Merge branch 'main' into version-2023.4

This commit is contained in:
Jens Langhammer 2023-04-17 22:46:09 +03:00
commit 07fd4daa3e
No known key found for this signature in database
11 changed files with 120 additions and 97 deletions

View file

@ -60,7 +60,7 @@ jobs:
cp authentik/lib/default.yml local.env.yml
cp -R .github ..
cp -R scripts ..
git checkout $(git describe --abbrev=0 --match 'version/*')
git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
rm -rf .github/ scripts/
mv ../.github ../scripts .
- name: Setup authentik env (ensure stable deps are installed)

2
go.mod
View file

@ -25,7 +25,7 @@ require (
github.com/prometheus/client_golang v1.15.0
github.com/sirupsen/logrus v1.9.0
github.com/stretchr/testify v1.8.2
goauthentik.io/api/v3 v3.2023031.17
goauthentik.io/api/v3 v3.2023040.1
golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
golang.org/x/oauth2 v0.7.0
golang.org/x/sync v0.1.0

10
go.sum
View file

@ -331,8 +331,8 @@ go.opentelemetry.io/otel/sdk v1.11.1 h1:F7KmQgoHljhUuJyA+9BiU+EkJfyX5nVVF4wyzWZp
go.opentelemetry.io/otel/trace v1.11.1 h1:ofxdnzsNrGBYXbP7t7zpUK281+go5rF7dvdIZXF8gdQ=
go.opentelemetry.io/otel/trace v1.11.1/go.mod h1:f/Q9G7vzk5u91PhbmKbg1Qn0rzH1LJ4vbPHFGkTPtOk=
go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
goauthentik.io/api/v3 v3.2023031.17 h1:FM1kG/1TBy8aCsWZtiuapp7J451Z3xWpj0dTSfjtnaE=
goauthentik.io/api/v3 v3.2023031.17/go.mod h1:H76Cdv9Nio0vnivoh6u12nlVIrW6x/kkvUwj8udFs4s=
goauthentik.io/api/v3 v3.2023040.1 h1:WuMkilnvamibI3wMrOdNbMz4q3jbTheq0u3K97ZwYGM=
goauthentik.io/api/v3 v3.2023040.1/go.mod h1:A2I2iDSEu0pW13mAT6J6wMWVSeV5+F52MWlcIHmERvk=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
@ -412,7 +412,6 @@ golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM=
golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@ -420,7 +419,6 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g=
golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -474,13 +472,12 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -490,7 +487,6 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

View file

@ -15,7 +15,7 @@ function wait_for_db {
function check_if_root {
if [[ $EUID -ne 0 ]]; then
log "Not running as root, disabling permission fixes"
$1
exec $1
return
fi
SOCKET="/var/run/docker.sock"
@ -35,7 +35,7 @@ function check_if_root {
chown -R authentik:authentik /media /certs
chmod ug+rwx /media
chmod ug+rx /certs
chpst -u authentik:$GROUP env HOME=/authentik $1
exec chpst -u authentik:$GROUP env HOME=/authentik $1
}
function set_mode {
@ -57,9 +57,9 @@ if [[ "$1" == "server" ]]; then
python -m manage bootstrap_tasks
fi
if [[ -x "$(command -v authentik)" ]]; then
authentik
exec authentik
else
go run -v ./cmd/server/
exec go run -v ./cmd/server/
fi
elif [[ "$1" == "worker" ]]; then
wait_for_db
@ -81,7 +81,7 @@ elif [[ "$1" == "healthcheck" ]]; then
if [[ $mode == "server" ]]; then
exec curl --user-agent "goauthentik.io lifecycle Healthcheck" -I http://localhost:9000/-/health/ready/
elif [[ $mode == "worker" ]]; then
mtime=$(stat -f %m $WORKER_HEARTBEAT)
mtime=$(date -r $WORKER_HEARTBEAT +"%s")
time=$(date +"%s")
if [ "$(( $time - $mtime ))" -gt "30" ]; then
log "Worker hasn't updated heartbeat in 30 seconds"

