This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.

History

Lukas Söder 7f39399c32 providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138 ) * Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. The starting number for uid/gid can be configured iva environtment variables and is by default 2000 which should work fine for most instances unless there are more than 999 local accounts on the server/computer. The uidNumber is just the users Pk + the starting number. The guidNumber is calculated by the last couple of bytes in the uuid of the group + the starting number, this should have a low enough chance for collisions that it's going to be fine for most use cases. I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases. * Add a 'fake' primary group for each user * First attempt att adding config to interface * Updated API to support new fields * Refactor code, update documentation and remove obsolete comment Simplify `GetRIDForGroup`, was a bit overcomplicated before. Add an additional class/struct `LDAPGroup` which is the new argument for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User Add proper support in the interface for changing gidNumber and uidNumber starting points * make lint-fix for the migration files		2021-07-14 09:17:01 +02:00
..
cmd	outposts/ldap: fix linting	2021-04-26 12:24:46 +02:00
pkg	providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138 )	2021-07-14 09:17:01 +02:00
.dockerignore	outpost: rename proxy to outpost	2021-01-16 19:20:27 +01:00
.gitignore	outpost: migrate to openapitools/openapi-generator-cli	2021-05-16 21:07:01 +02:00
Makefile	outposts/proxy: fix additionalHeaders not being set	2021-06-19 15:24:51 +02:00
README.md	outpost: migrate to openapitools/openapi-generator-cli	2021-05-16 21:07:01 +02:00
azure-pipelines.yml	outpost: fix missing outpost images	2021-06-09 11:22:28 +02:00
go.mod	build(deps): bump github.com/google/uuid from 1.2.0 to 1.3.0 in /outpost (#1135 )	2021-07-13 08:40:32 +02:00
go.sum	build(deps): bump github.com/google/uuid from 1.2.0 to 1.3.0 in /outpost (#1135 )	2021-07-13 08:40:32 +02:00
ldap.Dockerfile	outpost/ldap: add http server for healthchecks	2021-06-06 23:07:13 +02:00
proxy.Dockerfile	build(deps): bump golang from 1.16.4 to 1.16.5 in /outpost (#966 )	2021-06-04 09:37:13 +02:00

README.md

authentik outpost

Reverse Proxy based on oauth2_proxy, completely managed and monitored by authentik.

LDAP Server using ldap, completely managed and monitored by authentik.

Usage

authentik Outpost is built to be configured by authentik itself, hence the only options you can directly give it are connection params.

The following environment variable are implemented:

AUTHENTIK_HOST: Full URL to the authentik instance with protocol, i.e. "https://authentik.company.tld"

AUTHENTIK_TOKEN: Token used to authenticate against authentik. This is generated after an Outpost instance is created.

AUTHENTIK_INSECURE: This environment variable can optionally be set to ignore the SSL Certificate of the authentik instance. Applies to both HTTP and WS connections.

Development

authentik outpost uses an auto-generated API Client to communicate with authentik. This client is not kept in git. To generate the client locally, run make gen-outpost in the root directory of the repo.

Afterwards you can build the outpost like any other Go project, using go build ./cmd/proxy/server.go or go build ./cmd/ldap/server.go.