website/docs: expand beta beta / install docs (#6443)
* website/docs: expand beta beta / install docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
parent
887c21ac6d
commit
30d32022e5
|
@ -5,7 +5,7 @@ title: Beta versions
|
||||||
You can test upcoming authentik versions by switching to the _next_ images. It is recommended to upgrade to the latest stable release before upgrading to Beta images. It is always possible to upgrade from the Beta to the next stable release.
|
You can test upcoming authentik versions by switching to the _next_ images. It is recommended to upgrade to the latest stable release before upgrading to Beta images. It is always possible to upgrade from the Beta to the next stable release.
|
||||||
|
|
||||||
:::warning
|
:::warning
|
||||||
Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install.
|
Downgrading from the Beta is not supported. It is recommended to take a backup before upgrading, or test Beta versions on a separate install. Upgrading from Beta versions to the next release is usually possible, however also not supported.
|
||||||
:::
|
:::
|
||||||
|
|
||||||
import Tabs from "@theme/Tabs";
|
import Tabs from "@theme/Tabs";
|
||||||
|
@ -16,7 +16,8 @@ import TabItem from "@theme/TabItem";
|
||||||
values={[
|
values={[
|
||||||
{label: 'Docker Compose', value: 'docker-compose'},
|
{label: 'Docker Compose', value: 'docker-compose'},
|
||||||
{label: 'Kubernetes', value: 'kubernetes'},
|
{label: 'Kubernetes', value: 'kubernetes'},
|
||||||
]}>
|
]}
|
||||||
|
groupId="platform">
|
||||||
<TabItem value="docker-compose">
|
<TabItem value="docker-compose">
|
||||||
Add the following block to your `.env` file:
|
Add the following block to your `.env` file:
|
||||||
|
|
||||||
|
@ -58,7 +59,8 @@ Next, run the upgrade commands below.
|
||||||
values={[
|
values={[
|
||||||
{label: 'Docker Compose', value: 'docker-compose'},
|
{label: 'Docker Compose', value: 'docker-compose'},
|
||||||
{label: 'Kubernetes', value: 'kubernetes'},
|
{label: 'Kubernetes', value: 'kubernetes'},
|
||||||
]}>
|
]}
|
||||||
|
groupId="platform">
|
||||||
<TabItem value="docker-compose">
|
<TabItem value="docker-compose">
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
@ -70,10 +72,9 @@ docker-compose up -d
|
||||||
|
|
||||||
<TabItem value="kubernetes">
|
<TabItem value="kubernetes">
|
||||||
|
|
||||||
```yaml
|
```shell
|
||||||
image:
|
helm repo update
|
||||||
repository: ghcr.io/goauthentik/server
|
helm upgrade authentik authentik/authentik -f values.yaml
|
||||||
tag: 2023.6.0
|
|
||||||
```
|
```
|
||||||
|
|
||||||
</TabItem>
|
</TabItem>
|
||||||
|
|
|
@ -92,27 +92,8 @@ docker-compose up -d
|
||||||
|
|
||||||
The `docker-compose.yml` file statically references the latest version available at the time of downloading the compose file. Each time you upgrade to a newer version of authentik, you download a new `docker-compose.yml` file, which points to the latest available version. For more information, refer to the **Upgrading** section in the [Release Notes](../releases).
|
The `docker-compose.yml` file statically references the latest version available at the time of downloading the compose file. Each time you upgrade to a newer version of authentik, you download a new `docker-compose.yml` file, which points to the latest available version. For more information, refer to the **Upgrading** section in the [Release Notes](../releases).
|
||||||
|
|
||||||
To start the initial setup, navigate to `https://<your server's IP or hostname>:9000/if/flow/initial-setup/`.
|
To start the initial setup, navigate to `http://<your server's IP or hostname>:9000/if/flow/initial-setup/`.
|
||||||
|
|
||||||
There you are prompted to set a password for the akadmin user (the default user).
|
There you are prompted to set a password for the akadmin user (the default user).
|
||||||
|
|
||||||
## Explanation
|
An explanation about what each service in the docker compose file does, see [Architecture](../core/architecture.md).
|
||||||
|
|
||||||
:::warning
|
|
||||||
The server assumes to have local timezone as UTC.
|
|
||||||
All internals are handled in UTC; whenever a time is displayed to the user in UI it gets localized.
|
|
||||||
Do not update or mount `/etc/timezone` or `/etc/localtime` in the authentik containers.
|
|
||||||
This will not give any advantages.
|
|
||||||
On the contrary, it will cause problems with OAuth and SAML authentication,
|
|
||||||
e.g. [see this GitHub issue](https://github.com/goauthentik/authentik/issues/3005).
|
|
||||||
:::
|
|
||||||
|
|
||||||
The Docker-Compose project contains the following containers:
|
|
||||||
|
|
||||||
- **Server**: This is the backend service, which does all the logic, plus runs the API and the SSO functionality. It also runs the frontend, hosts the JS/CSS files, and serves the files you've uploaded for icons/etc.
|
|
||||||
|
|
||||||
- **Worker**: This container executes background tasks, everything you can see on the _System Tasks_ page in the frontend.