18
poetry.lock generated
View file

@ -1230,14 +1230,14 @@ ssh = ["paramiko (>=2.4.3)"]
[[package]]
name = "drf-spectacular"
version = "0.26.1"
version = "0.26.2"
description = "Sane and flexible OpenAPI 3 schema generation for Django REST framework"
category = "main"
optional = false
python-versions = ">=3.6"
files = [
{file = "drf-spectacular-0.26.1.tar.gz", hash = "sha256:1599a204bf9cc6be7ef3e509859885a38d4f871fe287a1f191479868afd9e234"},
{file = "drf_spectacular-0.26.1-py3-none-any.whl", hash = "sha256:6df86ff6c2dc663792e5ff618643bf41d2ac9dc6fb5d1b0f273e2778bab951e5"},
{file = "drf-spectacular-0.26.2.tar.gz", hash = "sha256:005623d6bb9de37d2d0ec24ccd59c636e4a42f9af252f1470129ac32ccab38cb"},
{file = "drf_spectacular-0.26.2-py3-none-any.whl", hash = "sha256:e80eba58d9579bf6c3380ffd6d6a9b466c4bc35b23da0ba76dfcc96de1e907d7"},
]
[package.dependencies]
@ -1632,14 +1632,14 @@ files = [
[[package]]
name = "importlib-metadata"
version = "6.3.0"
version = "6.4.1"
description = "Read metadata from Python packages"
category = "dev"
optional = false
python-versions = ">=3.7"
files = [
{file = "importlib_metadata-6.3.0-py3-none-any.whl", hash = "sha256:8f8bd2af397cf33bd344d35cfe7f489219b7d14fc79a3f854b75b8417e9226b0"},
{file = "importlib_metadata-6.3.0.tar.gz", hash = "sha256:23c2bcae4762dfb0bbe072d358faec24957901d75b6c4ab11172c0c982532402"},
{file = "importlib_metadata-6.4.1-py3-none-any.whl", hash = "sha256:63ace321e24167d12fbb176b6015f4dbe06868c54a2af4f15849586afb9027fd"},
{file = "importlib_metadata-6.4.1.tar.gz", hash = "sha256:eb1a7933041f0f85c94cd130258df3fb0dec060ad8c1c9318892ef4192c47ce1"},
]
[package.dependencies]
@ -2742,14 +2742,14 @@ files = [
[[package]]
name = "pytest"
version = "7.3.0"
version = "7.3.1"
description = "pytest: simple powerful testing with Python"
category = "dev"
optional = false
python-versions = ">=3.7"
files = [
{file = "pytest-7.3.0-py3-none-any.whl", hash = "sha256:933051fa1bfbd38a21e73c3960cebdad4cf59483ddba7696c48509727e17f201"},
{file = "pytest-7.3.0.tar.gz", hash = "sha256:58ecc27ebf0ea643ebfdf7fb1249335da761a00c9f955bcd922349bcb68ee57d"},
{file = "pytest-7.3.1-py3-none-any.whl", hash = "sha256:3799fa815351fea3a5e96ac7e503a96fa51cc9942c3753cda7651b93c1cfa362"},
{file = "pytest-7.3.1.tar.gz", hash = "sha256:434afafd78b1d78ed0addf160ad2b77a30d35d4bdf8af234fe621919d9ed15e3"},
]
[package.dependencies]

