Compare commits
20 Commits
patch_kima
...
event_dele
| Author | SHA1 | Date | |
|---|---|---|---|
| 93f9a7b4d7 | |||
| 0be7e95f48 | |||
| 4fe52c1e5f | |||
| 248a09c594 | |||
| b957425981 | |||
| 20f99b13ad | |||
| c42017839f | |||
| cdabec1b18 | |||
| a606a84a98 | |||
| a0505e0dec | |||
| 17d40711e0 | |||
| fc33f285f4 | |||
| d1f091da62 | |||
| 3e339228f5 | |||
| c39b6ad25a | |||
| 1ffb62d74a | |||
| 03f8810462 | |||
| d19bf17781 | |||
| 5086df24fb | |||
| e07d57718a |
@ -30,6 +30,7 @@ steps:
|
|||||||
SECRET_ADMIN_TOKEN_VERSION: v1
|
SECRET_ADMIN_TOKEN_VERSION: v1
|
||||||
SECRET_ADMIN_PASS_VERSION: v1
|
SECRET_ADMIN_PASS_VERSION: v1
|
||||||
SECRET_EMAIL_PASS_VERSION: v1
|
SECRET_EMAIL_PASS_VERSION: v1
|
||||||
|
DB_ENTRYPOINT_VERSION: v1
|
||||||
trigger:
|
trigger:
|
||||||
branch:
|
branch:
|
||||||
- main
|
- main
|
||||||
|
|||||||
@ -34,7 +34,6 @@ SECRET_ADMIN_PASS_VERSION=v1
|
|||||||
SECRET_EMAIL_PASS_VERSION=v1
|
SECRET_EMAIL_PASS_VERSION=v1
|
||||||
|
|
||||||
# X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org
|
# X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org
|
||||||
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
|
||||||
|
|
||||||
## FLOW OPTIONS
|
## FLOW OPTIONS
|
||||||
# WELCOME_MESSAGE="Welcome to Authentik"
|
# WELCOME_MESSAGE="Welcome to Authentik"
|
||||||
@ -47,6 +46,12 @@ COPY_ASSETS="flow_background.jpg|app:/web/dist/assets/images/"
|
|||||||
COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/web/dist/assets/icons/"
|
COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/web/dist/assets/icons/"
|
||||||
COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
|
COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
|
||||||
|
|
||||||
|
# Default CSS customisation, just background colour
|
||||||
|
COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||||
|
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||||
|
# Custommise the entire custom CSS file
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||||
|
|
||||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
||||||
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
||||||
# SECRET_NEXTCLOUD_ID_VERSION=v1
|
# SECRET_NEXTCLOUD_ID_VERSION=v1
|
||||||
|
|||||||
21
abra.sh
21
abra.sh
@ -56,15 +56,19 @@ with open('/tmp/$1', newline='') as file:
|
|||||||
email = row[2].strip()
|
email = row[2].strip()
|
||||||
groups = row[3].split(';')
|
groups = row[3].split(';')
|
||||||
if User.objects.filter(username=username):
|
if User.objects.filter(username=username):
|
||||||
|
print(f'{username} already exists')
|
||||||
continue
|
continue
|
||||||
new_user = User.objects.create(name=name, username=username, email=email)
|
new_user = User.objects.create(name=name, username=username, email=email)
|
||||||
|
print(f'{username} created')
|
||||||
for group_name in groups:
|
for group_name in groups:
|
||||||
group_name = group_name.strip()
|
group_name = group_name.strip()
|
||||||
if Group.objects.filter(name=group_name):
|
if Group.objects.filter(name=group_name):
|
||||||
group = Group.objects.get(name=group_name)
|
group = Group.objects.get(name=group_name)
|
||||||
else:
|
else:
|
||||||
group = Group.objects.create(name=group_name)
|
group = Group.objects.create(name=group_name)
|
||||||
|
print(f'{group_name} created')
|
||||||
group.users.add(new_user)
|
group.users.add(new_user)
|
||||||
|
print(f'add {username} to group {group_name}')
|
||||||
""" 2>&1 | quieten
|
""" 2>&1 | quieten
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -172,7 +176,9 @@ for name, url in applications.items():