|
|
||||||
|
|
||||||
- **Redis**: For Cache
|
|
||||||
|
|
||||||
- **Postgresql**: Default database
|
|
||||||
|
|
|
@ -26,7 +26,7 @@ Create a `values.yaml` file with a minimum of these settings:
|
||||||
authentik:
|
authentik:
|
||||||
secret_key: "PleaseGenerateA50CharKey"
|
secret_key: "PleaseGenerateA50CharKey"
|
||||||
# This sends anonymous usage-data, stack traces on errors and
|
# This sends anonymous usage-data, stack traces on errors and
|
||||||
# Performance data to sentry.io, and is fully opt-in
|
# performance data to sentry.io, and is fully opt-in
|
||||||
error_reporting:
|
error_reporting:
|
||||||
enabled: true
|
enabled: true
|
||||||
postgresql:
|
postgresql:
|
||||||
|
@ -50,7 +50,7 @@ redis:
|
||||||
enabled: true
|
enabled: true
|
||||||
```
|
```
|
||||||
|
|
||||||
See all configurable values on [artifacthub](https://artifacthub.io/packages/helm/goauthentik/authentik).
|
See all configurable values on [ArtifactHub](https://artifacthub.io/packages/helm/goauthentik/authentik).
|
||||||
|
|
||||||
### Install authentik Helm Chart
|
### Install authentik Helm Chart
|
||||||
|
|
||||||
|
@ -66,10 +66,33 @@ During the installation process, the database migrations will be applied automat
|
||||||
|
|
||||||
### Accessing authentik
|
### Accessing authentik
|
||||||
|
|
||||||
Once the installation is complete, access authentik at `https://<ingress-host-name>/if/flow/initial-setup/`. Here, you can set a password for the akadmin user.
|
Once the installation is complete, access authentik at `https://<ingress-host-name>/if/flow/initial-setup/`. Here, you can set a password for the default akadmin user.
|
||||||
|
|
||||||
### Optional Step: Configure Global Email Credentials
|
### Optional step: Configure global email credentials
|
||||||
|
|
||||||
It is recommended to configure global email credentials as well. These are used by authentik to notify you about alerts and configuration issues. Additionally, they can be utilized by Email stages to send verification and recovery emails.
|
It is recommended to configure global email credentials as well. These are used by authentik to notify you about alerts and configuration issues. Additionally, they can be utilized by [Email stages](../flow/stages/email/index.mdx) to send verification and recovery emails.
|
||||||
|
|
||||||
|
To configure this, append this block to your `values.yaml` file:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
# add this block under the `authentik:` block in your values.yaml file
|
||||||
|
# authentik:
|
||||||
|
email:
|
||||||
|
# -- SMTP Server emails are sent from, fully optional
|
||||||
|
host: ""
|
||||||
|
port: 587
|
||||||
|
# -- SMTP credentials, when left empty, no authentication will be done
|
||||||
|
username: ""
|
||||||
|
# -- SMTP credentials, when left empty, no authentication will be done
|
||||||
|
password: ""
|
||||||
|
# -- Enable either use_tls or use_ssl, they can't be enabled at the same time.
|
||||||
|
use_tls: false
|
||||||
|
# -- Enable either use_tls or use_ssl, they can't be enabled at the same time.
|
||||||
|
use_ssl: false
|
||||||
|
# -- Connection timeout
|
||||||
|
timeout: 30
|
||||||
|
# -- Email from address, can either be in the format "foo@bar.baz" or "authentik <foo@bar.baz>"
|
||||||
|
from: ""
|
||||||
|
```
|
||||||
|
|
||||||
By following these steps, you will successfully install and set up authentik on Kubernetes using Helm.
|
By following these steps, you will successfully install and set up authentik on Kubernetes using Helm.
|
||||||
|
|
|
@ -36,12 +36,11 @@ The `-O` flag retains the downloaded file's name, overwriting any existing local
|
||||||
|
|
||||||
### Kubernetes
|
### Kubernetes
|
||||||
|
|
||||||
Update your values to use the new images:
|
Upgrade the Helm Chart to the new version using the following commands:
|
||||||
|
|
||||||
```yaml
|
```shell
|
||||||
image:
|
helm repo update
|
||||||
repository: ghcr.io/goauthentik/server
|
helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.6
|
||||||
tag: 2023.6.0
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Minor changes/fixes
|
## Minor changes/fixes
|
||||||
|
|
|
@ -24,12 +24,11 @@ The `-O` flag retains the downloaded file's name, overwriting any existing local
|
||||||
|
|
||||||
### Kubernetes
|
### Kubernetes
|
||||||
|
|
||||||
Update your values to use the new images:
|
Upgrade the Helm Chart to the new version, using the following commands:
|
||||||
|
|
||||||
```yaml
|
```shell
|
||||||
image:
|
helm repo update
|
||||||
repository: ghcr.io/goauthentik/server
|
helm upgrade authentik authentik/authentik -f values.yaml --version ^xxxx.x
|
||||||
tag: xxxx.x.0
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Minor changes/fixes
|
## Minor changes/fixes
|
||||||
|
|
Reference in a new issue