84
web/package-lock.json generated
View file

@ -22,7 +22,7 @@
"@codemirror/theme-one-dark": "^6.1.1",
"@formatjs/intl-listformat": "^7.1.9",
"@fortawesome/fontawesome-free": "^6.4.0",
"@goauthentik/api": "^2023.3.1-1680447184",
"@goauthentik/api": "^2023.4.0-1681471246",
"@hcaptcha/types": "^1.0.3",
"@jackfranklin/rollup-plugin-markdown": "^0.4.0",
"@lingui/cli": "^3.17.2",
@ -35,8 +35,8 @@
"@rollup/plugin-node-resolve": "^15.0.2",
"@rollup/plugin-replace": "^5.0.2",
"@rollup/plugin-typescript": "^11.1.0",
"@sentry/browser": "^7.47.0",
"@sentry/tracing": "^7.47.0",
"@sentry/browser": "^7.48.0",
"@sentry/tracing": "^7.48.0",
"@squoosh/cli": "^0.7.3",
"@trivago/prettier-plugin-sort-imports": "^4.1.1",
"@types/chart.js": "^2.9.37",
@ -2026,9 +2026,9 @@
}
},
"node_modules/@goauthentik/api": {
"version": "2023.3.1-1680447184",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.3.1-1680447184.tgz",
"integrity": "sha512-b4L7TUb8vkEDnPGpDTicdzEBB6O47KjOVHMWTmn3QzNLj2BCIVx/AF+nM58LvM3eXyrtB203pMX1I1W5Hv9o1g=="
"version": "2023.4.0-1681471246",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.4.0-1681471246.tgz",
"integrity": "sha512-/P9CfSHM4qEe1eaphC5MTYb/4yVrXBqME2amrj9JtK8dItGM/qSGDMIS8v18zZUsbO5fM+RQ/AtL/Izj1COZWA=="
},
"node_modules/@hcaptcha/types": {
"version": "1.0.3",
@ -2949,13 +2949,13 @@
}
},
"node_modules/@sentry-internal/tracing": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.47.0.tgz",
"integrity": "sha512-udpHnCzF8DQsWf0gQwd0XFGp6Y8MOiwnl8vGt2ohqZGS3m1+IxoRLXsSkD8qmvN6KKDnwbaAvYnK0z0L+AW95g==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.48.0.tgz",
"integrity": "sha512-MFAPDTrvCtfSm0/Zbmx7HA0Q5uCfRadOUpN8Y8rP1ndz+329h2kA3mZRCuC+3/aXL11zs2CHUhcAkGjwH2vogg==",
"dependencies": {
"@sentry/core": "7.47.0",
"@sentry/types": "7.47.0",
"@sentry/utils": "7.47.0",
"@sentry/core": "7.48.0",
"@sentry/types": "7.48.0",
"@sentry/utils": "7.48.0",
"tslib": "^1.9.3"
},
"engines": {
@ -2968,15 +2968,15 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/browser": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.47.0.tgz",
"integrity": "sha512-L0t07kS/G1UGVZ9fpD6HLuaX8vVBqAGWgu+1uweXthYozu/N7ZAsakjU/Ozu6FSXj1mO3NOJZhOn/goIZLSj5A==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.48.0.tgz",
"integrity": "sha512-tdx/2nhuiykncmXFlV4Dpp+Hxgt/v31LiyXE79IcM560wc+QmWKtzoW9azBWQ0xt5KOO3ERMib9qPE4/ql1/EQ==",
"dependencies": {
"@sentry-internal/tracing": "7.47.0",
"@sentry/core": "7.47.0",
"@sentry/replay": "7.47.0",
"@sentry/types": "7.47.0",
"@sentry/utils": "7.47.0",
"@sentry-internal/tracing": "7.48.0",
"@sentry/core": "7.48.0",
"@sentry/replay": "7.48.0",
"@sentry/types": "7.48.0",
"@sentry/utils": "7.48.0",
"tslib": "^1.9.3"
},
