Jens Langhammer
425b87a6d0
outposts: add ack and disconnect tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 09:34:37 +01:00
Jens Langhammer
d12e24017e
outposts: add websocket tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 23:58:19 +01:00
Jens Langhammer
f0e9bafa35
outposts: add tests for management commands
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:44:42 +01:00
Jens Langhammer
61d3df5f02
outposts: fix docker controller not using object_naming_template
...
closes #1682
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:04:59 +02:00
Jens Langhammer
a1b3af401d
outposts: improve handling of recreate scenarios
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 14:29:37 +02:00
Jens Langhammer
92d38f62b5
outposts: handle k8s 422 response code by recreating objects
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 10:23:11 +02:00
Jens Langhammer
8d32a53126
outposts: add additional error checking for docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-17 15:54:57 +02:00
Jens Langhammer
5f9dda2e58
outposts: rename docker_image_base to container_image_base, since its not docker specific
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 20:28:30 +02:00
Ilya Kogan
0c55eea678
outposts: Adding more flexibility to outposts in Kubernetes. ( #1617 )
...
* outposts/ldap: Support hard coded `uidNumber` and `gidNumber`.
* outposts: more options for image + labels
- Set outpost docker image in config.
- Set image pull secrets in outpost config.
- Add additional labels for easier targeting from
custom services.
* Fix some linting errors.
* outposts: Rename `docker_image` to `container_image
2021-10-14 19:54:56 +02:00
Jens Langhammer
797e31696a
outposts: fix attribute error in docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 13:37:56 +02:00
Jens Langhammer
4b7399f454
*: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:21:28 +02:00
Jens Langhammer
ecfc3a6d93
*: migrate everything to goauthentik.io docker proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 11:04:47 +02:00
Jens L
e4f141c6c0
*: Squash Migrations ( #1593 )
...
* *: first squash pass
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sources/saml: squash less
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix docker controller not correctly checking image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix old migration reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 21:39:35 +02:00
Jens Langhammer
9e936e4436
outposts: fix lint error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:15:57 +02:00
Jens Langhammer
649abddea7
outposts: fallback to known-good outpost image if configured image cannot be pulled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:10:39 +02:00
Jens Langhammer
05b587ae44
outposts: fix error when comparing ports in docker controller when port mapping is disabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 10:44:07 +02:00
Jens Langhammer
fab9a10487
outposts: don't always build permissions on outpost.user access, only in signals and tasks
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:04:19 +02:00
Jens Langhammer
036a4e86e2
tests/integration: fix tests failing due to incorrect comparison
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 22:54:07 +02:00
Jens Langhammer
83150d9920
outposts: fix circular import in kubernetes controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:25:18 +02:00
Jens Langhammer
c720c9f41b
outposts: check ports of deployment in kubernetes outpost controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:09:52 +02:00
Jens Langhammer
4cb8ae760a
outposts: allow disabling of docker controller port mapping
...
closes #1474
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 23:55:22 +02:00
Jens Langhammer
b248f450dd
outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
...
closes #1471
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:00:51 +02:00
Jens Langhammer
79b92e764e
*: fix typos in code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
Jens Langhammer
919336a519
outposts: ensure service is always re-created with mismatching ports
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 23:45:15 +02:00
Jens Langhammer
180d27cc37
outposts: don't restart container when health checks are starting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:46:05 +02:00
Jens Langhammer
90ecb1af7f
outposts: fix service account's permissions being checked twice
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 09:55:27 +02:00
Jens Langhammer
e229eda96e
outposts/controllers/kubernetes: don't create service monitor for embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 15:59:39 +02:00
Jens L
7158c9d2ea
core: metrics v2 ( #1370 )
...
