Compare commits
20 Commits
patch_kima
...
event_dele
| Author | SHA1 | Date | |
|---|---|---|---|
| 93f9a7b4d7 | |||
| 0be7e95f48 | |||
| 4fe52c1e5f | |||
| 248a09c594 | |||
| b957425981 | |||
| 20f99b13ad | |||
| c42017839f | |||
| cdabec1b18 | |||
| a606a84a98 | |||
| a0505e0dec | |||
| 17d40711e0 | |||
| fc33f285f4 | |||
| d1f091da62 | |||
| 3e339228f5 | |||
| c39b6ad25a | |||
| 1ffb62d74a | |||
| 03f8810462 | |||
| d19bf17781 | |||
| 5086df24fb | |||
| e07d57718a |
@ -30,6 +30,7 @@ steps:
|
||||
SECRET_ADMIN_TOKEN_VERSION: v1
|
||||
SECRET_ADMIN_PASS_VERSION: v1
|
||||
SECRET_EMAIL_PASS_VERSION: v1
|
||||
DB_ENTRYPOINT_VERSION: v1
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
|
||||
@ -34,7 +34,6 @@ SECRET_ADMIN_PASS_VERSION=v1
|
||||
SECRET_EMAIL_PASS_VERSION=v1
|
||||
|
||||
# X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org
|
||||
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
|
||||
## FLOW OPTIONS
|
||||
# WELCOME_MESSAGE="Welcome to Authentik"
|
||||
@ -47,6 +46,12 @@ COPY_ASSETS="flow_background.jpg|app:/web/dist/assets/images/"
|
||||
COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/web/dist/assets/icons/"
|
||||
COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
|
||||
|
||||
# Default CSS customisation, just background colour
|
||||
COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
# Custommise the entire custom CSS file
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
||||
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
||||
# SECRET_NEXTCLOUD_ID_VERSION=v1
|
||||
|
||||
21
abra.sh
21
abra.sh
@ -56,15 +56,19 @@ with open('/tmp/$1', newline='') as file:
|
||||
email = row[2].strip()
|
||||
groups = row[3].split(';')
|
||||
if User.objects.filter(username=username):
|
||||
print(f'{username} already exists')
|
||||
continue
|
||||
new_user = User.objects.create(name=name, username=username, email=email)
|
||||
print(f'{username} created')
|
||||
for group_name in groups:
|
||||
group_name = group_name.strip()
|
||||
if Group.objects.filter(name=group_name):
|
||||
group = Group.objects.get(name=group_name)
|
||||
else:
|
||||
group = Group.objects.create(name=group_name)
|
||||
print(f'{group_name} created')
|
||||
group.users.add(new_user)
|
||||
print(f'add {username} to group {group_name}')
|
||||
""" 2>&1 | quieten
|
||||
}
|
||||
|
||||
@ -172,7 +176,9 @@ for name, url in applications.items():
|
||||
|
||||
|
||||
quieten(){
|
||||
grep -v -e '{"event"' -e '{"action"'
|
||||
# 'SyntaxWarning|version_regex|"http\['
|
||||
# is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
|
||||
grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:'
|
||||
}
|
||||
|
||||
add_email_templates(){
|
||||
@ -223,3 +229,16 @@ Brand.objects.filter(default=True).delete()
|
||||
""" 2>&1 | quieten
|
||||
apply_blueprints
|
||||
}
|
||||
|
||||
get_certificate() {
|
||||
/manage.py shell -c """
|
||||
provider_name='$1'
|
||||
if not provider_name:
|
||||
print('no Provider Name given')
|
||||
exit(1)
|
||||
provider = Provider.objects.filter(name=provider_name).first()
|
||||
saml = provider.samlprovider
|
||||
cert = saml.signing_kp
|
||||
print(''.join(cert.certificate_data.splitlines()[1:-1]))
|
||||
""" 2>&1 | quieten
|
||||
}
|
||||
|
||||
76
alaconnect.yml
Normal file
76
alaconnect.yml
Normal file
@ -0,0 +1,76 @@
|
||||
nextcloud:
|
||||
uncomment:
|
||||
- compose.nextcloud.yml
|
||||
- NEXTCLOUD_DOMAIN
|
||||
- SECRET_NEXTCLOUD_ID_VERSION
|
||||
- SECRET_NEXTCLOUD_SECRET_VERSION
|
||||
- nextcloud.png
|
||||
wordpress:
|
||||
uncomment:
|
||||
- compose.wordpress.yml
|
||||
- WORDPRESS_DOMAIN
|
||||
- WORDPRESS_GROUP
|
||||
- SECRET_WORDPRESS_ID_VERSION
|
||||
- SECRET_WORDPRESS_SECRET_VERSION
|
||||
- wordpress.png
|
||||
matrix-synapse:
|
||||
uncomment:
|
||||
- compose.matrix.yml
|
||||
- ELEMENT_DOMAIN
|
||||
- SECRET_MATRIX_ID_VERSION
|
||||
- SECRET_MATRIX_SECRET_VERSION
|
||||
- matrix.svg
|
||||
secrets:
|
||||
matrix_id: matrix
|
||||
wekan:
|
||||
uncomment:
|
||||
- compose.wekan.yml
|
||||
- WEKAN_DOMAIN
|
||||
- SECRET_WEKAN_ID_VERSION
|
||||
- SECRET_WEKAN_SECRET_VERSION
|
||||