|
|||||||
|
|
||||||
|
|
||||||
quieten(){
|
quieten(){
|
||||||
grep -v -e '{"event"' -e '{"action"'
|
# 'SyntaxWarning|version_regex|"http\['
|
||||||
|
# is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
|
||||||
|
grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:'
|
||||||
}
|
}
|
||||||
|
|
||||||
add_email_templates(){
|
add_email_templates(){
|
||||||
@ -223,3 +229,16 @@ Brand.objects.filter(default=True).delete()
|
|||||||
""" 2>&1 | quieten
|
""" 2>&1 | quieten
|
||||||
apply_blueprints
|
apply_blueprints
|
||||||
}
|
}
|
||||||
|
|
||||||
|
get_certificate() {
|
||||||
|
/manage.py shell -c """
|
||||||
|
provider_name='$1'
|
||||||
|
if not provider_name:
|
||||||
|
print('no Provider Name given')
|
||||||
|
exit(1)
|
||||||
|
provider = Provider.objects.filter(name=provider_name).first()
|
||||||
|
saml = provider.samlprovider
|
||||||
|
cert = saml.signing_kp
|
||||||
|
print(''.join(cert.certificate_data.splitlines()[1:-1]))
|
||||||
|
""" 2>&1 | quieten
|
||||||
|
}
|
||||||
|
|||||||
76
alaconnect.yml
Normal file
76
alaconnect.yml
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
nextcloud:
|
||||||
|
uncomment:
|
||||||
|
- compose.nextcloud.yml
|
||||||
|
- NEXTCLOUD_DOMAIN
|
||||||
|
- SECRET_NEXTCLOUD_ID_VERSION
|
||||||
|
- SECRET_NEXTCLOUD_SECRET_VERSION
|
||||||
|
- nextcloud.png
|
||||||
|
wordpress:
|
||||||
|
uncomment:
|
||||||
|
- compose.wordpress.yml
|
||||||
|
- WORDPRESS_DOMAIN
|
||||||
|
- WORDPRESS_GROUP
|
||||||
|
- SECRET_WORDPRESS_ID_VERSION
|
||||||
|
- SECRET_WORDPRESS_SECRET_VERSION
|
||||||
|
- wordpress.png
|
||||||
|
matrix-synapse:
|
||||||
|
uncomment:
|
||||||
|
- compose.matrix.yml
|
||||||
|
- ELEMENT_DOMAIN
|
||||||
|
- SECRET_MATRIX_ID_VERSION
|
||||||
|
- SECRET_MATRIX_SECRET_VERSION
|
||||||
|
- matrix.svg
|
||||||
|
secrets:
|
||||||
|
matrix_id: matrix
|
||||||
|
wekan:
|
||||||
|
uncomment:
|
||||||
|
- compose.wekan.yml
|
||||||
|
- WEKAN_DOMAIN
|
||||||
|
- SECRET_WEKAN_ID_VERSION
|
||||||
|
- SECRET_WEKAN_SECRET_VERSION
|
||||||
|
- wekan.png
|
||||||
|
secrets:
|
||||||
|
wekan_id: wekan
|
||||||
|
vikunja:
|
||||||
|
uncomment:
|
||||||
|
- compose.vikunja.yml
|
||||||
|
- VIKUNJA_DOMAIN
|
||||||
|
- SECRET_VIKUNJA_ID_VERSION
|
||||||
|
- SECRET_VIKUNJA_SECRET_VERSION
|
||||||
|
- vikunja.svg
|
||||||
|
secrets:
|
||||||
|
vikunja_id: vikunja
|
||||||
|
monitoring:
|
||||||
|
uncomment:
|
||||||
|
- compose.monitoring.yml
|
||||||
|
- MONITORING_DOMAIN
|
||||||
|
- SECRET_MONITORING_ID_VERSION
|
||||||
|
- SECRET_MONITORING_SECRET_VERSION
|
||||||
|
- monitoring.png
|
||||||
|
outline:
|
||||||
|
uncomment:
|
||||||
|
- compose.outline.yml
|
||||||
|
- OUTLINE_DOMAIN
|
||||||
|
- SECRET_OUTLINE_ID_VERSION
|
||||||
|
- SECRET_OUTLINE_SECRET_VERSION
|
||||||
|
- outline.png
|
||||||
|
secrets:
|
||||||
|
outline_id: outline
|
||||||
|
rallly:
|
||||||
|
uncomment:
|
||||||
|
- compose.rallly.yml
|
||||||
|
- RALLLY_DOMAIN
|
||||||
|
- SECRET_RALLLY_ID_VERSION
|
||||||
|
- SECRET_RALLLY_SECRET_VERSION
|
||||||
|
- rallly.png
|
||||||
|
secrets:
|
||||||
|
rallly_id: rallly
|
||||||
|
hedgedoc:
|
||||||
|
uncomment:
|
||||||
|
- compose.hedgedoc.yml
|
||||||
|
- HEDGEDOC_DOMAIN
|
||||||
|
- SECRET_HEDGEDOC_ID_VERSION
|
||||||
|
- SECRET_HEDGEDOC_SECRET_VERSION
|
||||||
|
- hedgedoc.png
|
||||||
|
secrets:
|
||||||
|
hedgedoc_id: hedgedoc
|
||||||
14
compose.css.yml
Normal file
14
compose.css.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
---
|
||||||
|
version: '3.8'
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
