From 30d32022e5a221d787d10a687e9c7c93b0016215 Mon Sep 17 00:00:00 2001 From: Jens L Date: Tue, 1 Aug 2023 18:02:31 +0200 Subject: [PATCH] website/docs: expand beta beta / install docs (#6443) * website/docs: expand beta beta / install docs Signed-off-by: Jens Langhammer * Apply suggestions from code review Co-authored-by: Tana M Berry Signed-off-by: Jens L. --------- Signed-off-by: Jens Langhammer Signed-off-by: Jens L. Co-authored-by: Tana M Berry --- website/docs/installation/beta.mdx | 15 +++++----- website/docs/installation/docker-compose.md | 23 ++------------ website/docs/installation/kubernetes.md | 33 +++++++++++++++++---- website/docs/releases/2023/v2023.6.md | 9 +++--- website/docs/releases/_template.md | 9 +++--- 5 files changed, 46 insertions(+), 43 deletions(-) diff --git a/website/docs/installation/beta.mdx b/website/docs/installation/beta.mdx index b55767509..7cd4e4664 100644 --- a/website/docs/installation/beta.mdx +++ b/website/docs/installation/beta.mdx @@ -5,7 +5,7 @@ title: Beta versions You can test upcoming authentik versions by switching to the _next_ images. It is recommended to upgrade to the latest stable release before upgrading to Beta images. It is always possible to upgrade from the Beta to the next stable release. :::warning -Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install. +Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install. Upgrading from Beta versions to the next release is usually possible, however also not supported. ::: import Tabs from "@theme/Tabs"; @@ -16,7 +16,8 @@ import TabItem from "@theme/TabItem"; values={[ {label: 'Docker Compose', value: 'docker-compose'}, {label: 'Kubernetes', value: 'kubernetes'}, - ]}> + ]} + groupId="platform"> Add the following block to your `.env` file: @@ -58,7 +59,8 @@ Next, run the upgrade commands below. values={[ {label: 'Docker Compose', value: 'docker-compose'}, {label: 'Kubernetes', value: 'kubernetes'}, - ]}> + ]} + groupId="platform"> ```shell @@ -70,10 +72,9 @@ docker-compose up -d -```yaml -image: - repository: ghcr.io/goauthentik/server - tag: 2023.6.0 +```shell +helm repo update +helm upgrade authentik authentik/authentik -f values.yaml ``` diff --git a/website/docs/installation/docker-compose.md b/website/docs/installation/docker-compose.md index 1c5b3c907..8797362eb 100644 --- a/website/docs/installation/docker-compose.md +++ b/website/docs/installation/docker-compose.md @@ -92,27 +92,8 @@ docker-compose up -d The `docker-compose.yml` file statically references the latest version available at the time of downloading the compose file. Each time you upgrade to a newer version of authentik, you download a new `docker-compose.yml` file, which points to the latest available version. For more information, refer to the **Upgrading** section in the [Release Notes](../releases). -To start the initial setup, navigate to `https://:9000/if/flow/initial-setup/`. +To start the initial setup, navigate to `http://:9000/if/flow/initial-setup/`. There you are prompted to set a password for the akadmin user (the default user). -## Explanation - -:::warning -The server assumes to have local timezone as UTC. -All internals are handled in UTC; whenever a time is displayed to the user in UI it gets localized. -Do not update or mount `/etc/timezone` or `/etc/localtime` in the authentik containers. -This will not give any advantages. -On the contrary, it will cause problems with OAuth and SAML authentication, -e.g. [see this GitHub issue](https://github.com/goauthentik/authentik/issues/3005). -::: - -The Docker-Compose project contains the following containers: - -- **Server**: This is the backend service, which does all the logic, plus runs the API and the SSO functionality. It also runs the frontend, hosts the JS/CSS files, and serves the files you've uploaded for icons/etc. - -- **Worker**: This container executes background tasks, everything you can see on the _System Tasks_ page in the frontend. - -- **Redis**: For Cache - -- **Postgresql**: Default database +An explanation about what each service in the docker compose file