forked from coop-cloud/authentik
Compare commits
2 Commits
main
...
patch_kima
Author | SHA1 | Date | |
---|---|---|---|
18aca9d362 | |||
ba779c430e |
@ -30,7 +30,6 @@ steps:
|
||||
SECRET_ADMIN_TOKEN_VERSION: v1
|
||||
SECRET_ADMIN_PASS_VERSION: v1
|
||||
SECRET_EMAIL_PASS_VERSION: v1
|
||||
DB_ENTRYPOINT_VERSION: v1
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
|
22
.env.sample
22
.env.sample
@ -1,7 +1,6 @@
|
||||
TYPE=authentik
|
||||
TIMEOUT=900
|
||||
ENABLE_AUTO_UPDATE=true
|
||||
POST_DEPLOY_CMDS="worker set_admin_pass"
|
||||
# POST_DEPLOY_CMDS="worker set_admin_pass|worker apply_blueprints|worker add_applications"
|
||||
LETS_ENCRYPT_ENV=production
|
||||
|
||||
@ -18,9 +17,6 @@ AUTHENTIK_LOG_LEVEL=info
|
||||
## Outpost Integration
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.outposts.yml"
|
||||
|
||||
## ADMIN
|
||||
AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com
|
||||
|
||||
## EMAIL
|
||||
AUTHENTIK_EMAIL__HOST=smtp
|
||||
AUTHENTIK_EMAIL__PORT=587
|
||||
@ -38,6 +34,7 @@ SECRET_ADMIN_PASS_VERSION=v1
|
||||
SECRET_EMAIL_PASS_VERSION=v1
|
||||
|
||||
# X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org
|
||||
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
|
||||
## FLOW OPTIONS
|
||||
# WELCOME_MESSAGE="Welcome to Authentik"
|
||||
@ -50,12 +47,6 @@ COPY_ASSETS="flow_background.jpg|app:/web/dist/assets/images/"
|
||||
COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/web/dist/assets/icons/"
|
||||
COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
|
||||
|
||||
# Default CSS customisation, just background colour
|
||||
COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||
AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
# Custommise the entire custom CSS file
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
||||
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
||||
# SECRET_NEXTCLOUD_ID_VERSION=v1
|
||||
@ -71,7 +62,6 @@ AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
|
||||
# ELEMENT_DOMAIN=element-web.example.com
|
||||
# MATRIX_DOMAIN=matrix-synapse.example.com
|
||||
# SECRET_MATRIX_ID_VERSION=v1
|
||||
# SECRET_MATRIX_SECRET_VERSION=v1
|
||||
# APP_ICONS="$APP_ICONS matrix:~/.abra/recipes/authentik/icons/matrix.svg"
|
||||
@ -98,17 +88,13 @@ AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
# KIMAI_DOMAIN=kimai.example.com
|
||||
# SECRET_KIMAI_ID_VERSION=v1
|
||||
# SECRET_KIMAI_SECRET_VERSION=v1
|
||||
# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai_logo.png"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.zammad.yml"
|
||||
# ZAMMAD_DOMAIN=zammad.example.com
|
||||
# APP_ICONS="$APP_ICONS zammad:~/.abra/recipes/authentik/icons/zammad.svg"
|
||||
# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai.png"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"
|
||||
# MONITORING_DOMAIN=monitoring.example.com
|
||||
# SECRET_MONITORING_ID_VERSION=v1
|
||||
# SECRET_MONITORING_SECRET_VERSION=v1
|
||||
# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.svg"
|
||||
# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.png"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.rallly.yml"
|
||||
# RALLLY_DOMAIN=rallly.example.com
|
||||
@ -124,4 +110,4 @@ AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