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
Jens Langhammer
533eb59a04
outposts/controllers: re-create service when mismatched ports to prevent errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 23:00:53 +02:00
Jens Langhammer
b7ef076798
outposts: add expected outpost replica count to metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 15:56:57 +02:00
Jens Langhammer
582ad92c76
outposts/k8s: improve error handling
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-28 14:58:26 +02:00
Jens Langhammer
12ddee3bb6
outpost: add additional labels to docker container
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:26:27 +02:00
Jens Langhammer
dc41d0af27
outposts: add configurable docker_network for outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:26:11 +02:00
Jens Langhammer
f6953296d8
outposts: add recursion limit for docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:25:28 +02:00
Jens Langhammer
85915905dc
web/flows: fix error during error handling
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:11:30 +02:00
Jens Langhammer
12e2f7b945
outposts: add repair_permissions command
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:53:53 +02:00
Jens Langhammer
45d47f828a
outpost: handle non-existant permission
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:39:47 +02:00
dependabot[bot]
7efec281be
build(deps-dev): bump pylint from 2.9.6 to 2.10.2 ( #1280 )
...
* build(deps-dev): bump pylint from 2.9.6 to 2.10.2
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.9.6 to 2.10.2.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.9.6...v2.10.2 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: add missing encoding to open() calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:10:31 +02:00
Jens Langhammer
8fe38b528b
outposts: fix managed check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-16 09:36:01 +02:00
Jens Langhammer
0a6efab7cb
outposts: fix syntax
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 20:59:37 +02:00
Jens Langhammer
b35e62e5ae
outposts: don't start docker container for embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:10:49 +02:00
Jens Langhammer
837fa23af0
outpost: only set embedded outpost config on creation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 22:23:33 +02:00
Jens Langhammer
ebc6afe015
outpost: fix detection of embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 21:39:08 +02:00
Jens Langhammer
45bee4b4dc
outposts: fix test for config validation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 17:14:05 +02:00
Jens Langhammer
c025d64ba3
outpost: revert managed config, make authentik_host field optional
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:58:01 +02:00
Jens Langhammer
2a53bc4330
outpost: add fallback for authentik_host when its not set in config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:32:26 +02:00
Jens Langhammer
8180d6f9e8
outposts: don't override authentik_host for embedded outpost authentik_host
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:29:33 +02:00
Jens Langhammer
f0a8c30ce9
outposts: create different service when using embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 14:01:39 +02:00
Jens Langhammer
b36a3100e6
outposts: allow empty provider list for embedded provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 22:32:44 +02:00
Jens Langhammer
9c9addb0ce
*: ensure all resources can be filtered
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 16:34:14 +02:00
Jens Langhammer
77ed25ae34
root: reformat to 100 line width
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:45:16 +02:00
Jens Langhammer
35c1476bbe
outposts: catch invalid ServiceConnection error in outpost controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:25:11 +02:00
Jens Langhammer
293c479364
outposts: ensure embedded outpost is created with integration selected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 21:09:38 +02:00
Jens Langhammer
bc9ff792a8
outposts: manage config for embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 22:29:38 +02:00
Jens L
f01bc20d44
Embedded outpost ( #1193 )
...
* api: allow API requests as managed outpost's account when using secret_key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load secret key from env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: make listener IP configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: run outpost in background and pass requests conditionally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: unify branding to embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix embedded outpost not being editable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix mismatched host detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix LDAP test not including user for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix user matching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add tests for secret_key auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load environment variables using github.com/Netflix/go-env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 11:30:30 +02:00
Jens Langhammer
7370dd5f3f
outposts: ensure outpost SAs always have permissions to fake IP
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 10:02:20 +02:00
Jens Langhammer
a2c587be43
outposts: don't authenticate as service user for flows to set remote-ip
...
set outpost token as additional header and check that token (user) if they can override remote-ip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:17:13 +02:00
Jens Langhammer
948db46406
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-05 19:11:26 +02:00
Jens Langhammer
df92111296
outposts: update outpost permissions on m2m change
...
