shortened secrets, added healthcheck, removed debug log

.env.sample

@@ -103,7 +103,6 @@ FILE_STORAGE_UPLOAD_MAX_SIZE=26214400
 # SECRET_AGS_OUTLINE_TOKEN_VERSION=v1 
 # SECRET_AGS_AUTHENTIK_TOKEN_VERSION=v1
 # SECRET_AGS_WEBHOOK_SECRET_VERSION=v1
-# SECRET_AGS_WEBHOOK_SECRET_VERSION=v1
 # AGS_AUTO_CREATE_GROUPS=True
 # #AGS_SYNC_GROUP_REGEX=
 # #AGS_DEBUG=True

README.md

@@ -88,7 +88,7 @@ revisions to (instead of deleting them).
 
 - and insert them as secrets:
 ```
-abra app secret insert YOURAPPNAME ags_outline_token v1 SECRETVALUE
-abra app secret insert YOURAPPNAME ags_authentik_token v1 SECRETVALUE
-abra app secret insert YOURAPPNAME ags_webhook_secret v1 SECRETVALUE
+abra app secret insert YOURAPPNAME agsoutline v1 SECRETVALUE
+abra app secret insert YOURAPPNAME agsauthentik v1 SECRETVALUE
+abra app secret insert YOURAPPNAME agswebhook v1 SECRETVALUE
 ```

compose.authentikgroupsync.yml

@@ -3,21 +3,23 @@ version: "3.8"
 
 services:
   outline-authentik-connector:
-    image: burritosoftware/outline-authentik-connector:latest
+    image: burritosoftware/outline-authentik-connector:1.2
 
     secrets:
-      - ags_outline_token
-      - ags_authentik_token
-      - ags_webhook_secret
+      - agsoutline
+      - agsauthentik
+      - agswebhook
+      
     environment:
       - AUTHENTIK_URL=${AGS_AUTHENTIK_URL}
       - OUTLINE_URL=https://${DOMAIN}
-      - OUTLINE_TOKEN_FILE=/var/run/secrets/ags_outline_token
-      - OUTLINE_WEBHOOK_SECRET_FILE=/var/run/secrets/ags_webhook_secret
-      - AUTHENTIK_TOKEN_FILE=/var/run/secrets/ags_authentik_token
+      - OUTLINE_TOKEN_FILE=/var/run/secrets/agsoutline
+      - OUTLINE_WEBHOOK_SECRET_FILE=/var/run/secrets/agswebhook
+      - AUTHENTIK_TOKEN_FILE=/var/run/secrets/agsauthentik
       - AUTO_CREATE_GROUPS=${AGS_AUTO_CREATE_GROUPS:-True}
       - DEBUG=${AGS_DEBUG:-False}
       - SYNC_GROUP_REGEX=${AGS_SYNC_GROUP_REGEX:-.*}
+
     deploy:
       labels:
         - "traefik.enable=true"
@@ -26,6 +28,12 @@ services:
         - "traefik.http.routers.sync-router.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.services.sync-router.loadbalancer.server.port=80"
 
+    healthcheck:
+      test: ["CMD-SHELL", "wget -qO- http://0.0.0.0:80/ | grep -q '\"status\":\"running\"' || exit 1"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+
     networks:
       - backend
       - proxy
@@ -38,14 +46,14 @@ services:
     entrypoint: /docker-entrypoint.sh
 
 secrets:
-  ags_outline_token:
-    name: ${STACK_NAME}_ags_outline_token_${SECRET_AGS_OUTLINE_TOKEN_VERSION}
+  agsoutline:
+    name: ${STACK_NAME}_agsoutline_${SECRET_AGS_OUTLINE_TOKEN_VERSION}
     external: true
-  ags_authentik_token:
-    name: ${STACK_NAME}_ags_authentik_token_${SECRET_AGS_AUTHENTIK_TOKEN_VERSION}
+  agsauthentik:
+    name: ${STACK_NAME}_agsauthentik_${SECRET_AGS_AUTHENTIK_TOKEN_VERSION}
     external: true
-  ags_webhook_secret:
-    name: ${STACK_NAME}_ags_webhook_secret_${SECRET_AGS_WEBHOOK_SECRET_VERSION}
+  agswebhook:
+    name: ${STACK_NAME}_agswebhook_${SECRET_AGS_WEBHOOK_SECRET_VERSION}
     external: true
 
 configs:

entrypoint.authentikgroupsync.sh

@@ -23,8 +23,6 @@ for var in $(env | grep "_FILE="); do
     key=$(echo "$var" | sed 's/_FILE=.*//')
     value=$(echo "$var" | sed 's/.*_FILE=//')
     load_secret "$key" "$value"
-
-    echo "loaded $key=$value"
 done
 
 exec uvicorn connect:app --host=0.0.0.0 --port=80