chore: publish 5.1.2+2024.2.3 release

.drone.yml

@@ -30,7 +30,6 @@ steps:
       SECRET_ADMIN_TOKEN_VERSION: v1
       SECRET_ADMIN_PASS_VERSION: v1
       SECRET_EMAIL_PASS_VERSION: v1
-      DB_ENTRYPOINT_VERSION: v1
 trigger:
   branch:
     - main

.env.sample

@@ -17,9 +17,6 @@ AUTHENTIK_LOG_LEVEL=info
 ## Outpost Integration
 # COMPOSE_FILE="$COMPOSE_FILE:compose.outposts.yml"
 
-## ADMIN
-AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com
-
 ## EMAIL
 AUTHENTIK_EMAIL__HOST=smtp
 AUTHENTIK_EMAIL__PORT=587
@@ -37,6 +34,7 @@ SECRET_ADMIN_PASS_VERSION=v1
 SECRET_EMAIL_PASS_VERSION=v1
 
 # X_FRAME_OPTIONS_ALLOW_FROM=dashboard.example.org
+AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
 
 ## FLOW OPTIONS
 # WELCOME_MESSAGE="Welcome to Authentik"
@@ -49,12 +47,6 @@ COPY_ASSETS="flow_background.jpg|app:/web/dist/assets/images/"
 COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/web/dist/assets/icons/"
 COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
 
-# Default CSS customisation, just background colour
-COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
-AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
-# Custommise the entire custom CSS file
-#COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
-
 # COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
 # NEXTCLOUD_DOMAIN=nextcloud.example.com
 # SECRET_NEXTCLOUD_ID_VERSION=v1
@@ -96,13 +88,13 @@ AUTHENTIK_COLOR_BACKGROUND_LIGHT=#1c1e21
 # KIMAI_DOMAIN=kimai.example.com
 # SECRET_KIMAI_ID_VERSION=v1
 # SECRET_KIMAI_SECRET_VERSION=v1
-# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai_logo.png"
+# APP_ICONS="$APP_ICONS kimai:~/.abra/recipes/authentik/icons/kimai.png"
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.monitoring.yml"
 # MONITORING_DOMAIN=monitoring.example.com
 # SECRET_MONITORING_ID_VERSION=v1
 # SECRET_MONITORING_SECRET_VERSION=v1
-# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.svg"
+# APP_ICONS="$APP_ICONS monitoring:~/.abra/recipes/authentik/icons/monitoring.png"
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.rallly.yml"
 # RALLLY_DOMAIN=rallly.example.com

abra.sh

@@ -14,7 +14,7 @@ export OUTLINE_CONFIG_VERSION=v2
 export KIMAI_CONFIG_VERSION=v1
 export RALLLY_CONFIG_VERSION=v2
 export HEDGEDOC_CONFIG_VERSION=v1
-export MONITORING_CONFIG_VERSION=v2
+export MONITORING_CONFIG_VERSION=v1
 export DB_ENTRYPOINT_VERSION=v1
 
 customize() {
@@ -56,19 +56,15 @@ with open('/tmp/$1', newline='') as file:
     email = row[2].strip()
     groups = row[3].split(';')
     if User.objects.filter(username=username):
-        print(f'{username} already exists')
         continue
     new_user = User.objects.create(name=name, username=username, email=email)
-    print(f'{username} created')
     for group_name in groups:
         group_name = group_name.strip()
         if Group.objects.filter(name=group_name):
             group = Group.objects.get(name=group_name)
         else:
             group = Group.objects.create(name=group_name)
-            print(f'{group_name} created')
         group.users.add(new_user)
-        print(f'add {username} to group {group_name}')
 """ 2>&1 | quieten
 }
 
@@ -176,9 +172,7 @@ for name, url in applications.items():
 
 
 quieten(){
-    # 'SyntaxWarning|version_regex|"http\['
-    # is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
-    grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:'
+    grep -v -e '{"event"' -e '{"action"'
 }
 
 add_email_templates(){
@@ -229,16 +223,3 @@ Brand.objects.filter(default=True).delete()
 """ 2>&1 | quieten
 apply_blueprints
 }
-
-get_certificate() {
-/manage.py shell -c """
-provider_name='$1'
-if not provider_name:
-    print('no Provider Name given')
-    exit(1)
-provider = Provider.objects.filter(name=provider_name).first()
-saml = provider.samlprovider
-cert = saml.signing_kp
-print(''.join(cert.certificate_data.splitlines()[1:-1]))
-""" 2>&1 | quieten
-}