closes #1105
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-04 19:37:12 +02:00
Jens Langhammer
5afe88a605
outposts: fix empty message when docker outpost controller has changed nothing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-04 13:48:43 +02:00
Jens Langhammer
5fd408ca82
outposts: fix docker controller not checking ports correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-04 12:32:55 +02:00
Jens Langhammer
becb9e34b5
outposts: fix docker controller not checking env correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 22:17:29 +02:00
Jens Langhammer
4917ab9985
outposts: fix container not being started after creation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 21:59:47 +02:00
Jens Langhammer
bd92505bc2
core: add notice about duplicate keys
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 21:52:28 +02:00
Jens Langhammer
3dc9e247d5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-02 16:23:30 +02:00
dependabot[bot]
d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 ( #1095 )
...
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: update source for new pylint version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-30 10:37:28 +02:00
Jens Langhammer
2a0bd50e23
outposts: fix linting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-29 17:08:12 +02:00
Jens Langhammer
ce49d7ea5b
outposts: make managed outposts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-29 16:20:44 +02:00
Jens Langhammer
8429dd19b2
Merge branch 'master' into inbuilt-proxy
2021-06-29 16:20:24 +02:00
Jens Langhammer
60c3cf890a
events: add ability to create events via API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 23:37:03 +02:00
Jens Langhammer
b8bdf7a035
outposts: fix outpost being re-created when in host mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-25 15:15:18 +02:00
Jens Langhammer
bb776c2710
outposts: check docker container ports match
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-25 11:54:35 +02:00
Jens Langhammer
1554dc9feb
outposts: make outpost managed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-23 21:26:24 +02:00
Jens Langhammer
5ff5edf769
outposts: improve logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 18:51:02 +02:00
Jens Langhammer
a4856969f4
outposts: fix port and inner_port being mixed on docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 19:19:06 +02:00
Jens Langhammer
e8978adc1b
outpost: fix syntax error when creating an outpost with connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 18:39:51 +02:00
Jens Langhammer
2580371f94
outposts: fix error when getting component for base service connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 12:38:29 +02:00
Jens Langhammer
4e9be85353
website/docs: add docs for outpost configuration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 09:21:35 +02:00
Jens Langhammer
bb8559ee18
web: remove base interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 19:54:27 +02:00
Jens Langhammer
fc8004db2b
outposts: fix integrity error with tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 13:36:54 +02:00
Jens L
34ae9e6dab
API: add endpoint to show by what objects an object is used ( #995 )
...
* core: add used_by API to show what objects are affected before deletion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add support for used_by API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add authentik_used_by_shadows to shadow other models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: implement used_by API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: fix duplicate imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add action field to used_by api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add UI for used_by action
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add notice to tenant form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: fix naming in used_by
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: check length for used_by
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: fix used_by for non-pk models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: improve __str__ on models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add support for many to many in used_by
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 11:58:12 +02:00
Jens Langhammer
2addf71f37
outposts: add service connection to outpost API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:45:14 +02:00
Jens L
dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain ( #971 )
...
