Use AUTHENTIK_BOOTSTRAP_PASSWORD env instead of set_admin_pass function

2024-06-07 11:56:52 +02:00
4 changed files with 4 additions and 26 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,7 +1,7 @@
 TYPE=authentik
 TIMEOUT=900
 ENABLE_AUTO_UPDATE=true
-# POST_DEPLOY_CMDS="worker set_admin_pass|worker apply_blueprints|worker add_applications"
+# POST_DEPLOY_CMDS="worker worker apply_blueprints|worker add_applications"
 LETS_ENCRYPT_ENV=production

 DOMAIN=authentik.example.com
--- a/README.md
+++ b/README.md
@ -35,7 +35,6 @@ abra app secret generate -a <app_name>
 abra app undeploy <app_name>
 abra app deploy <app_name>
 abra app cmd <app_name> db rotate_db_pass
-abra app cmd <app_name> app set_admin_pass
 ```

 ## Add SSO for Nextcloud
--- a/abra.sh
+++ b/abra.sh
@ -73,30 +73,7 @@ with open('/tmp/$1', newline='') as file:
 }

 set_admin_pass() {
-password=$(cat /run/secrets/admin_pass)
-token=$(cat /run/secrets/admin_token)
-/manage.py shell -c """
-akadmin = User.objects.get(username='akadmin')
-akadmin.set_password('$password')
-akadmin.save()
-print('Changed akadmin password')
-
-from authentik.core.models import TokenIntents
-key='$token'
-if (token:= Token.objects.filter(identifier='authentik-bootstrap-token').first()):
-    token.key=key
-    token.save()
-    print('Changed authentik-bootstrap-token')
-else:
-    Token.objects.create(
-        identifier='authentik-bootstrap-token',
-        user=akadmin,
-        intent=TokenIntents.INTENT_API,
-        expiring=False,
-        key=key,
-    )
-    print('Created authentik-bootstrap-token')
-""" 2>&1 | quieten
+echo "The set_admin_pass function is depricated"
 }

 rotate_db_pass() {
--- a/compose.yml
+++ b/compose.yml
@ -8,6 +8,8 @@ x-env: &env
    - AUTHENTIK_REDIS__HOST=redis
    - AUTHENTIK_ERROR_REPORTING__ENABLED
    - AUTHENTIK_SECRET_KEY=file:///run/secrets/secret_key
+    - AUTHENTIK_BOOTSTRAP_PASSWORD=file:///run/secrets/admin_pass
+    - AUTHENTIK_BOOTSTRAP_TOKEN=file:///run/secrets/admin_token
    - AUTHENTIK_EMAIL__HOST
    - AUTHENTIK_EMAIL__PORT
    - AUTHENTIK_EMAIL__USERNAME