Jens Langhammer
d678d33756
root: add support for PROXY protocol on listeners
...
closes #1161
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-20 11:03:09 +02:00
dependabot[bot]
49d0ccd9c7
build(deps): bump @typescript-eslint/parser in /web ( #1158 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 4.28.3 to 4.28.4.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.28.4/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 09:08:16 +02:00
dependabot[bot]
ea082ed9ef
build(deps): bump @typescript-eslint/eslint-plugin in /web ( #1159 )
2021-07-20 08:33:22 +02:00
dependabot[bot]
d62fc9766c
build(deps): bump boto3 from 1.18.1 to 1.18.2 ( #1160 )
2021-07-20 08:33:12 +02:00
Jens Langhammer
983747b13b
website: add sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 21:50:56 +02:00
Jens Langhammer
de4710ea71
outpost: minor cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 17:19:48 +02:00
Jens Langhammer
d55b31dd82
outposts/proxy: set server header
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 17:11:11 +02:00
Jens Langhammer
d87871f806
outposts/ldap: improve logging, add request ID
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:41:29 +02:00
Jens Langhammer
148194e12b
tests/e2e: add LDAPS bind tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:26:36 +02:00
Jens Langhammer
a2c587be43
outposts: don't authenticate as service user for flows to set remote-ip
...
set outpost token as additional header and check that token (user) if they can override remote-ip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:17:13 +02:00
dependabot[bot]
673da2a96e
build(deps): bump eslint from 7.30.0 to 7.31.0 in /web ( #1156 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.30.0 to 7.31.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.30.0...v7.31.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-19 10:15:32 +02:00
dependabot[bot]
a9a7b26264
build(deps): bump ldap3 from 2.9 to 2.9.1 ( #1157 )
...
Bumps [ldap3](https://github.com/cannatag/ldap3 ) from 2.9 to 2.9.1.
- [Release notes](https://github.com/cannatag/ldap3/releases )
- [Changelog](https://github.com/cannatag/ldap3/blob/dev/_changelog.txt )
- [Commits](https://github.com/cannatag/ldap3/compare/v2.9...v2.9.1 )
---
updated-dependencies:
- dependency-name: ldap3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-19 10:11:30 +02:00
Jens Langhammer
83d2c442a5
tests/e2e: fix ldap tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 22:43:35 +02:00
Jens Langhammer
4029e19b72
outposts/ldap: fix order of flow check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 22:22:35 +02:00
Jens Langhammer
538a466090
root: fix middleware exception for outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 22:10:50 +02:00
Jens Langhammer
322a343c81
root: fix log level not being set to DEBUG for tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 21:45:08 +02:00
Jens Langhammer
6ddd6bfa72
root: fix linting errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 20:54:34 +02:00
Jens Langhammer
36de302250
outposts: separate CLI flow executor from ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 15:51:48 +02:00
Jens Langhammer
9eb13c50e9
ci: fix linter for embed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 21:56:42 +02:00
Jens Langhammer
cffc6a1b88
outpost/ldap: fix import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 20:02:36 +02:00
dependabot[bot]
ba437beacc
build(deps): bump @rollup/plugin-replace from 2.4.2 to 3.0.0 in /web ( #1152 )
...
Bumps [@rollup/plugin-replace](https://github.com/rollup/plugins/tree/HEAD/packages/replace ) from 2.4.2 to 3.0.0.
- [Release notes](https://github.com/rollup/plugins/releases )
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/replace/CHANGELOG.md )
- [Commits](https://github.com/rollup/plugins/commits/wasm-v3.0.0/packages/replace )
---
updated-dependencies:
- dependency-name: "@rollup/plugin-replace"
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-17 19:38:57 +02:00
dependabot[bot]
da32b05eba
build(deps): bump boto3 from 1.18.0 to 1.18.1 ( #1154 )
...
Bumps [boto3](https://github.com/boto/boto3 ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/boto/boto3/releases )
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst )
- [Commits](https://github.com/boto/boto3/compare/1.18.0...1.18.1 )
---
updated-dependencies:
- dependency-name: boto3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-17 19:38:44 +02:00
dependabot[bot]
45b7e7565d
Merge pull request #1153 from goauthentik/dependabot/go_modules/github.com/google/uuid-1.3.0
...
build(deps): bump github.com/google/uuid from 1.2.0 to 1.3.0
2021-07-17 19:38:33 +02:00
Jens Langhammer
a0b63f50bf
outposts: fix import for self-signed cert on ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 19:38:04 +02:00
Jens L
dc5d571c99
root: initial merging of outpost and main project ( #1030 )
...