|
||||
|
||||
# APPLICATIONS='{"Calendar": "https://nextcloud.example.com/apps/calendar/", "BBB": "https://nextcloud.example.com/apps/bbb/"}'
|
||||
# APP_ICONS="$APP_ICONS Calendar:~/.abra/recipes/authentik/icons/calendar.svg"
|
||||
# APP_ICONS="$APP_ICONS BBB:~/.abra/recipes/authentik/icons/bbb.png"
|
||||
# APP_ICONS="$APP_ICONS BBB:~/.abra/recipes/authentik/icons/bbb.jpg"
|
||||
|
30
abra.sh
30
abra.sh
@ -12,10 +12,9 @@ export WEKAN_CONFIG_VERSION=v3
|
||||
export VIKUNJA_CONFIG_VERSION=v1
|
||||
export OUTLINE_CONFIG_VERSION=v2
|
||||
export KIMAI_CONFIG_VERSION=v1
|
||||
export ZAMMAD_CONFIG_VERSION=v1
|
||||
export RALLLY_CONFIG_VERSION=v2
|
||||
export HEDGEDOC_CONFIG_VERSION=v1
|
||||
export MONITORING_CONFIG_VERSION=v2
|
||||
export MONITORING_CONFIG_VERSION=v1
|
||||
export DB_ENTRYPOINT_VERSION=v1
|
||||
|
||||
customize() {
|
||||
@ -57,19 +56,15 @@ with open('/tmp/$1', newline='') as file:
|
||||
email = row[2].strip()
|
||||
groups = row[3].split(';')
|
||||
if User.objects.filter(username=username):
|
||||
print(f'{username} already exists')
|
||||
continue
|
||||
new_user = User.objects.create(name=name, username=username, email=email)
|
||||
print(f'{username} created')
|
||||
for group_name in groups:
|
||||
group_name = group_name.strip()
|
||||
if Group.objects.filter(name=group_name):
|
||||
group = Group.objects.get(name=group_name)
|
||||
else:
|
||||
group = Group.objects.create(name=group_name)
|
||||
print(f'{group_name} created')
|
||||
group.users.add(new_user)
|
||||
print(f'add {username} to group {group_name}')
|
||||
""" 2>&1 | quieten
|
||||
}
|
||||
|
||||
@ -177,9 +172,7 @@ for name, url in applications.items():
|
||||
|
||||
|
||||
quieten(){
|
||||
# 'SyntaxWarning|version_regex|"http\['
|
||||
# is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
|
||||
grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:'
|
||||
grep -v -e '{"event"' -e '{"action"'
|
||||
}
|
||||
|
||||
add_email_templates(){
|
||||
@ -230,22 +223,3 @@ Brand.objects.filter(default=True).delete()
|
||||
""" 2>&1 | quieten
|
||||
apply_blueprints
|
||||
}
|
||||
|
||||
get_certificate() {
|
||||
/manage.py shell -c """
|
||||
provider_name='$1'
|
||||
if not provider_name:
|
||||
print('no Provider Name given')
|
||||
exit(1)
|
||||
provider = Provider.objects.filter(name=provider_name).first()
|
||||
saml = provider.samlprovider
|
||||
cert = saml.signing_kp
|
||||
print(''.join(cert.certificate_data.splitlines()[1:-1]))
|
||||
""" 2>&1 | quieten
|
||||
}
|
||||
|
||||
get_user_uid() {
|
||||
/manage.py shell -c """
|
||||
print(User.objects.filter(username='$1').first().uid)
|
||||
""" 2>&1 | quieten
|
||||
}
|
||||
|
@ -1,89 +0,0 @@
|
||||
nextcloud:
|
||||
uncomment:
|
||||
- compose.nextcloud.yml
|
||||
- NEXTCLOUD_DOMAIN
|
||||
- SECRET_NEXTCLOUD_ID_VERSION
|
||||
- SECRET_NEXTCLOUD_SECRET_VERSION
|
||||
- nextcloud.png
|
||||
wordpress:
|
||||
uncomment:
|
||||
- compose.wordpress.yml
|
||||
- WORDPRESS_DOMAIN
|
||||
- WORDPRESS_GROUP
|
||||
- SECRET_WORDPRESS_ID_VERSION
|
||||
- SECRET_WORDPRESS_SECRET_VERSION
|
||||
- wordpress.png
|
||||
matrix-synapse:
|
||||
uncomment:
|
||||
- compose.matrix.yml
|
||||
- ELEMENT_DOMAIN
|
||||
- MATRIX_DOMAIN
|
||||
