WIP delete user policy

2024-07-15 18:55:29 +02:00
6 changed files with 33 additions and 21 deletions
--- a/.env.sample
+++ b/.env.sample
@ -17,9 +17,6 @@ AUTHENTIK_LOG_LEVEL=info
 ## Outpost Integration
 # COMPOSE_FILE="$COMPOSE_FILE:compose.outposts.yml"
 ## ADMIN
 AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com
 ## EMAIL
 AUTHENTIK_EMAIL__HOST=smtp
 AUTHENTIK_EMAIL__PORT=587
@ -96,13 +93,13 @@ AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
 # KIMAI_DOMAIN=kimai.example.com
 # SECRET_KIMAI_ID_VERSION=v1
 # SECRET_KIMAI_SECRET_VERSION=v1
-# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai_logo.png"
+# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai.png"
 # COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"
 # MONITORING_DOMAIN=monitoring.example.com
 # SECRET_MONITORING_ID_VERSION=v1
 # SECRET_MONITORING_SECRET_VERSION=v1
-# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.svg"
+# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.png"
 # COMPOSE_FILE="$COMPOSE_FILE:compose.rallly.yml"
 # RALLLY_DOMAIN=rallly.example.com
--- a/abra.sh
+++ b/abra.sh
@ -14,7 +14,7 @@ export OUTLINE_CONFIG_VERSION=v2
 export KIMAI_CONFIG_VERSION=v1
 export RALLLY_CONFIG_VERSION=v2
 export HEDGEDOC_CONFIG_VERSION=v1
-export MONITORING_CONFIG_VERSION=v2
+export MONITORING_CONFIG_VERSION=v1
 export DB_ENTRYPOINT_VERSION=v1
 customize() {
--- a/alaconnect.yml
+++ b/alaconnect.yml
@ -40,7 +40,7 @@ vikunja:
        - vikunja.svg
    secrets:
        vikunja_id: vikunja
-monitoring-ng:
+monitoring:
    uncomment:
        - compose.monitoring.yml
        - MONITORING_DOMAIN
--- a/compose.yml
+++ b/compose.yml
@ -21,7 +21,6 @@ x-env: &env
    - AUTHENTIK_COLOR_BACKGROUND_LIGHT
    - AUTHENTIK_FOOTER_LINKS
    - AUTHENTIK_IMPERSONATION
    - AUTHENTIK_BOOTSTRAP_EMAIL
    - WELCOME_MESSAGE
    - DEFAULT_LANGUAGE
    - EMAIL_SUBJECT
@ -33,7 +32,7 @@ x-env: &env
 version: '3.8'
 services:
  app:
-    image: ghcr.io/goauthentik/server:2024.6.2
+    image: ghcr.io/goauthentik/server:2024.4.2
    command: server
    depends_on:
      - db
@ -52,13 +51,16 @@ services:
      - internal
      - proxy
    healthcheck:
-      test: "ak healthcheck"
+      test: "bash -c 'printf \"GET / HTTP/1.1\n\n\" > /dev/tcp/127.0.0.1/9000; exit $$?;'"
      interval: 30s
-      timeout: 30s
+      timeout: 10s
      retries: 10
      start_period: 5m
    environment: *env
    deploy:
      update_config:
        failure_action: rollback
        order: start-first
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=proxy"
@ -71,11 +73,11 @@ services:
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
        - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
        - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=6.3.1+2024.6.2"
+        - "coop-cloud.${STACK_NAME}.version=6.1.1+2024.4.2"
        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
  worker:
-    image: ghcr.io/goauthentik/server:2024.6.2
+    image: ghcr.io/goauthentik/server:2024.4.2
    command: worker
    depends_on:
      - db
@ -108,12 +110,6 @@ services:
      - source: flow_invalidation
        target: /blueprints/6_flow_invalidation.yaml
    environment: *env
    healthcheck:
      test: "ak healthcheck"
      interval: 30s
      timeout: 30s
      retries: 10
      start_period: 5m
  db:
    image: postgres:15.7
@ -147,7 +143,7 @@ services:
          backupbot.backup.path: "/var/lib/postgresql/data"
  redis:
-    image:  redis:7.4.0-alpine
+    image:  redis:7.2.4-alpine
    networks:
      - internal
    healthcheck:
--- a/delete_user.py
+++ b/delete_user.py
@ -0,0 +1,19 @@
 model_actions = ["model_deleted"]
 model_app = "authentik_core"
 model_name = "user"
 event = request.context.get("event", None)
 if not event:
    ak_logger.info("delete_user: No event")
    return False
 if event.action not in model_actions:
    ak_logger.info("delete_user: Non-matching action")
    return False
 if (
    event.context["model"]["app"] != model_app
    or event.context["model"]["model_name"] != model_name
 ):
    ak_logger.info("delete_user: Invalid model")
    return False
 ak_logger.info(f'model: {event.context["model"]}')
--- a/monitoring.yaml.tmpl
+++ b/monitoring.yaml.tmpl
@ -25,7 +25,7 @@ entries:
  conditions: []
  id: monitoring_provider
  identifiers:
-    pk: 9990
+    pk: 9994
  model: authentik_providers_oauth2.oauth2provider
  state: present