chore: publish 0.5.0+2022.9.0 release

.env.sample

@@ -1,7 +1,7 @@
 TYPE=authentik
 LETS_ENCRYPT_ENV=production
 
-DOMAIN=sso.example.com
+DOMAIN={{ .Domain }}
 POSTGRES_PASSWORD=secret
 AUTHENTIK_POSTGRESQL__PASSWORD=secret
 POSTGRES_USER=authentik
@@ -31,3 +31,5 @@ AUTHENTIK_LOG_LEVEL=info
 # SECRET_SECRET_KEY_VERSION=v1
 # SECRET_ADMIN_TOKEN_VERSION=v1
 # SECRET_ADMIN_PASS_VERSION=v1
+
+# X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org

abra.sh

@@ -0,0 +1 @@
+export CUSTOM_CSS_VERSION=v1

compose.yml

@@ -19,12 +19,13 @@ x-env: &env
     - AUTHENTIK_EMAIL__TIMEOUT
     - AUTHENTIK_EMAIL__FROM
     - AUTHENTIK_LOG_LEVEL
+    - AUTHENTIK_SETTINGS__THEME__BACKGROUND
 
 
 version: '3.8'
 services:
   app:
-    image: ghcr.io/goauthentik/server:2022.7.3
+    image: ghcr.io/goauthentik/server:2022.9.0
     command: server
     # secrets:
     #   - db_password
@@ -34,6 +35,9 @@ services:
     volumes:
       - media:/media
       - custom-templates:/templates
+    configs:
+      - source: custom_css
+        target: /web/dist/custom.css
     networks:
       - internal
       - proxy
@@ -55,10 +59,15 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=0.3.0+2022.7.3"
+        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+        - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
+        - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
+        - "coop-cloud.${STACK_NAME}.version=0.5.0+2022.9.0"
 
   worker:
-    image: ghcr.io/goauthentik/server:2022.7.3
+    image: ghcr.io/goauthentik/server:2022.9.0
     command: worker
     # secrets:
       # - db_password
@@ -77,7 +86,7 @@ services:
     environment: *env
 
   db:
-    image: postgres:12.11-alpine
+    image: postgres:12.12-alpine
     # secrets:
       # - db_password
     volumes:
@@ -102,7 +111,7 @@ services:
           backupbot.backup.path: "/tmp/backup/"
 
   redis:
-    image:  redis:7.0.4-alpine
+    image:  redis:7.0.5-alpine
     networks:
       - internal
     healthcheck:
@@ -136,3 +145,9 @@ volumes:
   media:
   custom-templates:
   database:
+
+configs:
+  custom_css:
+    name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
+    file: custom.css.tmpl
+    template_driver: golang

custom.css.tmpl

@@ -0,0 +1,24 @@
+/* my custom css */
+
+
+:root {
+    --ak-accent: #fd4b2d;
+
+    --ak-dark-foreground: #fafafa;
+    --ak-dark-foreground-darker: #bebebe;
+    --ak-dark-foreground-link: #5a5cb9;
+    --ak-dark-background: #18191a;
+    --ak-dark-background-darker: #000000;
+
+    --ak-dark-background-light: #3f607d;
+
+    --ak-dark-background-light-ish: #212427;
+    --ak-dark-background-lighter: #2b2e33;
+
+    --pf-c-background-image--BackgroundImage: var(--ak-flow-background);
+    --pf-c-background-image--BackgroundImage-2x: var(--ak-flow-background);
+    --pf-c-background-image--BackgroundImage--sm: var(--ak-flow-background);
+    --pf-c-background-image--BackgroundImage--sm-2x: var(--ak-flow-background);
+    --pf-c-background-image--BackgroundImage--lg: var(--ak-flow-background);
+}
+