- SECRET_MATRIX_ID_VERSION
|
||||
- SECRET_MATRIX_SECRET_VERSION
|
||||
- matrix.svg
|
||||
secrets:
|
||||
matrix_id: matrix
|
||||
wekan:
|
||||
uncomment:
|
||||
- compose.wekan.yml
|
||||
- WEKAN_DOMAIN
|
||||
- SECRET_WEKAN_ID_VERSION
|
||||
- SECRET_WEKAN_SECRET_VERSION
|
||||
- wekan.png
|
||||
secrets:
|
||||
wekan_id: wekan
|
||||
vikunja:
|
||||
uncomment:
|
||||
- compose.vikunja.yml
|
||||
- VIKUNJA_DOMAIN
|
||||
- SECRET_VIKUNJA_ID_VERSION
|
||||
- SECRET_VIKUNJA_SECRET_VERSION
|
||||
- vikunja.svg
|
||||
secrets:
|
||||
vikunja_id: vikunja
|
||||
kimai:
|
||||
uncomment:
|
||||
- compose.kimai.yml
|
||||
- KIMAI_DOMAIN
|
||||
- SECRET_KIMAI_ID_VERSION
|
||||
- SECRET_KIMAI_SECRET_VERSION
|
||||
- kimai_logo.png
|
||||
zammad:
|
||||
uncomment:
|
||||
- compose.zammad.yml
|
||||
- ZAMMAD_DOMAIN
|
||||
- zammad.svg
|
||||
monitoring-ng:
|
||||
uncomment:
|
||||
- compose.monitoring.yml
|
||||
- MONITORING_DOMAIN
|
||||
- SECRET_MONITORING_ID_VERSION
|
||||
- SECRET_MONITORING_SECRET_VERSION
|
||||
- monitoring.png
|
||||
outline:
|
||||
uncomment:
|
||||
- compose.outline.yml
|
||||
- OUTLINE_DOMAIN
|
||||
- SECRET_OUTLINE_ID_VERSION
|
||||
- SECRET_OUTLINE_SECRET_VERSION
|
||||
- outline.png
|
||||
secrets:
|
||||
outline_id: outline
|
||||
rallly:
|
||||
uncomment:
|
||||
- compose.rallly.yml
|
||||
- RALLLY_DOMAIN
|
||||
- SECRET_RALLLY_ID_VERSION
|
||||
- SECRET_RALLLY_SECRET_VERSION
|
||||
- rallly.png
|
||||
secrets:
|
||||
rallly_id: rallly
|
||||
hedgedoc:
|
||||
uncomment:
|
||||
- compose.hedgedoc.yml
|
||||
- HEDGEDOC_DOMAIN
|
||||
- SECRET_HEDGEDOC_ID_VERSION
|
||||
- SECRET_HEDGEDOC_SECRET_VERSION
|
||||
- hedgedoc.png
|
||||
secrets:
|
||||
hedgedoc_id: hedgedoc
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
app:
|
||||
configs:
|
||||
- source: custom_css
|
||||
target: /web/dist/custom.css
|
||||
|
||||
configs:
|
||||
custom_css:
|
||||
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
||||
file: custom.css.tmpl
|
||||
template_driver: golang
|
@ -1,11 +1,5 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=redirect-matrix-well-known"
|
||||
- "traefik.http.middlewares.redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)"
|
||||
- "traefik.http.middlewares.redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2"
|
||||
worker:
|
||||
secrets:
|
||||
- matrix_id
|
||||
|
43
compose.yml
43
compose.yml
@ -21,7 +21,6 @@ x-env: &env
|
||||
- AUTHENTIK_COLOR_BACKGROUND_LIGHT
|
||||
- AUTHENTIK_FOOTER_LINKS
|
||||
- AUTHENTIK_IMPERSONATION
|
||||
- AUTHENTIK_BOOTSTRAP_EMAIL
|
||||
- WELCOME_MESSAGE
|
||||
- DEFAULT_LANGUAGE
|
||||
- EMAIL_SUBJECT
|
||||
@ -33,7 +32,7 @@ x-env: &env
|
||||
version: '3.8'
|
||||
services:
|
||||
app:
|
||||
image: ghcr.io/goauthentik/server:2024.6.3
|
||||
image: ghcr.io/goauthentik/server:2024.2.3
|
||||
command: server
|
||||
depends_on:
|
||||
- db
|
||||
@ -48,17 +47,23 @@ services:
|
||||
- media:/media
|
||||
- assets:/web/dist/assets
|
||||
- templates:/templates
|
||||
configs:
|
||||
- source: custom_css
|
||||
target: /web/dist/custom.css
|
||||
networks:
|
||||
- internal
|
||||
- proxy
|
||||
healthcheck:
|
||||
test: "ak healthcheck"
|
||||
test: "bash -c 'printf \"GET / HTTP/1.1\n\n\" > /dev/tcp/127.0.0.1/9000; exit $$?;'"
