Merge branch 'goauthentik:main' into main

This commit is contained in:
Avsynthe 2022-12-02 21:50:27 +11:00 committed by GitHub
commit b03a84a2f5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 10 deletions

View File

@ -1,6 +1,5 @@
"""Gunicorn config""" """Gunicorn config"""
import os import os
import pwd
from hashlib import sha512 from hashlib import sha512
from multiprocessing import cpu_count from multiprocessing import cpu_count
from os import makedirs from os import makedirs
@ -23,13 +22,6 @@ if TYPE_CHECKING:
bind = "127.0.0.1:8000" bind = "127.0.0.1:8000"
try:
pwd.getpwnam("authentik")
user = "authentik"
group = "authentik"
except KeyError:
pass
_tmp = Path(gettempdir()) _tmp = Path(gettempdir())
worker_class = "lifecycle.worker.DjangoUvicornWorker" worker_class = "lifecycle.worker.DjangoUvicornWorker"
worker_tmp_dir = str(_tmp.joinpath("authentik_worker_tmp")) worker_tmp_dir = str(_tmp.joinpath("authentik_worker_tmp"))

View File

@ -71,6 +71,10 @@ Modify the following Example SAML config and paste incorporate into your `.env`
```bash ```bash
# Set authentication method to be saml2 # Set authentication method to be saml2
AUTH_METHOD=saml2 AUTH_METHOD=saml2
# Control if BookStack automatically initiates login via your SAML system if it's the only authentication method.
# Prevents the need for the user to click the "Login with x" button on the login page.
# Setting this to true enables auto-initiation.
AUTH_AUTO_INITIATE=true
# Set the display name to be shown on the login button. # Set the display name to be shown on the login button.
# (Login with <name>) # (Login with <name>)
SAML2_NAME=authentik SAML2_NAME=authentik
@ -78,12 +82,17 @@ SAML2_NAME=authentik
SAML2_EMAIL_ATTRIBUTE=email SAML2_EMAIL_ATTRIBUTE=email
# Name of the attribute to use as an ID for the SAML user. # Name of the attribute to use as an ID for the SAML user.
SAML2_EXTERNAL_ID_ATTRIBUTE=uid SAML2_EXTERNAL_ID_ATTRIBUTE=uid
# Enable SAML group sync.
SAML2_USER_TO_GROUPS=true
# Set the attribute from which BookStack will read groups names from.
# You will need to rename your roles in Bookstack to match your groups in authentik.
SAML2_GROUP_ATTRIBUTE=http://schemas.xmlsoap.org/claims/Group
# Name of the attribute(s) to use for the user's display name # Name of the attribute(s) to use for the user's display name
# Can have multiple attributes listed, separated with a '|' in which # Can have multiple attributes listed, separated with a '|' in which
# case those values will be joined with a space. # case those values will be joined with a space.
# Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName # Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName
# Defaults to the ID value if not found. # Defaults to the ID value if not found.
SAML2_DISPLAY_NAME_ATTRIBUTES=Name SAML2_DISPLAY_NAME_ATTRIBUTES=http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname
# Identity Provider entityID URL # Identity Provider entityID URL
SAML2_IDP_ENTITYID=METADATAURL SAML2_IDP_ENTITYID=METADATAURL
# Auto-load metatadata from the IDP # Auto-load metatadata from the IDP