trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

core: add bootstrap variables with authentik prefix for helm charts (#3031)

Browse source 
https://github.com/goauthentik/helm/pull/72
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L 2022-06-03 15:22:56 +02:00 committed by GitHub
parent 8447e9b9c2
commit 7ee655a318
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 44 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
authentik/core/migrations/0002_auto_20200523_1133_squashed_0011_provider_name_temp.py
View file

@ -20,8 +20,15 @@ def create_default_user(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
akadmin, _ = User.objects.using(db_alias).get_or_create( akadmin, _ = User.objects.using(db_alias).get_or_create(
username="akadmin", email="root@localhost", name="authentik Default Admin" username="akadmin", email="root@localhost", name="authentik Default Admin"
) )
if "TF_BUILD" in environ or "AK_ADMIN_PASS" in environ or settings.TEST: password = None
akadmin.set_password(environ.get("AK_ADMIN_PASS", "akadmin"), signal=False) # noqa # nosec if "TF_BUILD" in environ or settings.TEST:
password = "akadmin" # noqa # nosec
if "AK_ADMIN_PASS" in environ:
password = environ["AK_ADMIN_PASS"]
if "AUTHENTIK_BOOTSTRAP_PASSWORD" in environ:
password = environ["AUTHENTIK_BOOTSTRAP_PASSWORD"]
if password:
akadmin.set_password(password, signal=False)
else: else:
akadmin.set_unusable_password() akadmin.set_unusable_password()
akadmin.save() akadmin.save()

11
authentik/core/migrations/0003_default_user.py
View file

@ -16,8 +16,15 @@ def create_default_user(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
akadmin, _ = User.objects.using(db_alias).get_or_create( akadmin, _ = User.objects.using(db_alias).get_or_create(
username="akadmin", email="root@localhost", name="authentik Default Admin" username="akadmin", email="root@localhost", name="authentik Default Admin"
) )
if "TF_BUILD" in environ or "AK_ADMIN_PASS" in environ or settings.TEST: password = None
akadmin.set_password(environ.get("AK_ADMIN_PASS", "akadmin"), signal=False) # noqa # nosec if "TF_BUILD" in environ or settings.TEST:
password = "akadmin" # noqa # nosec
if "AK_ADMIN_PASS" in environ:
password = environ["AK_ADMIN_PASS"]
if "AUTHENTIK_BOOTSTRAP_PASSWORD" in environ:
password = environ["AUTHENTIK_BOOTSTRAP_PASSWORD"]
if password:
akadmin.set_password(password, signal=False)
else: else:
akadmin.set_unusable_password() akadmin.set_unusable_password()
akadmin.save() akadmin.save()

11
authentik/core/migrations/0018_auto_20210330_1345_squashed_0028_alter_token_intent.py
View file

@ -44,14 +44,19 @@ def create_default_user_token(apps: Apps, schema_editor: BaseDatabaseSchemaEdito
akadmin = User.objects.using(db_alias).filter(username="akadmin") akadmin = User.objects.using(db_alias).filter(username="akadmin")
if not akadmin.exists(): if not akadmin.exists():
return return
if "AK_ADMIN_TOKEN" not in environ: key = None
if "AK_ADMIN_TOKEN" in environ:
key = environ["AK_ADMIN_TOKEN"]
if "AUTHENTIK_BOOTSTRAP_TOKEN" in environ:
key = environ["AUTHENTIK_BOOTSTRAP_TOKEN"]
if not key:
return return
Token.objects.using(db_alias).create( Token.objects.using(db_alias).create(
identifier="authentik-boostrap-token", identifier="authentik-bootstrap-token",
user=akadmin.first(), user=akadmin.first(),
intent=TokenIntents.INTENT_API, intent=TokenIntents.INTENT_API,
expiring=False, expiring=False,
key=environ["AK_ADMIN_TOKEN"], key=key,
) )

11
authentik/core/migrations/0027_bootstrap_token.py
View file

@ -15,14 +15,19 @@ def create_default_user_token(apps: Apps, schema_editor: BaseDatabaseSchemaEdito
akadmin = User.objects.using(db_alias).filter(username="akadmin") akadmin = User.objects.using(db_alias).filter(username="akadmin")
if not akadmin.exists(): if not akadmin.exists():
return return
if "AK_ADMIN_TOKEN" not in environ: key = None
if "AK_ADMIN_TOKEN" in environ:
key = environ["AK_ADMIN_TOKEN"]
if "AUTHENTIK_BOOTSTRAP_TOKEN" in environ:
key = environ["AUTHENTIK_BOOTSTRAP_TOKEN"]
if not key:
return return
Token.objects.using(db_alias).create( Token.objects.using(db_alias).create(
identifier="authentik-boostrap-token", identifier="authentik-bootstrap-token",
user=akadmin.first(), user=akadmin.first(),
intent=TokenIntents.INTENT_API, intent=TokenIntents.INTENT_API,
expiring=False, expiring=False,
key=environ["AK_ADMIN_TOKEN"], key=key,
) )

12
website/docs/installation/automated-install.md
View file

@ -4,14 +4,22 @@ title: Automated install
To install authentik automatically (skipping the Out-of-box experience), you can use the following environment variables: To install authentik automatically (skipping the Out-of-box experience), you can use the following environment variables:
### `AK_ADMIN_PASS` ### `AUTHENTIK_BOOTSTRAP_PASSWORD` or `AK_ADMIN_PASS`
Configure the default password for the `akadmin` user. Only read on the first startup. Can be used for any flow executor. Configure the default password for the `akadmin` user. Only read on the first startup. Can be used for any flow executor.
### `AK_ADMIN_TOKEN` :::info
For versions before 2022.6, this variable was called `AK_ADMIN_PASS`. This will be removed in 2022.7
:::
### `AUTHENTIK_BOOTSTRAP_TOKEN` or `AK_ADMIN_TOKEN`
:::note :::note
This option has been added in 2021.8 This option has been added in 2021.8
::: :::
Create a token for the default `akadmin` user. Only read on the first startup. The string you specify for this variable is the token key you can use to authenticate yourself to the API. Create a token for the default `akadmin` user. Only read on the first startup. The string you specify for this variable is the token key you can use to authenticate yourself to the API.
:::info
For versions before 2022.6, this variable was called `AK_ADMIN_TOKEN`. This will be removed in 2022.7
:::