|
||||
interval: 30s
|
||||
timeout: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 5m
|
||||
environment: *env
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
@ -71,11 +76,11 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
||||
- "coop-cloud.${STACK_NAME}.version=6.5.0+2024.6.3"
|
||||
- "coop-cloud.${STACK_NAME}.version=5.1.2+2024.2.3"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
|
||||
worker:
|
||||
image: ghcr.io/goauthentik/server:2024.6.3
|
||||
image: ghcr.io/goauthentik/server:2024.2.3
|
||||
command: worker
|
||||
depends_on:
|
||||
- db
|
||||
@ -90,10 +95,10 @@ services:
|
||||
- internal
|
||||
- proxy
|
||||
volumes:
|
||||
- backups:/backups
|
||||
- media:/media
|
||||
- /dev/null:/blueprints/default/flow-oobe.yaml
|
||||
- templates:/templates
|
||||
- certs:/certs
|
||||
configs:
|
||||
- source: flow_recovery
|
||||
target: /blueprints/1_flow_recovery.yaml
|
||||
@ -108,15 +113,9 @@ services:
|
||||
- source: flow_invalidation
|
||||
target: /blueprints/6_flow_invalidation.yaml
|
||||
environment: *env
|
||||
healthcheck:
|
||||
test: "ak healthcheck"
|
||||
interval: 30s
|
||||
timeout: 30s
|
||||
retries: 10
|
||||
start_period: 5m
|
||||
|
||||
db:
|
||||
image: postgres:15.7
|
||||
image: postgres:15.5
|
||||
secrets:
|
||||
- db_password
|
||||
configs:
|
||||
@ -144,13 +143,10 @@ services:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat /run/secrets/db_password) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.volumes.database.path: "backup.sql"
|
||||
backupbot.backup.volumes.redis: "false"
|
||||
backupbot.restore.post-hook: 'psql -U authentik -d postgres -c "DROP DATABASE authentik WITH (FORCE);" && createdb -U authentik authentik && psql -U authentik -d authentik -f /var/lib/postgresql/data/backup.sql'
|
||||
backupbot.backup.path: "/var/lib/postgresql/data"
|
||||
|
||||
redis:
|
||||
image: redis:7.4.0-alpine
|
||||
command: --save 60 1 --loglevel warning
|
||||
image: redis:7.2.4-alpine
|
||||
networks:
|
||||
- internal
|
||||
healthcheck:
|
||||
@ -159,8 +155,6 @@ services:
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 1m
|
||||
volumes:
|
||||
- redis:/data
|
||||
|
||||
secrets:
|
||||
db_password:
|
||||
@ -185,14 +179,17 @@ networks:
|
||||
internal:
|
||||
|
||||
volumes:
|
||||
backups:
|
||||
media:
|
||||
certs:
|
||||
redis:
|
||||
templates:
|
||||
assets:
|
||||
database:
|
||||
|
||||
configs:
|
||||
custom_css:
|
||||
name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
|
||||
file: custom.css.tmpl
|
||||
template_driver: golang
|
||||
flow_authentication:
|
||||
name: ${STACK_NAME}_flow_authentication_${FLOW_AUTHENTICATION_VERSION}
|
||||
file: flow_authentication.yaml.tmpl
|
||||
|
@ -1,14 +0,0 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
worker:
|
||||
environment:
|
||||
- ZAMMAD_DOMAIN
|
||||
configs:
|
||||
- source: zammad
|
||||
target: /blueprints/zammad.yaml
|
||||
|
||||
configs:
|
||||
zammad:
|
||||
name: ${STACK_NAME}_zammad_${ZAMMAD_CONFIG_VERSION}
|
||||
file: zammad.yaml.tmpl
|
||||
template_driver: golang
|
BIN
icons/bbb.jpg
Normal file
BIN
icons/bbb.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 6.7 KiB |
BIN
icons/bbb.png
BIN
icons/bbb.png
Binary file not shown.