"engines": {
@ -2989,12 +2989,12 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/core": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.47.0.tgz",
"integrity": "sha512-EFhZhKdMu7wKmWYZwbgTi8FNZ7Fq+HdlXiZWNz51Bqe3pHmfAkdHtAEs0Buo0v623MKA0CA4EjXIazGUM34XTg==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.48.0.tgz",
"integrity": "sha512-8FYuJTMpyuxRZvlen3gQ3rpOtVInSDmSyXqWEhCLuG/w34AtWoTiW7G516rsAAh6Hy1TP91GooMWbonP3XQNTQ==",
"dependencies": {
"@sentry/types": "7.47.0",
"@sentry/utils": "7.47.0",
"@sentry/types": "7.48.0",
"@sentry/utils": "7.48.0",
"tslib": "^1.9.3"
},
"engines": {
@ -3007,43 +3007,43 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/replay": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.47.0.tgz",
"integrity": "sha512-BFpVZVmwlezZ83y0L43TCTJY142Fxh+z+qZSwTag5HlhmIpBKw/WKg06ajOhrYJbCBkhHmeOvyKkxX0jnc39ZA==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.48.0.tgz",
"integrity": "sha512-8fRHMGJ0NJeIZi6UucxUTvfDPaBa7+jU1kCTLjCcuH3X/UVz5PtGLMtFSO5U8HP+mUDlPs97MP1uoDvMa4S2Ng==",
"dependencies": {
"@sentry/core": "7.47.0",
"@sentry/types": "7.47.0",
"@sentry/utils": "7.47.0"
"@sentry/core": "7.48.0",
"@sentry/types": "7.48.0",
"@sentry/utils": "7.48.0"
},
"engines": {
"node": ">=12"
}
},
"node_modules/@sentry/tracing": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.47.0.tgz",
"integrity": "sha512-hJCpKdekwaFNbCVXxfCz5IxfSEJIKnkPmRSVHITOm5VhKwq2e5kmy4Rn6bzSETwJFSDE8LGbR/3eSfGTqw37XA==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.48.0.tgz",
"integrity": "sha512-X6w74Av0fyayNicKIlwL1IdpZ3O0ETQjyYXCDTwHoJL71ojrgrL5vdiNz8WwbPONTnqu98HehPYL/z3DCCKVbw==",
"dependencies": {
"@sentry-internal/tracing": "7.47.0"
"@sentry-internal/tracing": "7.48.0"
},
"engines": {
"node": ">=8"
}
},
"node_modules/@sentry/types": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.47.0.tgz",
"integrity": "sha512-GxXocplN0j1+uczovHrfkykl9wvkamDtWxlPUQgyGlbLGZn+UH1Y79D4D58COaFWGEZdSNKr62gZAjfEYu9nQA==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.48.0.tgz",
"integrity": "sha512-kkAszZwQ5/v4n7Yyw/DPNRWx7h724mVNRGZIJa9ggUMvTgMe7UKCZZ5wfQmYiKVlGbwd9pxXAcP8Oq15EbByFQ==",
"engines": {
"node": ">=8"
}
},
"node_modules/@sentry/utils": {
"version": "7.47.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.47.0.tgz",
"integrity": "sha512-A89SaOLp6XeZfByeYo2C8Ecye/YAtk/gENuyOUhQEdMulI6mZdjqtHAp7pTMVgkBc/YNARVuoa+kR/IdRrTPkQ==",
"version": "7.48.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.48.0.tgz",
"integrity": "sha512-d977sghkFVMfld0LrEyyY2gYrfayLPdDEpUDT+hg5y79r7zZDCFyHtdB86699E5K89MwDZahW7Erk+a1nk4x5w==",
"dependencies": {
"@sentry/types": "7.47.0",
"@sentry/types": "7.48.0",
"tslib": "^1.9.3"
},
"engines": {

