chore: publish 3.2.0+2023.6.1 release

.env.sample

@@ -1,7 +1,7 @@
 TYPE=authentik
 TIMEOUT=300
 ENABLE_AUTO_UPDATE=true
-POST_DEPLOY_CMDS="worker set_admin_pass|worker apply_blueprints|worker add_applications"
+# POST_DEPLOY_CMDS="worker set_admin_pass|worker apply_blueprints|worker add_applications"
 LETS_ENCRYPT_ENV=production
 
 DOMAIN=authentik.example.com
@@ -12,6 +12,9 @@ AUTHENTIK_LOG_LEVEL=info
 # AUTHENTIK_FOOTER_LINKS='[{"name": "My Organization","href":"https://example.com"}]'
 # WORKERS=1
 
+## Outpost Integration
+# COMPOSE_FILE="$COMPOSE_FILE:compose.outposts.yml"
+
 ## EMAIL
 AUTHENTIK_EMAIL__HOST=smtp
 AUTHENTIK_EMAIL__PORT=587
@@ -56,7 +59,7 @@ COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
 # APP_ICONS="$APP_ICONS wordpress:~/.abra/recipes/authentik/icons/wordpress.png"
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
-# ELEMENT_DOMAIN=element.example.com
+# ELEMENT_DOMAIN=element-web.example.com
 # SECRET_MATRIX_ID_VERSION=v1
 # SECRET_MATRIX_SECRET_VERSION=v1
 # APP_ICONS="$APP_ICONS matrix:~/.abra/recipes/authentik/icons/matrix.svg"

abra.sh

@@ -1,5 +1,5 @@
 export CUSTOM_CSS_VERSION=v2
-export FLOW_AUTHENTICATION_VERSION=v1
+export FLOW_AUTHENTICATION_VERSION=v2
 export FLOW_INVITATION_VERSION=v1
 export FLOW_INVALIDATION_VERSION=v1
 export FLOW_RECOVERY_VERSION=v1

compose.outposts.yml

@@ -0,0 +1,6 @@
+version: "3.8"
+services:
+  worker:
+    user: root
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock

compose.yml

@@ -32,7 +32,7 @@ x-env: &env
 version: '3.8'
 services:
   app:
-    image: ghcr.io/goauthentik/server:2023.3.1
+    image: ghcr.io/goauthentik/server:2023.6.1
     command: server
     secrets:
       - db_password
@@ -50,7 +50,7 @@ services:
       - internal
       - proxy
     healthcheck:
-      test: ["CMD", "curl", "-f", "localhost:9000/-/health/live/"]
+      test: "bash -c 'printf \"GET / HTTP/1.1\n\n\" > /dev/tcp/127.0.0.1/9000; exit $$?;'"
       interval: 30s
       timeout: 10s
       retries: 10
@@ -72,11 +72,11 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=3.1.2+2023.3.1"
+        - "coop-cloud.${STACK_NAME}.version=3.2.0+2023.6.1"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
   worker:
-    image: ghcr.io/goauthentik/server:2023.3.1
+    image: ghcr.io/goauthentik/server:2023.6.1
     command: worker
     secrets:
       - db_password
@@ -87,11 +87,9 @@ services:
     networks:
       - internal
       - proxy
-    user: root
     volumes:
       - backups:/backups
       - media:/media
-      - /var/run/docker.sock:/var/run/docker.sock
       - /dev/null:/blueprints/default/flow-oobe.yaml
     configs:
       - source: flow_recovery
@@ -109,7 +107,7 @@ services:
     environment: *env
 
   db:
-    image: postgres:12.14-alpine
+    image: postgres:12.15-alpine
     secrets:
       - db_password
     volumes:
@@ -134,7 +132,7 @@ services:
           backupbot.backup.path: "/var/lib/postgresql/data"
 
   redis:
-    image:  redis:7.0.10-alpine
+    image:  redis:7.0.12-alpine
     networks:
       - internal
     healthcheck:

flow_authentication.yaml.tmpl

@@ -22,7 +22,9 @@ entries:
   attrs:
     name: !Context welcome_message
     title: !Context welcome_message
-
+    user_fields:
+    - email
+    - username
 ### STAGES
 - identifiers:
     name: default-authentication-identification
@@ -30,6 +32,9 @@ entries:
   attrs:
     password_stage: !Find [authentik_stages_password.passwordstage, [name, default-authentication-password]]
     recovery_flow: !Find [authentik_flows.flow, [slug, default-recovery-flow]]
+    user_fields:
+    - email
+    - username
 
 - identifiers:
     name: default-authentication-login

release/next

@@ -0,0 +1 @@
+If you use your own outpost you need to uncomment COMPOSE_FILE="$COMPOSE_FILE:compose.outposts.yml" to expose the docker socket again.