lifecycle: migrate to gunicorn instead of runserver

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Makefile

@@ -68,4 +68,4 @@ migrate:
 	python -m lifecycle.migrate
 
 run:
-	go run -v cmd/server/main.go
+	WORKERS=1 go run -v cmd/server/main.go

internal/gounicorn/gounicorn.go

@@ -5,7 +5,6 @@ import (
 	"os/exec"
 
 	log "github.com/sirupsen/logrus"
-	"goauthentik.io/internal/config"
 )
 
 type GoUnicorn struct {
@@ -29,10 +28,6 @@ func NewGoUnicorn() *GoUnicorn {
 func (g *GoUnicorn) initCmd() {
 	command := "gunicorn"
 	args := []string{"-c", "./lifecycle/gunicorn.conf.py", "authentik.root.asgi.app:application"}
-	if config.G.Debug {
-		command = "python"
-		args = []string{"manage.py", "runserver", "localhost:8000"}
-	}
 	g.log.WithField("args", args).WithField("cmd", command).Debug("Starting gunicorn")
 	g.p = exec.Command(command, args...)
 	g.p.Env = os.Environ()

lifecycle/gunicorn.conf.py

@@ -1,5 +1,6 @@
 """Gunicorn config"""
 import os
+import pwd
 import warnings
 from multiprocessing import cpu_count
 
@@ -7,13 +8,19 @@ import structlog
 from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
 
 bind = "127.0.0.1:8000"
+reload = True
 
-user = "authentik"
-group = "authentik"
+try:
+    pwd.getpwnam("authentik")
+    user = "authentik"
+    group = "authentik"
+except KeyError:
+    pass
 
 worker_class = "uvicorn.workers.UvicornWorker"
 # Docker containers don't have /tmp as tmpfs
-worker_tmp_dir = "/dev/shm"  # nosec
+if os.path.exists("/dev/shm"):  # nosec
+    worker_tmp_dir = "/dev/shm"  # nosec
 
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "authentik.root.settings")
 
@@ -53,7 +60,7 @@ if SERVICE_HOST_ENV_NAME in os.environ:
 else:
     default_workers = max(cpu_count() * 0.25, 1) + 1  # Minimum of 2 workers
     workers = int(os.environ.get("WORKERS", default_workers))
-threads = 4
+threads = int(os.environ.get("THREADS", 4))
 
 warnings.filterwarnings(
     "ignore",