View file

@ -66,7 +66,7 @@
"@codemirror/theme-one-dark": "^6.1.1",
"@formatjs/intl-listformat": "^7.1.9",
"@fortawesome/fontawesome-free": "^6.4.0",
"@goauthentik/api": "^2023.3.1-1680447184",
"@goauthentik/api": "^2023.4.0-1681471246",
"@hcaptcha/types": "^1.0.3",
"@jackfranklin/rollup-plugin-markdown": "^0.4.0",
"@lingui/cli": "^3.17.2",
@ -79,8 +79,8 @@
"@rollup/plugin-node-resolve": "^15.0.2",
"@rollup/plugin-replace": "^5.0.2",
"@rollup/plugin-typescript": "^11.1.0",
"@sentry/browser": "^7.47.0",
"@sentry/tracing": "^7.47.0",
"@sentry/browser": "^7.48.0",
"@sentry/tracing": "^7.48.0",
"@squoosh/cli": "^0.7.3",
"@trivago/prettier-plugin-sort-imports": "^4.1.1",
"@types/chart.js": "^2.9.37",

View file

@ -14,20 +14,29 @@ This installation method is for test-setups and small-scale production setups.
Download the latest `docker-compose.yml` from [here](https://goauthentik.io/docker-compose.yml). Place it in a directory of your choice.
If this is a fresh authentik install run the following commands to generate a password:
If this is a fresh authentik installation, you need to generate a password and a secret key. If you don't already have a password generator installed, you can run this command to install **pwgen**, a popular generator:
```shell
# You can also use openssl instead: `openssl rand -base64 36`
sudo apt-get install -y pwgen
# Because of a PostgreSQL limitation, only passwords up to 99 chars are supported
# See https://www.postgresql.org/message-id/09512C4F-8CB9-4021-B455-EF4C4F0D55A0@amazon.com
```
Next, run the following commands to generate a password and secret key and write them to your `.env` file:
```shell
echo "PG_PASS=$(pwgen -s 40 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen -s 50 1)" >> .env
# Skip if you don't want to enable error reporting
# Because of a PostgreSQL limitation, only passwords up to 99 chars are supported
# See https://www.postgresql.org/message-id/09512C4F-8CB9-4021-B455-EF4C4F0D55A0@amazon.com
```
To enable error reporting, run the following command:
```shell
echo "AUTHENTIK_ERROR_REPORTING__ENABLED=true" >> .env
```
## Email configuration (optional, but recommended)
## Email configuration (optional but recommended)
It is also recommended to configure global email credentials. These are used by authentik to notify you about alerts and configuration issues. They can also be used by [Email stages](../flow/stages/email/) to send verification/recovery emails.

View file

@ -3,6 +3,14 @@ title: Release 2023.4 - RADIUS support
slug: "/releases/2023.4"
---
## Breaking changes
- (Kubernetes only) Changes to RBAC objects created by helm
In previous versions, the helm chart would create a _ClusterRole_ and _ClusterRoleBinding_ if the service account creation was enabled. This was done to allow the deployment of outposts in any namespace in kubernetes. As this conflicted with multiple authentik installs per cluster, and was often not used, the new helm chart changes these resources to a _Role_ and _RoleBinding_, which give authentik access to deploy in the same namespace.
To keep the old behaviour, you can install the [authentik-remote-cluster](https://artifacthub.io/packages/helm/goauthentik/authentik-remote-cluster) chart, which deploys the same RBAC into any other namespace or cluster.
## New features
- RADIUS support

