From 68eda3e2d705b755b92b0ed7ce4c3e8e665c56bc Mon Sep 17 00:00:00 2001
From: Simon <simonthiessen@posteo.de>
Date: Wed, 17 Apr 2024 14:59:23 +0200
Subject: [PATCH] WIP upgrade

---
 .drone.yml                                        |  2 +-
 README.md                                         |  8 ++++----
 abra.sh                                           | 10 +++++-----
 compose.yml                                       | 12 ++++++------
 custom_flows.yaml.tmpl                            |  4 ++--
 flow_authentication.yaml.tmpl                     |  2 +-
 release/5.1.0+2024.2.2                            |  1 +
 system_tenant.yaml.tmpl => system_brand.yaml.tmpl |  8 ++++----
 8 files changed, 24 insertions(+), 23 deletions(-)
 create mode 100644 release/5.1.0+2024.2.2
 rename system_tenant.yaml.tmpl => system_brand.yaml.tmpl (86%)

diff --git a/.drone.yml b/.drone.yml
index 59911cd..42bf6fe 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -23,7 +23,7 @@ steps:
       FLOW_INVALIDATION_VERSION: v1
       FLOW_RECOVERY_VERSION: v1
       FLOW_TRANSLATION_VERSION: v1
-      SYSTEM_TENANT_VERSION: v1
+      SYSTEM_BRAND_VERSION: v1
       NEXTCLOUD_CONFIG_VERSION: v1
       SECRET_SECRET_KEY_VERSION: v1
       SECRET_DB_PASSWORD_VERSION: v1
diff --git a/README.md b/README.md
index 0b89d75..7e6ac5b 100644
--- a/README.md
+++ b/README.md
@@ -167,8 +167,8 @@ The `abra.sh` function `apply_blueprints` needs to be executed to deactivate the
     - Default - Source enrollment flow
         - OVERWRITE:
             - `default-source-enrollment-field-username`
-- Custom System Tenant
-    - Default - Tenant
+- Custom System Brand
+    - Default - Brand
         - APPEND: `authentik_brands.brand  domain: authentik-default`
     - Recovery with email verification
         - USE:
@@ -177,8 +177,8 @@ The `abra.sh` function `apply_blueprints` needs to be executed to deactivate the
 
 ### Blueprint Dependency Execution Order
 
-5. Custom System Tenant
-    - Default - Tenant
+5. Custom System Brand
+    - Default - Brand
     1. Recovery with email verification
         - Default - Authentication flow
             - Default - Password change flow
diff --git a/abra.sh b/abra.sh
index 86ee41d..858a449 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,17 +1,17 @@
 export CUSTOM_CSS_VERSION=v2
-export FLOW_AUTHENTICATION_VERSION=v3
+export FLOW_AUTHENTICATION_VERSION=v4
 export FLOW_INVITATION_VERSION=v2
 export FLOW_INVALIDATION_VERSION=v2
 export FLOW_RECOVERY_VERSION=v1
 export FLOW_TRANSLATION_VERSION=v3
-export SYSTEM_TENANT_VERSION=v3
+export SYSTEM_BRAND_VERSION=v3
 export NEXTCLOUD_CONFIG_VERSION=v1
 export WORDPRESS_CONFIG_VERSION=v2
 export MATRIX_CONFIG_VERSION=v1
 export WEKAN_CONFIG_VERSION=v3
 export VIKUNJA_CONFIG_VERSION=v1
-export OUTLINE_CONFIG_VERSION=v1
-export RALLLY_CONFIG_VERSION=v1
+export OUTLINE_CONFIG_VERSION=v2
+export RALLLY_CONFIG_VERSION=v2
 export HEDGEDOC_CONFIG_VERSION=v1
 export MONITORING_CONFIG_VERSION=v1
 export DB_ENTRYPOINT_VERSION=v1
@@ -218,7 +218,7 @@ delete_flows = ['default-recovery-flow' , 'custom-authentication-flow' , 'invita
 Flow.objects.filter(slug__in=delete_flows).delete()
 Stage.objects.filter(flow=None).delete()
 Prompt.objects.filter(promptstage=None).delete()
-Tenant.objects.filter(default=True).delete()
+Brand.objects.filter(default=True).delete()
 """ 2>&1 | quieten
 apply_blueprints
 }
diff --git a/compose.yml b/compose.yml
index 30f4611..834c1ed 100644
--- a/compose.yml
+++ b/compose.yml
@@ -76,7 +76,7 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=5.0.2+2024.2.2"
+        - "coop-cloud.${STACK_NAME}.version=5.1.0+2024.2.2"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
   worker:
@@ -108,8 +108,8 @@ services:
         target: /blueprints/3_flow_translation.yaml
       - source: flow_invitation
         target: /blueprints/4_flow_invitation.yaml
-      - source: system_tenant
-        target: /blueprints/5_system_tenant.yaml
+      - source: system_brand
+        target: /blueprints/5_system_brand.yaml
       - source: flow_invalidation
         target: /blueprints/6_flow_invalidation.yaml
     environment: *env
@@ -210,9 +210,9 @@ configs:
     name: ${STACK_NAME}_flow_translation_${FLOW_TRANSLATION_VERSION}
     file: flow_translation.yaml.tmpl
     template_driver: golang
-  system_tenant:
-    name: ${STACK_NAME}_system_tenant_${SYSTEM_TENANT_VERSION}
-    file: system_tenant.yaml.tmpl
+  system_brand:
+    name: ${STACK_NAME}_system_brand_${SYSTEM_BRAND_VERSION}
+    file: system_brand.yaml.tmpl
     template_driver: golang
   db_entrypoint:
     name: ${STACK_NAME}_db_entrypoint_${DB_ENTRYPOINT_VERSION}
diff --git a/custom_flows.yaml.tmpl b/custom_flows.yaml.tmpl
index 215107d..bd32114 100644
--- a/custom_flows.yaml.tmpl
+++ b/custom_flows.yaml.tmpl
@@ -384,7 +384,7 @@ entries:
     enabled: {{ if eq (env "LOGOUT_REDIRECT") "" }} false {{ else }} true {{ end }}
     timeout: 30
 