alaconnect.yml

@@ -1,76 +0,0 @@
-nextcloud:
-    uncomment:
-        - compose.nextcloud.yml
-        - NEXTCLOUD_DOMAIN
-        - SECRET_NEXTCLOUD_ID_VERSION
-        - SECRET_NEXTCLOUD_SECRET_VERSION
-        - nextcloud.png
-wordpress:
-    uncomment:
-        - compose.wordpress.yml
-        - WORDPRESS_DOMAIN
-        - WORDPRESS_GROUP
-        - SECRET_WORDPRESS_ID_VERSION
-        - SECRET_WORDPRESS_SECRET_VERSION
-        - wordpress.png
-matrix-synapse:
-    uncomment:
-        - compose.matrix.yml
-        - ELEMENT_DOMAIN
-        - SECRET_MATRIX_ID_VERSION
-        - SECRET_MATRIX_SECRET_VERSION
-        - matrix.svg
-    secrets:
-        matrix_id: matrix
-wekan:
-    uncomment:
-        - compose.wekan.yml
-        - WEKAN_DOMAIN
-        - SECRET_WEKAN_ID_VERSION
-        - SECRET_WEKAN_SECRET_VERSION
-        - wekan.png
-    secrets:
-        wekan_id: wekan
-vikunja:
-    uncomment:
-        - compose.vikunja.yml
-        - VIKUNJA_DOMAIN
-        - SECRET_VIKUNJA_ID_VERSION
-        - SECRET_VIKUNJA_SECRET_VERSION
-        - vikunja.svg
-    secrets:
-        vikunja_id: vikunja
-monitoring-ng:
-    uncomment:
-        - compose.monitoring.yml
-        - MONITORING_DOMAIN
-        - SECRET_MONITORING_ID_VERSION
-        - SECRET_MONITORING_SECRET_VERSION
-        - monitoring.png
-outline:
-    uncomment:
-        - compose.outline.yml
-        - OUTLINE_DOMAIN
-        - SECRET_OUTLINE_ID_VERSION
-        - SECRET_OUTLINE_SECRET_VERSION
-        - outline.png
-    secrets:
-        outline_id: outline
-rallly:
-    uncomment:  
-        - compose.rallly.yml
-        - RALLLY_DOMAIN
-        - SECRET_RALLLY_ID_VERSION
-        - SECRET_RALLLY_SECRET_VERSION
-        - rallly.png
-    secrets:
-        rallly_id: rallly
-hedgedoc:
-    uncomment:  
-        - compose.hedgedoc.yml
-        - HEDGEDOC_DOMAIN
-        - SECRET_HEDGEDOC_ID_VERSION
-        - SECRET_HEDGEDOC_SECRET_VERSION
-        - hedgedoc.png
-    secrets:
-        hedgedoc_id: hedgedoc

compose.css.yml

@@ -1,14 +0,0 @@
----
-version: '3.8'
-
-services:
-  app:
-    configs: 
-      - source: custom_css
-        target: /web/dist/custom.css
-
-configs:
-  custom_css:
-    name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
-    file: custom.css.tmpl
-    template_driver: golang

compose.yml

@@ -21,7 +21,6 @@ x-env: &env
     - AUTHENTIK_COLOR_BACKGROUND_LIGHT
     - AUTHENTIK_FOOTER_LINKS
     - AUTHENTIK_IMPERSONATION
-    - AUTHENTIK_BOOTSTRAP_EMAIL
     - WELCOME_MESSAGE
     - DEFAULT_LANGUAGE
     - EMAIL_SUBJECT
@@ -33,7 +32,7 @@ x-env: &env
 version: '3.8'
 services:
   app:
-    image: ghcr.io/goauthentik/server:2024.6.2
+    image: ghcr.io/goauthentik/server:2024.2.3
     command: server
     depends_on:
       - db
@@ -48,17 +47,23 @@ services:
       - media:/media
       - assets:/web/dist/assets
       - templates:/templates
+    configs:
+      - source: custom_css
+        target: /web/dist/custom.css
     networks:
       - internal
       - proxy
     healthcheck:
-      test: "ak healthcheck"
+      test: "bash -c 'printf \"GET / HTTP/1.1\n\n\" > /dev/tcp/127.0.0.1/9000; exit $$?;'"
       interval: 30s
-      timeout: 30s
+      timeout: 10s
       retries: 10
       start_period: 5m
     environment: *env
     deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
       labels:
         - "traefik.enable=true"
         - "traefik.docker.network=proxy"
@@ -71,11 +76,11 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=6.3.1+2024.6.2"
+        - "coop-cloud.${STACK_NAME}.version=5.1.2+2024.2.3"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
   worker:
-    image: ghcr.io/goauthentik/server:2024.6.2
+    image: ghcr.io/goauthentik/server:2024.2.3
     command: worker
     depends_on:
       - db
@@ -108,15 +113,9 @@ services:
       - source: flow_invalidation
         target: /blueprints/6_flow_invalidation.yaml
     environment: *env
-    healthcheck:
-      test: "ak healthcheck"
-      interval: 30s
-      timeout: 30s
-      retries: 10
-      start_period: 5m
 
   db:
-    image: postgres:15.7
+    image: postgres:15.5
     secrets:
       - db_password
     configs:
@@ -147,7 +146,7 @@ services:
           backupbot.backup.path: "/var/lib/postgresql/data"
 
   redis:
-    image:  redis:7.4.0-alpine
+    image:  redis:7.2.4-alpine
     networks:
       - internal
     healthcheck:
@@ -187,6 +186,10 @@ volumes:
   database:
 
 configs:
+  custom_css:
+    name: ${STACK_NAME}_custom_css_${CUSTOM_CSS_VERSION}
+    file: custom.css.tmpl
+    template_driver: golang
   flow_authentication:
     name: ${STACK_NAME}_flow_authentication_${FLOW_AUTHENTICATION_VERSION}
     file: flow_authentication.yaml.tmpl

monitoring.yaml.tmpl

@@ -25,7 +25,7 @@ entries:
   conditions: []
   id: monitoring_provider
   identifiers:
-    pk: 9990
+    pk: 9994
   model: authentik_providers_oauth2.oauth2provider
   state: present
 

release/6.0.0+2024.4.0

@@ -1 +0,0 @@
-Alerta! ⚠️ If you are using AUTHENTIK_COLOR_BACKGROUND_LIGHT, you will need to set COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"

release/6.1.0+2024.4.2

@@ -1 +0,0 @@
-Blueprint for Kimai SSO integration added