* outposts: initial cookie domain implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add cookie domain setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: replace forward_auth_mode with general mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: rebuild proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: re-add forward_auth_mode for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix data.mode not being set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: always set log level to debug when testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: use new mode attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only ingress /akprox on forward_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix error on ProxyProviderForm when not using proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix default for outpost form's type missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add additional desc for proxy modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix service account permissions not always being updated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: fix redirecting to incorrect host for domain mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: improve error handling for network errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: fix image naming not matching main imaeg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: fix redirects for domain mode and traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix colour for paragraphs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix consent stage not showing permissions correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add domain-level docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: fix broken links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: remove dead code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix missing id for #header-text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 23:10:17 +02:00
Jens Langhammer
fceab788d2
outposts: fix error during outpost disconnect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:25:09 +02:00
Jens Langhammer
cefe3fa6dd
outposts: fix docker controller always replacing beta images
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 16:08:20 +02:00
Jens Langhammer
5e3628bea6
core: add fallback URLs for websocket to cleanup test logs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 17:26:18 +02:00
Jens Langhammer
48e68d6852
core: fix token identifier not being set to unique
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 11:45:48 +02:00
Jens Langhammer
6d0e0cbe5a
outposts: improve validation of providers (must match outpost type)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 16:04:41 +02:00
Jens Langhammer
644ff4a90c
outposts: fix error when validating kubeconfig
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 10:25:59 +02:00
Jens Langhammer
72f5a4c460
outposts: fix possible recursion error in docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 16:22:02 +02:00
Jens Langhammer
5990b8d4de
outposts: fix docker container not being stopped correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:16:39 +02:00
Jens Langhammer
a1b6e09e8a
outposts: set restart-policy on docker container
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-28 17:18:11 +02:00
Jens Langhammer
58a4b20297
outposts: handle disconnects without outpost better
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 12:06:55 +02:00
Jens L
53e2b2c784
Prometheus metrics ( #914 )
...
* admin: add worker metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* admin: add version metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* events: add gauge for system tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: add gauge for last hello and connection status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: re-add prometheus metrics to database
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: allow access to metrics without credentials when debug is on
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: add UpdatingGauge to auto-set value on load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add metrics for cache and building
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: add metrics for policy engine
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* events: add histogram for task durations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* events: revert to gauge because values are updated on export view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add gauge to count all models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* events: add metrics for events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 20:29:34 +02:00
Jens Langhammer
a5cd9fa141
outposts: improve logging for docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 19:27:24 +02:00
Jens Langhammer
9a48c2fd9a
outposts: fix error on outpost disconnect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 18:07:07 +02:00
Jens Langhammer
f6f93640c5
outposts: fix update signal not being sent to correct instances
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 15:23:18 +02:00
Jens Langhammer
7152d7ee01
outposts: fix schema for outposts health
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:10:11 +02:00
Jens Langhammer
1324d03815
*: initial migration to openapi v3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:57:28 +02:00
Jens Langhammer
a30b32fbbf
outposts: fix missing default for OutpostState.for_channel
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:46:53 +02:00
Jens Langhammer
1745306cc6
outposts: fix error when controller loads from cache but cache has expired
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:45:33 +02:00
Jens Langhammer
9939db13c3
outposts: fix reload notification not working due to wrong ID being saved
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:13:04 +02:00
Jens Langhammer
a3fccbdaff
outposts: add build_hash for docker image
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:36:18 +02:00
Jens Langhammer
bdf9f26d07
outposts: compare build hash in outdated check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 19:05:29 +02:00
Jens Langhammer
8e5d03cb86
outposts: remove legacy API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:54 +02:00
Jens Langhammer
0620324702
root: bump version of psf black
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 00:42:46 +02:00
Jens Langhammer
5a0e78c698
outposts: fix issue with duplicate outpost health
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:46:30 +02:00
Jens Langhammer
788fd00390
outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:27:29 +02:00
Jens Langhammer
a293a14f2a
outposts: re-add _config for backwards compat
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 22:28:46 +02:00
Jens Langhammer
219b8d1a57
outposts: allow individual components of managed outposts to be disabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:27:48 +02:00
Jens Langhammer
c7d4e69669
root: make database port configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:25:15 +02:00
Jens Langhammer
cd629dfbaa
outposts: improve API validation for config attribute, ensure all required attributes are set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:24:42 +02:00
Jens Langhammer
c2f8ff55cf
outposts: fix outpost delete hanging thread, run cleanup in async task with info from cache with ability to retry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 17:11:31 +02:00
Jens Langhammer
f072c600cc
lifecycle: use URl for redis on startup to prevent errors with no paswords
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:13:58 +02:00
Jens Langhammer
72836ecd9d
outposts: default to currently running namespace if possible
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:44:32 +02:00
Jens Langhammer
7f7046f0e4
outposts: lowercase k8s object names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:13:21 +02:00
Jens Langhammer
8c0a87b710
outposts: improve logging for outpost controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:34:44 +02:00
Jens Langhammer
5ac6a6910e
outposts: check if traefik CRD exists before attempting to delete
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:59:13 +02:00
Jens Langhammer
d751a7fc4c
lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:42:31 +02:00
Jens Langhammer
6868b7722c
outposts: delete old outpost deployment when name or namespace is changed
...