Before Width: | Height: | Size: 94 KiB |
@ -1,30 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<svg width="126px" height="108px" viewBox="0 0 42 36" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:sketch="http://www.bohemiancoding.com/sketch/ns">
|
||||
<!-- Generator: Sketch 3.3.2 (12043) - http://www.bohemiancoding.com/sketch -->
|
||||
<title>logo</title>
|
||||
<desc>Created with Sketch.</desc>
|
||||
<defs/>
|
||||
<g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd" sketch:type="MSPage">
|
||||
<g id="logo" sketch:type="MSArtboardGroup">
|
||||
<g sketch:type="MSLayerGroup" transform="translate(1.000000, 0.000000)" id="Shape">
|
||||
<path d="M27.3375,12.6 L36.72,9.72 L31.1625,13.2525 L27.3375,12.6 Z" fill="#CA2317" sketch:type="MSShapeGroup"/>
|
||||
<path d="M33.0525,19.62 L31.1625,13.2525 L36.72,9.72 L35.055,15.435 L33.0525,19.62 Z" fill="#E84F83" sketch:type="MSShapeGroup"/>
|
||||
<path d="M39.465,7.9875 L38.43,9.72 L35.055,15.435 L36.72,9.72 L39.465,7.9875 Z" fill="#CA2317" sketch:type="MSShapeGroup"/>
|
||||
<path d="M39.8025,9.1125 L37.1925,11.79 L38.43,9.72 L39.8025,9.1125 Z" fill="#E54011" sketch:type="MSShapeGroup"/>
|
||||
<path d="M27.9,10.8225 L35.5725,10.0575 L30.24,11.7 L27.9,10.8225 Z" fill="#E54011" sketch:type="MSShapeGroup"/>
|
||||
<path d="M28.1925,15.165 L31.1625,13.2525 L33.0525,19.62 L32.0625,21.645 L28.1925,15.165 Z" fill="#CA2317" sketch:type="MSShapeGroup"/>
|
||||
<path d="M23.76,22.725 L22.3425,5.4 L32.0625,21.645 L23.76,22.725 Z" fill="#B7DFF2" sketch:type="MSShapeGroup"/>
|
||||
<path d="M19.7325,27.1575 L23.76,22.725 L32.0625,21.645 L19.7325,27.1575 Z" fill="#E54011" sketch:type="MSShapeGroup"/>
|
||||
<path d="M0.1575,35.865 L19.7325,27.1575 L23.76,22.725 L17.37,22.0725 L0.1575,35.865 Z" fill="#FFCE33" sketch:type="MSShapeGroup"/>
|
||||
<path d="M0.9,28.755 L10.9575,27.225 L14.085,24.705 L12.555,24.03 L0.9,28.755 Z" fill="#D6B12D" sketch:type="MSShapeGroup"/>
|
||||
<path d="M4.5225,20.5425 L14.085,24.705 L17.37,22.0725 L4.5225,20.5425 Z" fill="#FFDE85" sketch:type="MSShapeGroup"/>
|
||||
<path d="M21.6225,11.6775 L20.4075,11.88 L17.37,22.0725 L20.655,20.0025 L21.6225,11.6775 Z" fill="#009EC6" sketch:type="MSShapeGroup"/>
|
||||
<path d="M23.4,18.2475 L20.655,20.0025 L22.3425,5.4 L23.4,18.2475 Z" fill="#5EAFCE" sketch:type="MSShapeGroup"/>
|
||||
<path d="M13.0275,13.05 L21.6225,11.6775 L22.005,8.28 L13.0275,13.05 Z" fill="#045972" sketch:type="MSShapeGroup"/>
|
||||
<path d="M12.105,5.085 L19.575,9.585 L22.005,8.28 L22.0725,7.8075 L12.105,5.085 Z" fill="#5A8591" sketch:type="MSShapeGroup"/>
|
||||
<path d="M13.5675,0.18 L20.3625,7.335 L22.0725,7.8075 L22.3425,5.4 L13.5675,0.18 Z" fill="#009EC6" sketch:type="MSShapeGroup"/>
|
||||
<path d="M17.37,22.0725 L23.4,18.2475 L23.76,22.725 L17.37,22.0725 Z" fill="#F39804" sketch:type="MSShapeGroup"/>
|