configs:
|
||||||
|
- source: custom_css
|
||||||
|
target: /web/dist/custom.css
|
||||||
|
|
||||||
|
configs:
|
||||||
|
custom_css:
|
||||||
|
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
||||||
|
file: custom.css.tmpl
|
||||||
|
template_driver: golang
|
||||||
15
compose.yml
15
compose.yml
@ -32,7 +32,7 @@ x-env: &env
|
|||||||
version: '3.8'
|
version: '3.8'
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: ghcr.io/goauthentik/server:2024.2.3
|
image: ghcr.io/goauthentik/server:2024.4.2
|
||||||
command: server
|
command: server
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
@ -47,9 +47,6 @@ services:
|
|||||||
- media:/media
|
- media:/media
|
||||||
- assets:/web/dist/assets
|
- assets:/web/dist/assets
|
||||||
- templates:/templates
|
- templates:/templates
|
||||||
configs:
|
|
||||||
- source: custom_css
|
|
||||||
target: /web/dist/custom.css
|
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
- proxy
|
- proxy
|
||||||
@ -76,11 +73,11 @@ services:
|
|||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
||||||
- "coop-cloud.${STACK_NAME}.version=5.1.2+2024.2.3"
|
- "coop-cloud.${STACK_NAME}.version=6.1.1+2024.4.2"
|
||||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||||
|
|
||||||
worker:
|
worker:
|
||||||
image: ghcr.io/goauthentik/server:2024.2.3
|
image: ghcr.io/goauthentik/server:2024.4.2
|
||||||
command: worker
|
command: worker
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
@ -115,7 +112,7 @@ services:
|
|||||||
environment: *env
|
environment: *env
|
||||||
|
|
||||||
db:
|
db:
|
||||||
image: postgres:15.5
|
image: postgres:15.7
|
||||||
secrets:
|
secrets:
|
||||||
- db_password
|
- db_password
|
||||||
configs:
|
configs:
|
||||||
@ -186,10 +183,6 @@ volumes:
|
|||||||
database:
|
database:
|
||||||
|
|
||||||
configs:
|
configs:
|
||||||
custom_css:
|
|
||||||
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
|
||||||
file: custom.css.tmpl
|
|
||||||
template_driver: golang
|
|
||||||
flow_authentication:
|
flow_authentication:
|
||||||
name: ${STACK_NAME}_flow_authentication_${FLOW_AUTHENTICATION_VERSION}
|
name: ${STACK_NAME}_flow_authentication_${FLOW_AUTHENTICATION_VERSION}
|
||||||
file: flow_authentication.yaml.tmpl
|
file: flow_authentication.yaml.tmpl
|
||||||
|
|||||||
19
delete_user.py
Normal file
19
delete_user.py
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
model_actions = ["model_deleted"]
|
||||||
|
model_app = "authentik_core"
|
||||||
|
model_name = "user"
|
||||||
|
|
||||||
|
event = request.context.get("event", None)
|
||||||
|
if not event:
|
||||||
|
ak_logger.info("delete_user: No event")
|
||||||
|
return False
|
||||||
|
if event.action not in model_actions:
|
||||||
|
ak_logger.info("delete_user: Non-matching action")
|
||||||
|
return False
|
||||||
|
if (
|
||||||
|
event.context["model"]["app"] != model_app
|
||||||
|
or event.context["model"]["model_name"] != model_name
|
||||||
|
):
|
||||||
|
ak_logger.info("delete_user: Invalid model")
|
||||||
|
return False
|
||||||
|
|
||||||
|
ak_logger.info(f'model: {event.context["model"]}')
|
||||||
1
release/6.0.0+2024.4.0
Normal file
1
release/6.0.0+2024.4.0
Normal file
@ -0,0 +1 @@
|
|||||||
|
Alerta! ⚠️ If you are using AUTHENTIK_COLOR_BACKGROUND_LIGHT, you will need to set COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||||
1
release/6.1.0+2024.4.2
Normal file
1
release/6.1.0+2024.4.2
Normal file
@ -0,0 +1 @@
|
|||||||
|
Blueprint for Kimai SSO integration added
|
||||||
Reference in New Issue
Block a user