View file

@ -15,10 +15,10 @@
"@mdx-js/react": "^1.6.22",
"clsx": "^1.2.1",
"disqus-react": "^1.1.5",
"postcss": "^8.4.21",
"postcss": "^8.4.22",
"rapidoc": "^9.3.4",
"react": "^17.0.2",
"react-before-after-slider-component": "^1.1.6",
"react-before-after-slider-component": "^1.1.8",
"react-dom": "^17.0.2",
"react-feather": "^2.0.10",
"react-toggle": "^4.1.3"
@ -8731,9 +8731,15 @@
}
},
"node_modules/nanoid": {
"version": "3.3.4",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.4.tgz",
"integrity": "sha512-MqBkQh/OHTS2egovRtLk45wEyNXwF+cokD+1YPf9u5VfJiRdAiRwB2froX5Co9Rh20xs4siNPm8naNotSD6RBw==",
"version": "3.3.6",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.6.tgz",
"integrity": "sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/ai"
}
],
"bin": {
"nanoid": "bin/nanoid.cjs"
},
@ -9310,9 +9316,9 @@
}
},
"node_modules/postcss": {
"version": "8.4.21",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.21.tgz",
"integrity": "sha512-tP7u/Sn/dVxK2NnruI4H9BG+x+Wxz6oeZ1cJ8P6G/PZY0IKk4k/63TDsQf2kQq3+qoJeLm2kIBUNlZe3zgb4Zg==",
"version": "8.4.22",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.22.tgz",
"integrity": "sha512-XseknLAfRHzVWjCEtdviapiBtfLdgyzExD50Rg2ePaucEesyh8Wv4VPdW0nbyDa1ydbrAxV19jvMT4+LFmcNUA==",
"funding": [
{
"type": "opencollective",
@ -9321,10 +9327,14 @@
{
"type": "tidelift",
"url": "https://tidelift.com/funding/github/npm/postcss"
},
{
"type": "github",
"url": "https://github.com/sponsors/ai"
}
],
"dependencies": {
"nanoid": "^3.3.4",
"nanoid": "^3.3.6",
"picocolors": "^1.0.0",
"source-map-js": "^1.0.2"
},
@ -10203,9 +10213,9 @@
}
},
"node_modules/react-before-after-slider-component": {
"version": "1.1.6",
"resolved": "https://registry.npmjs.org/react-before-after-slider-component/-/react-before-after-slider-component-1.1.6.tgz",
"integrity": "sha512-T6MgeomX17ibpxdDcS4GyncUb8IiZPQr9yTt9+ay1m4J5P8AGwgqOnR28Y3bMdcnjg8kIo8bvffLG5vuIWQIcw==",
"version": "1.1.8",
"resolved": "https://registry.npmjs.org/react-before-after-slider-component/-/react-before-after-slider-component-1.1.8.tgz",
"integrity": "sha512-KcY231f68+7bF0Zkfat55jvgNSSCB5TkBtm1HhLeb336jtQ0hYKkdq6VwrleNrfeVdUD2v+E7DzgNJYc6dsY3Q==",
"peerDependencies": {
"react": ">=17.0.2",
"react-dom": ">=17.0.2"
@ -19838,9 +19848,9 @@
}
},
"nanoid": {
"version": "3.3.4",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.4.tgz",
"integrity": "sha512-MqBkQh/OHTS2egovRtLk45wEyNXwF+cokD+1YPf9u5VfJiRdAiRwB2froX5Co9Rh20xs4siNPm8naNotSD6RBw=="
"version": "3.3.6",
"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.6.tgz",
"integrity": "sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA=="
},
"negotiator": {
"version": "0.6.3",
@ -20243,11 +20253,11 @@
}
},
"postcss": {
"version": "8.4.21",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.21.tgz",
"integrity": "sha512-tP7u/Sn/dVxK2NnruI4H9BG+x+Wxz6oeZ1cJ8P6G/PZY0IKk4k/63TDsQf2kQq3+qoJeLm2kIBUNlZe3zgb4Zg==",
"version": "8.4.22",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.22.tgz",
"integrity": "sha512-XseknLAfRHzVWjCEtdviapiBtfLdgyzExD50Rg2ePaucEesyh8Wv4VPdW0nbyDa1ydbrAxV19jvMT4+LFmcNUA==",
"requires": {
"nanoid": "^3.3.4",
"nanoid": "^3.3.6",
"picocolors": "^1.0.0",
"source-map-js": "^1.0.2"
}
@ -20814,9 +20824,9 @@
}
},
"react-before-after-slider-component": {
"version": "1.1.6",
"resolved": "https://registry.npmjs.org/react-before-after-slider-component/-/react-before-after-slider-component-1.1.6.tgz",
"integrity": "sha512-T6MgeomX17ibpxdDcS4GyncUb8IiZPQr9yTt9+ay1m4J5P8AGwgqOnR28Y3bMdcnjg8kIo8bvffLG5vuIWQIcw==",
"version": "1.1.8",
"resolved": "https://registry.npmjs.org/react-before-after-slider-component/-/react-before-after-slider-component-1.1.8.tgz",
"integrity": "sha512-KcY231f68+7bF0Zkfat55jvgNSSCB5TkBtm1HhLeb336jtQ0hYKkdq6VwrleNrfeVdUD2v+E7DzgNJYc6dsY3Q==",
"requires": {}
},
"react-dev-utils": {

View file

@ -22,10 +22,10 @@
"@mdx-js/react": "^1.6.22",
"clsx": "^1.2.1",
"disqus-react": "^1.1.5",
"postcss": "^8.4.21",
"postcss": "^8.4.22",
"rapidoc": "^9.3.4",
"react": "^17.0.2",
"react-before-after-slider-component": "^1.1.6",
"react-before-after-slider-component": "^1.1.8",
"react-dom": "^17.0.2",
"react-feather": "^2.0.10",
"react-toggle": "^4.1.3"