Jens Langhammer
934e62d5be lifecycle: fix error when worker is not running as root 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 22:55:35 +02:00
Jens Langhammer
72e41c03f5 lifecycle: run worker as root and drop perms later to fix docker permission issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 20:11:49 +02:00
Jens Langhammer
f072c600cc lifecycle: use URl for redis on startup to prevent errors with no paswords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 20:13:58 +02:00
Jens Langhammer
ca5761652c lifecycle: show errors when initial db check fails 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 20:15:01 +02:00
Jens Langhammer
8a666535a8 website/docs: update container explanation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 17:49:21 +02:00
Jens Langhammer
988cf15b71 root: initial go proxy, update compose and helm 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 09:39:09 +02:00
Jens Langhammer
7b8e5c4272 root: auto-migrate on startup, lock database using pg_advisory_lock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 14:47:50 +02:00
Jens Langhammer
5627848fad lifecycle: allow adjustment of worker cores 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:20:27 +02:00
Jens Langhammer
4054e6da8c helm: don't automount Service token when integration is not enabled, improve k8s detection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 16:16:17 +02:00
Jens L
8708e487ae stages: add WebAuthn stage (#550) 
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
 2021-02-17 20:49:58 +01:00
Jens Langhammer
bfe8bb5e61 lifecycle: fix typo causing single process in docker-compose 2021-01-27 10:13:23 +01:00
Jens L
1ccf6dcf6f events: Notifications (#418) 
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
 2021-01-11 18:43:59 +01:00
dependabot[bot]
bc9e7e8b93 build(deps): bump structlog from 20.1.0 to 20.2.0 (#445) 
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-01-01 15:39:43 +01:00
Jens Langhammer
dc16a8a4c9 providers/proxy: set proxy-size for nginx for larger response 2020-12-28 00:45:58 +01:00