-######## System Tenant ##########
+######## System Brand ##########
 - attrs:
     attributes:
       settings:
@@ -401,5 +401,5 @@ entries:
     flow_user_settings: !Find [authentik_flows.flow, [slug, default-user-settings-flow]]
   identifiers:
     pk: 047cce25-aae2-4b02-9f96-078e155f803d
-  id: system_tenant
+  id: system_brand
   model: authentik_brands.brand
diff --git a/flow_authentication.yaml.tmpl b/flow_authentication.yaml.tmpl
index 7484f04..c343e8b 100644
--- a/flow_authentication.yaml.tmpl
+++ b/flow_authentication.yaml.tmpl
@@ -37,7 +37,7 @@ entries:
     name: default-authentication-login
   model: authentik_stages_user_login.userloginstage
   attrs:
-    session_duration: seconds=0
+    session_duration: days=30
 
 # After the first run this will produce a RelatedObjectDoesNotExist error
 - identifiers:
diff --git a/release/5.1.0+2024.2.2 b/release/5.1.0+2024.2.2
new file mode 100644
index 0000000..0747cbd
--- /dev/null
+++ b/release/5.1.0+2024.2.2
@@ -0,0 +1 @@
+Due to blueprint changes, you need to run the following command after upgrading: abra app cmd -C <Domain> worker apply_blueprints 
\ No newline at end of file
diff --git a/system_tenant.yaml.tmpl b/system_brand.yaml.tmpl
similarity index 86%
rename from system_tenant.yaml.tmpl
rename to system_brand.yaml.tmpl
index 160173b..9ce850f 100644
--- a/system_tenant.yaml.tmpl
+++ b/system_brand.yaml.tmpl
@@ -2,13 +2,13 @@ version: 1
 metadata:
   labels:
     blueprints.goauthentik.io/instantiate: "true"
-  name: Custom System Tenant
+  name: Custom System brand
 entries:
 ### DEPENDENCIES
 - model: authentik_blueprints.metaapplyblueprint
   attrs:
     identifiers:
-      name: Default - Tenant
+      name: Default - Brand
     required: true
 - model: authentik_blueprints.metaapplyblueprint
   attrs:
@@ -17,8 +17,8 @@ entries:
     required: true
 
 
-### SYSTEM TENANT
-# remove custom tenant from old recipe
+### SYSTEM BRAND
+# remove custom brand from old recipe
 - identifiers:
     domain: {{ env "DOMAIN" }}
   model: authentik_brands.brand