- wekan.png
|
||||
secrets:
|
||||
wekan_id: wekan
|
||||
vikunja:
|
||||
uncomment:
|
||||
- compose.vikunja.yml
|
||||
- VIKUNJA_DOMAIN
|
||||
- SECRET_VIKUNJA_ID_VERSION
|
||||
- SECRET_VIKUNJA_SECRET_VERSION
|
||||
- vikunja.svg
|
||||
secrets:
|
||||
vikunja_id: vikunja
|
||||
monitoring:
|
||||
uncomment:
|
||||
- compose.monitoring.yml
|
||||
- MONITORING_DOMAIN
|
||||
- SECRET_MONITORING_ID_VERSION
|
||||
- SECRET_MONITORING_SECRET_VERSION
|
||||
- monitoring.png
|
||||
outline:
|
||||
uncomment:
|
||||
- compose.outline.yml
|
||||
- OUTLINE_DOMAIN
|
||||
- SECRET_OUTLINE_ID_VERSION
|
||||
- SECRET_OUTLINE_SECRET_VERSION
|
||||
- outline.png
|
||||
secrets:
|
||||
outline_id: outline
|
||||
rallly:
|
||||
uncomment:
|
||||
- compose.rallly.yml
|
||||
- RALLLY_DOMAIN
|
||||
- SECRET_RALLLY_ID_VERSION
|
||||
- SECRET_RALLLY_SECRET_VERSION
|
||||
- rallly.png
|
||||
secrets:
|
||||
rallly_id: rallly
|
||||
hedgedoc:
|
||||
uncomment:
|
||||
- compose.hedgedoc.yml
|
||||
- HEDGEDOC_DOMAIN
|
||||
- SECRET_HEDGEDOC_ID_VERSION
|
||||
- SECRET_HEDGEDOC_SECRET_VERSION
|
||||
- hedgedoc.png
|
||||
secrets:
|
||||
hedgedoc_id: hedgedoc
|
||||
14
compose.css.yml
Normal file
14
compose.css.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
configs:
|
||||
- source: custom_css
|
||||
target: /web/dist/custom.css
|
||||
|
||||
configs:
|
||||
custom_css:
|
||||
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
||||
file: custom.css.tmpl
|
||||
template_driver: golang
|
||||
15
compose.yml
15
compose.yml
@ -32,7 +32,7 @@ x-env: &env
|
||||
version: '3.8'
|
||||
services:
|
||||
app:
|
||||
image: ghcr.io/goauthentik/server:2024.2.3
|
||||
image: ghcr.io/goauthentik/server:2024.4.2
|
||||
command: server
|
||||
depends_on:
|
||||
- db
|
||||
@ -47,9 +47,6 @@ services:
|
||||
- media:/media
|
||||
- assets:/web/dist/assets
|
||||
- templates:/templates
|
||||
configs:
|
||||
- source: custom_css
|
||||
target: /web/dist/custom.css
|
||||
networks:
|
||||
- internal
|
||||
- proxy
|
||||
@ -76,11 +73,11 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
||||
- "coop-cloud.${STACK_NAME}.version=5.1.2+2024.2.3"
|
||||
- "coop-cloud.${STACK_NAME}.version=6.1.1+2024.4.2"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
|
||||
worker:
|
||||
image: ghcr.io/goauthentik/server:2024.2.3
|
||||
image: ghcr.io/goauthentik/server:2024.4.2
|
||||
command: worker
|
||||
depends_on:
|
||||
- db
|
||||
@ -115,7 +112,7 @@ services:
|
||||
environment: *env
|
||||
|
||||
db:
|
||||
image: postgres:15.5
|
||||
image: postgres:15.7
|
||||
secrets:
|
||||
- db_password
|
||||
configs:
|
||||
@ -186,10 +183,6 @@ volumes:
|
||||
database:
|
||||
|
||||
configs:
|
||||
custom_css:
|
||||
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
||||
file: custom.css.tmpl
|
||||
template_driver: golang
|
||||
flow_authentication:
|
||||
name: ${STACK_NAME}_flow_authentication_${FLOW_AUTHENTICATION_VERSION}
|
||||
file: flow_authentication.yaml.tmpl
|
||||
|
||||
19
delete_user.py
Normal file
19
delete_user.py
Normal file
@ -0,0 +1,19 @@
|
||||
model_actions = ["model_deleted"]
|
||||
model_app = "authentik_core"
|
||||
model_name = "user"
|
||||
|
||||
event = request.context.get("event", None)
|
||||
if not event:
|
||||
ak_logger.info("delete_user: No event")
|
||||
return False
|
||||
if event.action not in model_actions:
|
||||
ak_logger.info("delete_user: Non-matching action")
|
||||
return False
|
||||
if (
|
||||
event.context["model"]["app"] != model_app
|
||||
or event.context["model"]["model_name"] != model_name
|
||||
):
|
||||
ak_logger.info("delete_user: Invalid model")
|
||||
return False
|
||||
|
||||
ak_logger.info(f'model: {event.context["model"]}')
|
||||
1
release/6.0.0+2024.4.0
Normal file
1
release/6.0.0+2024.4.0
Normal file
@ -0,0 +1 @@
|
||||
Alerta! ⚠️ If you are using AUTHENTIK_COLOR_BACKGROUND_LIGHT, you will need to set COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||
1
release/6.1.0+2024.4.2
Normal file
1
release/6.1.0+2024.4.2
Normal file
@ -0,0 +1 @@
|
||||
Blueprint for Kimai SSO integration added
|
||||
Reference in New Issue
Block a user