closes #845
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:11:38 +02:00
Jens Langhammer
7a1935b4e2
outposts: fix error on k8s when name has spaces
...
closes #846
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 14:09:21 +02:00
Jens Langhammer
9fc072e4df
outposts: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:56:44 +02:00
Jens Langhammer
9485f0b8cc
outpost/ldap: make users and groups OU instead of CN
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:46:26 +02:00
Jens Langhammer
e5a5a5c603
outposts: fix k8s controller not handing Disabled() in static deployment
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 09:52:43 +02:00
Jens Langhammer
ea7f9f291f
outposts: create traefikmiddleware if forwardAuth is enabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 00:01:35 +02:00
Jens Langhammer
ef63e35ad2
outposts: improve messaging from controller on k8s
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:07:29 +02:00
Jens Langhammer
4e9176ed2e
outposts: support different port on container vs exposed port
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:59:49 +02:00
Jens Langhammer
d1296e9cc7
outposts: fix deployments referencing the wrong secret
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:51:14 +02:00
Jens Langhammer
73b87a5e3d
events: fix error in API when specifying max_n
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:54 +02:00
Jens Langhammer
ac9cac302c
outposts: fix outpost state showing last time without version
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:49:13 +02:00
Jens Langhammer
be8b2bf6f6
providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 17:53:12 +02:00
Jens Langhammer
b266a2cdfb
outposts: make k8s service type configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:37:56 +02:00
Jens Langhammer
9a15a66d85
outposts: make k8s object naming configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:36:27 +02:00
Jens Langhammer
1a02049104
core: show users and groups when user has overall user permissions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:02:47 +02:00
Jens Langhammer
32934fcd38
outpost/ldap: check access based on Group Membership
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 00:03:19 +02:00
Jens Langhammer
08451c15f4
outposts/ldap: save user DN to determine who can search
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 21:49:15 +02:00
Jens Langhammer
c317efa14c
Merge branch 'master' into outpost-ldap
2021-05-01 00:26:55 +02:00
Jens Langhammer
3e666de91d
outposts: fix formatting of image name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 16:52:28 +02:00
Jens Langhammer
b55cb2b40c
Merge branch 'master' into outpost-ldap
2021-04-29 20:13:47 +02:00
Jens Langhammer
25c001f2cd
outposts: allow better configuration of outpost image name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 20:07:53 +02:00
Jens Langhammer
9b70aaa717
outposts: only kill docker container if its running
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 18:32:16 +02:00
Jens Langhammer
4d858c64e0
Merge branch 'master' into outpost-ldap
2021-04-27 17:08:26 +02:00
Jens Langhammer
ccef7b4233
*: make logger not use .error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:26 +02:00
Jens Langhammer
3ce8b836dc
outposts: allow outposts to have non-object specific permissions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:28:26 +02:00
Jens Langhammer
b35d9ae8b0
outposts: fix type not being configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:45:14 +02:00
Jens Langhammer
302b047f1a
outposts/ldap: add controllers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:26:31 +02:00
Jens Langhammer
f89479caf3
providers/ldap: add LDAP provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:52:42 +02:00
Jens Langhammer
820c9e7d06
Merge branch 'master' into outpost-ldap
2021-04-24 22:22:01 +02:00
Jens Langhammer
b8a566f4a0
outposts: move local connection check to task, run every 60 minutes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:34:48 +02:00
Jens Langhammer
aa0e8edb8b
*: make tasks run every 60 minutes not :00 every hour
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:26:17 +02:00