From 0da043a9fefb12e1e2dd1093b28ee3a1f130c6d5 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 12 Feb 2022 17:27:41 +0100 Subject: [PATCH] outposts: make local discovery configurable Signed-off-by: Jens Langhammer --- authentik/lib/default.yml | 1 + authentik/outposts/tasks.py | 4 ++++ website/docs/installation/configuration.md | 10 ++++++++++ 3 files changed, 15 insertions(+) diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml index d2093c6fd..fb36ceb0e 100644 --- a/authentik/lib/default.yml +++ b/authentik/lib/default.yml @@ -55,6 +55,7 @@ outposts: # %(version)s: Current version; 2021.4.1 # %(build_hash)s: Build hash if you're running a beta version container_image_base: ghcr.io/goauthentik/%(type)s:%(version)s + discover: true cookie_domain: null disable_update_check: false diff --git a/authentik/outposts/tasks.py b/authentik/outposts/tasks.py index 7b4c87148..e5a074f54 100644 --- a/authentik/outposts/tasks.py +++ b/authentik/outposts/tasks.py @@ -23,6 +23,7 @@ from authentik.events.monitored_tasks import ( TaskResultStatus, prefill_task, ) +from authentik.lib.config import CONFIG from authentik.lib.utils.reflection import path_to_class from authentik.outposts.controllers.base import BaseController, ControllerException from authentik.outposts.controllers.docker import DockerClient @@ -231,6 +232,9 @@ def _outpost_single_update(outpost: Outpost, layer=None): @CELERY_APP.task() def outpost_local_connection(): """Checks the local environment and create Service connections.""" + if not CONFIG.y_bool("outposts.discover"): + LOGGER.debug("outpost integration discovery is disabled") + return # Explicitly check against token filename, as that's # only present when the integration is enabled if Path(SERVICE_TOKEN_FILENAME).exists(): diff --git a/website/docs/installation/configuration.md b/website/docs/installation/configuration.md index de199c441..a2db61eae 100644 --- a/website/docs/installation/configuration.md +++ b/website/docs/installation/configuration.md @@ -121,6 +121,16 @@ Disable the inbuilt update-checker. Defaults to `false`. Placeholder for outpost docker images. Default: `ghcr.io/goauthentik/%(type)s:%(version)s`. +- `AUTHENTIK_OUTPOSTS__DISCOVER` + + Configure the automatic discovery of integrations. Defaults to `true`. + + By default, the following is discovered: + + - Kubernetes in-cluster config + - Kubeconfig + - Existence of a docker socket + ### AUTHENTIK_AVATARS Configure how authentik should show avatars for users. Following values can be set: