authentik fork
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
Marc 'risson' Schmitt fc5f6d6677
root: handle SIGHUP and SIGUSR2
This is the first step to handle configuration reloading. With those
changes, it is already possible to do so, by sending a SIGUSR2 signal to
the Go server process. The next step would be to watch for changes to
configuration files and call the Restart function of the GoUnicorn
instance.

SIGHUP is catched by the go server and forwarded as-is to gunicorn,
which causes it to restart its workers. However, that does not trigger
a reload of the Django settings, probably because they are already
loaded in the master, before creating any of the worker instances.

SIGUSR2, however, can be used to spawn a new gunicorn master process,
but handling it is a bit trickier. Please refer to Gunicorn's
documentation[0] for details, especially the "Upgrading to a new binary
on the fly" section.

As we are now effectively killing the gunicorn processed launched by the
server, we need to handle some sort of check to make sure it is still
running. That's done by using the already existing healthchecks, making
them useful not only for the application start, but also for its
lifetime. If a check is failed too many times in a given time period,
the gunicorn processed is killed (if necessary) and then restarted.

[0] https://docs.gunicorn.org/en/20.1.0/signals.html

Other relevant links and documentation:

Python library handling the processing swaping upon a SIGUSR2:
https://github.com/flupke/rainbow-saddle/

Golang cannot easily check if a process exists on Unix systems:
https://github.com/golang/go/issues/34396

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-04-29 00:00:45 +02:00
.github root: add checklist to PRs (#5390) 2023-04-28 12:21:57 +03:00
.vscode core: add a list of recommended vs code extensions (#4869) 2023-03-08 00:25:59 +01:00
authentik root: add websocket logging (#5408) 2023-04-28 20:34:34 +03:00
blueprints stages/prompt: Add initial_data prompt field and ability to select a default choice for choice fields (#5095) 2023-04-19 12:27:51 +02:00
cmd root: handle SIGHUP and SIGUSR2 2023-04-29 00:00:45 +02:00
internal root: handle SIGHUP and SIGUSR2 2023-04-29 00:00:45 +02:00
lifecycle ci: fix pyright errors (#5392) 2023-04-27 17:33:47 +03:00
locale Translate 'locale/en/LC_MESSAGES/django.po' in 'zh-Hans' (#5410) 2023-04-28 19:27:47 +03:00
schemas providers: SCIM (#4835) 2023-03-06 19:39:08 +01:00
scripts root: add ruff linter (#5240) 2023-04-18 13:28:19 +02:00
tests outposts: make state more consistent (#5403) 2023-04-28 13:53:07 +03:00
web Translate 'web/src/locales/en.po' in 'zh_CN' (#5412) 2023-04-28 18:00:50 +03:00
website website/blog: monorepo blog draft (#5346) 2023-04-26 15:21:26 +00:00
.bumpversion.cfg release: Version 2023.4 (#5283) 2023-04-18 10:45:17 +02:00
.dockerignore enterprise: initial license (#5293) 2023-04-19 16:13:45 +02:00
.editorconfig website: codespell with custom dictionary and CI (#5062) 2023-03-24 00:24:55 +01:00
.gitignore website/blog: Becoming OpenID certified - Why standards matter (#4865) 2023-03-07 18:22:53 +01:00
CODE_OF_CONDUCT.md root: rework and expand security policy 2022-11-28 12:10:53 +01:00
CONTRIBUTING.md root: fix contributing List points (#5245) 2023-04-13 22:48:13 +02:00
docker-compose.yml root: Change docker-compose HTTP and HTTPS port variables (#5335) 2023-04-21 14:54:40 +03:00
Dockerfile core: bump node from 18 to 20 (#5329) 2023-04-21 13:54:23 +03:00
go.mod core: bump github.com/spf13/cobra from 0.0.3 to 1.7.0 (#5333) 2023-04-21 11:31:22 +03:00
go.sum core: bump github.com/spf13/cobra from 0.0.3 to 1.7.0 (#5333) 2023-04-21 11:31:22 +03:00
ldap.Dockerfile root: optimise healthchecks (#5337) 2023-04-21 13:32:48 +03:00
LICENSE enterprise: initial license (#5293) 2023-04-19 16:13:45 +02:00
Makefile root: add ruff linter (#5240) 2023-04-18 13:28:19 +02:00
manage.py root: update deprecation warnings 2022-11-25 11:47:28 +01:00
poetry.lock core: bump uvicorn from 0.21.1 to 0.22.0 (#5399) 2023-04-28 11:14:53 +03:00
proxy.Dockerfile core: bump node from 18 to 20 (#5329) 2023-04-21 13:54:23 +03:00
pyproject.toml root: add argon2-cffi (#5294) 2023-04-19 11:22:37 +02:00
radius.Dockerfile root: optimise healthchecks (#5337) 2023-04-21 13:32:48 +03:00
README.md Update README.md (#5188) 2023-04-06 08:07:48 -05:00
schema.yml root: update API schema (#5310) 2023-04-19 16:22:43 +02:00
SECURITY.md website/docs: add new release to sidebar, cleanup (#4926) 2023-03-13 19:04:25 +01:00

authentik logo


Join Discord GitHub Workflow Status GitHub Workflow Status GitHub Workflow Status Code Coverage Docker pulls Latest version

What is authentik?

Authentik is an open-source Identity Provider that emphasizes flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. Authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them.

Installation

For small/test setups it is recommended to use Docker Compose; refer to the documentation.

For bigger setups, there is a Helm Chart here. This is documented here.

Screenshots

Light Dark

Development

See Developer Documentation

Security

See SECURITY.md

Adoption and Contributions

Your organization uses authentik? We'd love to add your logo to the readme and our website! Email us @ hello@goauthentik.io or open a GitHub Issue/PR! For more information on how to contribute to authentik, please refer to our CONTRIBUTING.md file.

Sponsors

This project is proudly sponsored by:

DigitalOcean provides development and testing resources for authentik.