does, see [Architecture](../core/architecture.md). diff --git a/website/docs/installation/kubernetes.md b/website/docs/installation/kubernetes.md index 5e559532f..08fcc37dd 100644 --- a/website/docs/installation/kubernetes.md +++ b/website/docs/installation/kubernetes.md @@ -26,7 +26,7 @@ Create a `values.yaml` file with a minimum of these settings: authentik: secret_key: "PleaseGenerateA50CharKey" # This sends anonymous usage-data, stack traces on errors and - # Performance data to sentry.io, and is fully opt-in + # performance data to sentry.io, and is fully opt-in error_reporting: enabled: true postgresql: @@ -50,7 +50,7 @@ redis: enabled: true ``` -See all configurable values on [artifacthub](https://artifacthub.io/packages/helm/goauthentik/authentik). +See all configurable values on [ArtifactHub](https://artifacthub.io/packages/helm/goauthentik/authentik). ### Install authentik Helm Chart @@ -66,10 +66,33 @@ During the installation process, the database migrations will be applied automat ### Accessing authentik -Once the installation is complete, access authentik at `https:///if/flow/initial-setup/`. Here, you can set a password for the akadmin user. +Once the installation is complete, access authentik at `https:///if/flow/initial-setup/`. Here, you can set a password for the default akadmin user. -### Optional Step: Configure Global Email Credentials +### Optional step: Configure global email credentials -It is recommended to configure global email credentials as well. These are used by authentik to notify you about alerts and configuration issues. Additionally, they can be utilized by Email stages to send verification and recovery emails. +It is recommended to configure global email credentials as well. These are used by authentik to notify you about alerts and configuration issues. Additionally, they can be utilized by [Email stages](../flow/stages/email/index.mdx) to send verification and recovery emails. + +To configure this, append this block to your `values.yaml` file: + +```yaml +# add this block under the `authentik:` block in your values.yaml file +# authentik: +email: + # -- SMTP Server emails are sent from, fully optional + host: "" + port: 587 + # -- SMTP credentials, when left empty, no authentication will be done + username: "" + # -- SMTP credentials, when left empty, no authentication will be done + password: "" + # -- Enable either use_tls or use_ssl, they can't be enabled at the same time. + use_tls: false + # -- Enable either use_tls or use_ssl, they can't be enabled at the same time. + use_ssl: false + # -- Connection timeout + timeout: 30 + # -- Email from address, can either be in the format "foo@bar.baz" or "authentik " + from: "" +``` By following these steps, you will successfully install and set up authentik on Kubernetes using Helm. diff --git a/website/docs/releases/2023/v2023.6.md b/website/docs/releases/2023/v2023.6.md index 966d18fde..a81ade848 100644 --- a/website/docs/releases/2023/v2023.6.md +++ b/website/docs/releases/2023/v2023.6.md @@ -36,12 +36,11 @@ The `-O` flag retains the downloaded file's name, overwriting any existing local ### Kubernetes -Update your values to use the new images: +Upgrade the Helm Chart to the new version using the following commands: -```yaml -image: - repository: ghcr.io/goauthentik/server - tag: 2023.6.0 +```shell +helm repo update +helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.6 ``` ## Minor changes/fixes diff --git a/website/docs/releases/_template.md b/website/docs/releases/_template.md index cf2bbe731..03877e90e 100644 --- a/website/docs/releases/_template.md +++ b/website/docs/releases/_template.md @@ -24,12 +24,11 @@ The `-O` flag retains the downloaded file's name, overwriting any existing local ### Kubernetes -Update your values to use the new images: +Upgrade the Helm Chart to the new version, using the following commands: -```yaml -image: - repository: ghcr.io/goauthentik/server - tag: xxxx.x.0 +```shell +helm repo update +helm upgrade authentik authentik/authentik -f values.yaml --version ^xxxx.x ``` ## Minor changes/fixes