||||
</g>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
Before Width: | Height: | Size: 3.0 KiB |
@ -25,7 +25,7 @@ entries:
|
||||
conditions: []
|
||||
id: monitoring_provider
|
||||
identifiers:
|
||||
pk: 9990
|
||||
pk: 9994
|
||||
model: authentik_providers_oauth2.oauth2provider
|
||||
state: present
|
||||
|
||||
|
@ -1 +0,0 @@
|
||||
Alerta! ⚠️ If you are using AUTHENTIK_COLOR_BACKGROUND_LIGHT, you will need to set COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
@ -1 +0,0 @@
|
||||
Blueprint for Kimai SSO integration added
|
@ -1,67 +0,0 @@
|
||||
version: 1
|
||||
metadata:
|
||||
labels:
|
||||
blueprints.goauthentik.io/instantiate: "true"
|
||||
name: zammad
|
||||
|
||||
entries:
|
||||
- attrs:
|
||||
expression: return request.user.name
|
||||
managed: null
|
||||
name: 'Zammad SAML Mapping: name'
|
||||
saml_name: name
|
||||
conditions: []
|
||||
identifiers:
|
||||
name: zammad_name_mapping
|
||||
id: zammad_name_mapping
|
||||
model: authentik_providers_saml.samlpropertymapping
|
||||
state: present
|
||||
|
||||
- attrs:
|
||||
expression: return request.user.email
|
||||
managed: null
|
||||
name: 'Zammad SAML Mapping: email'
|
||||
saml_name: email
|
||||
conditions: []
|
||||
identifiers:
|
||||
name: zammad_email_mapping
|
||||
id: zammad_email_mapping
|
||||
model: authentik_providers_saml.samlpropertymapping
|
||||
state: present
|
||||
|
||||
- attrs:
|
||||
acs_url: https://{{ env "ZAMMAD_DOMAIN" }}/auth/saml/callback
|
||||
assertion_valid_not_before: minutes=-5
|
||||
assertion_valid_not_on_or_after: minutes=5
|
||||
audience: https://{{ env "ZAMMAD_DOMAIN" }}/auth/saml/metadata
|
||||
authentication_flow: !Find [authentik_flows.flow, [slug, default-authentication-flow]]
|
||||
authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]]
|
||||
digest_algorithm: http://www.w3.org/2001/04/xmlenc#sha256
|
||||
issuer: https://{{ env "ZAMMAD_DOMAIN" }}/auth/saml/metadata
|
||||
name: zammad
|
||||
property_mappings:
|
||||
- !KeyOf zammad_name_mapping
|
||||
- !KeyOf zammad_email_mapping
|
||||
session_valid_not_on_or_after: minutes=86400
|
||||
signature_algorithm: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
||||
signing_kp: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]]
|
||||
sp_binding: post
|
||||
conditions: []
|
||||
id: zammad_provider
|
||||
identifiers:
|
||||
pk: 9989
|
||||
model: authentik_providers_saml.samlprovider
|
||||
state: present
|
||||
|
||||
- attrs:
|
||||
meta_launch_url: https://{{ env "ZAMMAD_DOMAIN" }}
|
||||
open_in_new_tab: true
|
||||
policy_engine_mode: any
|
||||
provider: !KeyOf zammad_provider
|
||||
slug: zammad
|
||||
conditions: []
|
||||
id: zammad_application
|
||||
identifiers:
|
||||
name: Zammad
|
||||
model: authentik_core.application
|
||||
state: present
|
Loading…
x
Reference in New Issue
Block a user