* root: initial merging of outpost and main project
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: fix build for main server
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: start deduplicating code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: add more common utils
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: make outpost managed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: make managed outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: more code merging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: fix missing go client in dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: fix docker stage name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* internal: fix gunicorn not being restarted correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* internal: don't send kill signal to child as we mange it
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cmd: fix shutdown not being signaled properl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 18:38:27 +02:00
Jens Langhammer
05161db458
cmd: fix shutdown not being signaled properl
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 18:04:09 +02:00
Jens Langhammer
311ffa9f79
internal: don't send kill signal to child as we mange it
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 17:07:35 +02:00
Jens Langhammer
7cbe33d65d
internal: fix gunicorn not being restarted correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 16:59:31 +02:00
Jens Langhammer
be9ca48de0
root: fix docker stage name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 16:40:55 +02:00
Jens Langhammer
b3159a74e5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
# internal/outpost/ak/api.go
# internal/outpost/ak/api_uag.go
# internal/outpost/ak/global.go
# internal/outpost/ldap/api_tls.go
# internal/outpost/ldap/instance_bind.go
# internal/outpost/ldap/utils.go
# internal/outpost/proxy/api_bundle.go
# outpost/go.mod
# outpost/go.sum
# outpost/pkg/ak/cert.go
2021-07-17 12:49:38 +02:00
Jens Langhammer
89fafff0af
lifecycle: fix postgresql port not being passed for migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-16 12:04:36 +02:00
Starz0r
ae77c872a0
root: celery requires additional parameters when tls is enabled ( #1148 )
2021-07-16 08:51:09 +02:00
dependabot[bot]
5f13563e03
build(deps): bump rollup from 2.53.1 to 2.53.2 in /web ( #1149 )
2021-07-16 08:48:48 +02:00
dependabot[bot]
e17c9040bb
build(deps): bump @rollup/plugin-typescript from 8.2.1 to 8.2.3 in /web ( #1150 )
2021-07-16 08:48:40 +02:00
dependabot[bot]
280ef3d265
build(deps): bump boto3 from 1.17.112 to 1.18.0 ( #1151 )
2021-07-16 08:48:30 +02:00
Starz0r
a5bb583268
root: optional TLS support on redis connections ( #1147 )
...
* root: optional TLS support on redis connections
* root: don't use f-strings when not interpolating variables
* root: use f-string in redis protocol prefix interpolation
* root: glaring typo
* formatting
* small formatting change I missed
* root: swap around default redis protocol prefixes
2021-07-15 11:48:52 +02:00
Jens Langhammer
212ff11b6d
api: fix Capabilities check for s3 backup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-15 09:58:07 +02:00
dependabot[bot]
1fa9d70945
build(deps): bump golang from 1.16.5 to 1.16.6 ( #1144 )
2021-07-15 08:39:38 +02:00
dependabot[bot]
eeeaa9317b
build(deps): bump golang from 1.16.5 to 1.16.6 in /outpost ( #1145 )
2021-07-15 08:39:26 +02:00
dependabot[bot]
09b932100f
build(deps): bump boto3 from 1.17.111 to 1.17.112 ( #1146 )
2021-07-15 08:39:17 +02:00
Jens Langhammer
aa701c5725
core: don't delete expired tokens, rotate their key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:47:32 +02:00
Jens Langhammer
6f98833150
core: allow users to create non-expiring tokens when flag is set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:15:14 +02:00
Jens Langhammer
30aa24ce6e
outposts/ldap: more cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 20:37:27 +02:00
Jens Langhammer
a426a1a0b6
outposts: cleanup UserAgent config for API Client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 20:33:35 +02:00
Lukas Söder
061c549a40
providers/ldap: fix: dn and member fields for virtual groups ( #1143 )
...
* providers/ldap: fix: dn and member fields for virtual groups
* Refactor GetGroupDN to use string name instead to allow more flexibility
2021-07-14 14:54:55 +00:00
Toboshii Nakama
efa09d5e1d
providers/ldap: fix: Return user DN with virtual group ( #1142 )
...
* fix: incorrect ldap virtual group member DN
Signed-off-by: Toboshii Nakama <toboshii@gmail.com>
* fix: imports
Signed-off-by: Toboshii Nakama <toboshii@gmail.com>
2021-07-14 10:59:40 +00:00
Jens Langhammer
4fe0bd4b6c
tests/e2e: fix e2e tests for ldap provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 10:10:11 +02:00
Jens Langhammer
7c2decf5ec
providers/ldap: squash migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 09:22:25 +02:00
Lukas Söder
7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. ( #1138 )
...
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.
The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.
The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.
I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.
* Add a 'fake' primary group for each user
* First attempt att adding config to interface
* Updated API to support new fields
* Refactor code, update documentation and remove obsolete comment
Simplify `GetRIDForGroup`, was a bit overcomplicated before.
Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User
Add proper support in the interface for changing gidNumber and uidNumber starting points
* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
dependabot[bot]
7fd78a591d
build(deps): bump boto3 from 1.17.110 to 1.17.111 ( #1141 )
2021-07-14 08:44:03 +02:00