setup with post_deploy_cmd
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
e9588c76d5
commit
9a9264cf61
|
@ -1,6 +1,7 @@
|
||||||
TYPE=authentik
|
TYPE=authentik
|
||||||
TIMEOUT=300
|
TIMEOUT=300
|
||||||
ENABLE_AUTO_UPDATE=true
|
ENABLE_AUTO_UPDATE=true
|
||||||
|
POST_DEPLOY_CMDS="app set_admin_pass|worker apply_blueprints"
|
||||||
LETS_ENCRYPT_ENV=production
|
LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
DOMAIN=authentik.example.com
|
DOMAIN=authentik.example.com
|
||||||
|
|
|
@ -25,8 +25,6 @@
|
||||||
* `abra app secret insert <app_name> email_pass v1 <password>`
|
* `abra app secret insert <app_name> email_pass v1 <password>`
|
||||||
* `abra app secret generate -a <app_name>`
|
* `abra app secret generate -a <app_name>`
|
||||||
* `abra app deploy <app-name>`
|
* `abra app deploy <app-name>`
|
||||||
* `abra app cmd <app_name> app set_admin_pass`
|
|
||||||
* `abra app cmd <app_name> worker apply_blueprints`
|
|
||||||
|
|
||||||
## Rotate Secrets
|
## Rotate Secrets
|
||||||
|
|
||||||
|
|
21
abra.sh
21
abra.sh
|
@ -77,25 +77,12 @@ enable_blueprint() {
|
||||||
}
|
}
|
||||||
|
|
||||||
blueprint_state() {
|
blueprint_state() {
|
||||||
TOKEN=$(cat /run/secrets/admin_token)
|
/manage.py shell -c """
|
||||||
python -c """
|
|
||||||
import requests
|
|
||||||
session = requests.Session()
|
|
||||||
my_token='$TOKEN'
|
|
||||||
blueprint_state=$1
|
blueprint_state=$1
|
||||||
blueprint_path='$2'
|
blueprint_path='$2'
|
||||||
resp = session.get(f'https://$DOMAIN/api/v3/managed/blueprints/?path={blueprint_path}', headers={'Authorization':f'Bearer {my_token}'})
|
blueprint = BlueprintInstance.objects.filter(path=blueprint_path).first()
|
||||||
if not resp.ok:
|
blueprint.enabled = blueprint_state
|
||||||
print(f'Error fetching blueprint: {resp.content}')
|
print(f'{blueprint.name} enabled: {blueprint.enabled}')
|
||||||
exit()
|
|
||||||
auth_flow_uuid = resp.json()['results'][0]['pk']
|
|
||||||
blueprint_name = resp.json()['results'][0]['name']
|
|
||||||
params = {'name': blueprint_name,'path': blueprint_path,'context':{},'enabled': blueprint_state}
|
|
||||||
resp = session.put(f'https://$DOMAIN/api/v3/managed/blueprints/{auth_flow_uuid}/', json=params, headers={'Authorization':f'Bearer {my_token}'})
|
|
||||||
if resp.ok:
|
|
||||||
print(f'{blueprint_name} enabled: {blueprint_state}')
|
|
||||||
else:
|
|
||||||
print(f'Error changing blueprint state: {resp.content}')
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue