setup with post_deploy_cmd

2023-04-18 18:20:36 +02:00 · 2023-04-18 18:20:36 +02:00 · 9a9264cf61
parent e9588c76d5
commit 9a9264cf61
3 changed files with 5 additions and 19 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,6 +1,7 @@
 TYPE=authentik
 TIMEOUT=300
 ENABLE_AUTO_UPDATE=true
+POST_DEPLOY_CMDS="app set_admin_pass|worker apply_blueprints"
 LETS_ENCRYPT_ENV=production

 DOMAIN=authentik.example.com
--- a/README.md
+++ b/README.md
@ -25,8 +25,6 @@
 * `abra app secret insert <app_name> email_pass v1 <password>`
 * `abra app secret generate -a <app_name>`
 * `abra app deploy <app-name>`
-* `abra app cmd <app_name> app set_admin_pass`
-* `abra app cmd <app_name> worker apply_blueprints`

 ## Rotate Secrets

--- a/abra.sh
+++ b/abra.sh
@ -77,25 +77,12 @@ enable_blueprint() {
 }

 blueprint_state() {
-TOKEN=$(cat /run/secrets/admin_token)
-python -c """
-import requests
-session = requests.Session()
-my_token='$TOKEN'
+/manage.py shell -c """
 blueprint_state=$1
 blueprint_path='$2'
-resp = session.get(f'https://$DOMAIN/api/v3/managed/blueprints/?path={blueprint_path}', headers={'Authorization':f'Bearer {my_token}'})
-if not resp.ok:
-    print(f'Error fetching blueprint: {resp.content}')
-    exit()
-auth_flow_uuid = resp.json()['results'][0]['pk']
-blueprint_name = resp.json()['results'][0]['name']
-params = {'name': blueprint_name,'path': blueprint_path,'context':{},'enabled': blueprint_state}
-resp = session.put(f'https://$DOMAIN/api/v3/managed/blueprints/{auth_flow_uuid}/', json=params, headers={'Authorization':f'Bearer {my_token}'})
-if resp.ok:
-    print(f'{blueprint_name} enabled: {blueprint_state}')
-else:
-    print(f'Error changing blueprint state: {resp.content}')
+blueprint = BlueprintInstance.objects.filter(path=blueprint_path).first()
+blueprint.enabled = blueprint_state
+print(f'{blueprint.name} enabled: {blueprint.enabled}')
 """

 }