website/docs: fix typos
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
03369e2338
commit
3b7e8e3931
2
.github/codespell-words.txt
vendored
2
.github/codespell-words.txt
vendored
|
@ -1 +1,3 @@
|
|||
keypair
|
||||
keypairs
|
||||
hass
|
||||
|
|
9
Makefile
9
Makefile
|
@ -20,7 +20,14 @@ test:
|
|||
lint-fix:
|
||||
isort authentik tests lifecycle
|
||||
black authentik tests lifecycle
|
||||
codespell -I .github/codespell-words.txt -S 'web/src/locales/**' -w authentik internal cmd web/src website/src
|
||||
codespell -I .github/codespell-words.txt -S 'web/src/locales/**' -w \
|
||||
authentik \
|
||||
internal \
|
||||
cmd \
|
||||
web/src \
|
||||
website/src \
|
||||
website/docs \
|
||||
website/developer-docs
|
||||
|
||||
lint:
|
||||
pyright authentik tests lifecycle
|
||||
|
|
|
@ -22,7 +22,7 @@ To match events with an "Expression Policy", you can write code like so:
|
|||
if "event" not in request.context:
|
||||
return False
|
||||
|
||||
return ip_address(request.context["evnet"].client_ip) in ip_network('192.0.2.0/24')
|
||||
return ip_address(request.context["event"].client_ip) in ip_network('192.0.2.0/24')
|
||||
```
|
||||
|
||||
## Selecting who gets notified
|
||||
|
|
|
@ -3,7 +3,7 @@ title: Example Flows
|
|||
---
|
||||
|
||||
:::info
|
||||
You can apply theses flows multiple times to stay updated, however this will discard all changes you've made.
|
||||
You can apply these flows multiple times to stay updated, however this will discard all changes you've made.
|
||||
:::
|
||||
|
||||
:::info
|
||||
|
|
|
@ -11,7 +11,7 @@ The prompt can be any of the following types:
|
|||
| Type | Description |
|
||||
| -------- | ----------------------------------------------------------------- |
|
||||
| text | Arbitrary text. No client-side validation is done. |
|
||||
| email | Email input. Requires a valid email adress. |
|
||||
| email | Email input. Requires a valid email address. |
|
||||
| password | Password input. |
|
||||
| number | Number input. Any number is allowed. |
|
||||
| checkbox | Simple checkbox. |
|
||||
|
|
|
@ -24,7 +24,7 @@ Create an OAuth2/OpenID provider with the following parameters:
|
|||
- Redirect URIs: `https://guacamole.company/` (depending on your Tomcat setup, you might have to add `/guacamole/` if the application runs in a subfolder)
|
||||
- Scopes: OpenID, Email and Profile
|
||||
|
||||
Under *Advanced protocol settings*, set the folloiwng:
|
||||
Under *Advanced protocol settings*, set the following:
|
||||
|
||||
- Token validity: Any value to configure how long the session should last. Guacamole will not accept any tokens valid longer than 300 Minutes.
|
||||
|
||||
|
|
|
@ -99,5 +99,5 @@ BookStack will attempt to match the SAML user to an existing BookStack user base
|
|||
:::
|
||||
|
||||
:::note
|
||||
SAML Group Sync is supported by Bookstack. Review the BookStack documention on the required Environment variables. https://www.bookstackapp.com/docs/admin/saml2-auth/
|
||||
SAML Group Sync is supported by Bookstack. Review the BookStack documentation on the required Environment variables. https://www.bookstackapp.com/docs/admin/saml2-auth/
|
||||
:::
|
||||
|
|
|
@ -98,7 +98,7 @@ For more information on group/role mappings, see [Grafana's docs](https://grafan
|
|||
|
||||
### Grafana Configuration Considerations
|
||||
|
||||
Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accesible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`.
|
||||
Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accessible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`.
|
||||
If you get `user does not belong to org` error when trying to log into grafana for the first time via OAuth, check if you have an organization with the ID of `1`, if not, then you have to add the following to your grafana config:
|
||||
|
||||
```ini
|
||||
|
|
|
@ -50,7 +50,7 @@ In Wiki.js, configure the authentication strategy with these settings:
|
|||
- Client Secret: Client Secret from the authentik provider.
|
||||
- Authorization Endpoint URL: https://authentik.company/application/o/authorize/
|
||||
- Token Endpoint URL: https://authentik.company/application/o/token/
|
||||
- User Info Endpont URL: https://authentik.company/application/o/userinfo/
|
||||
- User Info Endpoint URL: https://authentik.company/application/o/userinfo/
|
||||
- Issuer: https://authentik.company/application/o/wikijs/
|
||||
- Logout URL: https://authentik.company/application/o/wikijs/end-session/
|
||||
- Allow self-registration: Enabled
|
||||
|
|
|
@ -27,7 +27,7 @@ The following placeholders will be used:
|
|||
|
||||
![](./02_delegate.png)
|
||||
|
||||
7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependant on your AD Domain)
|
||||
7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependent on your AD Domain)
|
||||
|
||||
![](./03_additional_perms.png)
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel
|
|||
![Example Screen](googledeveloper1.png)
|
||||
|
||||
3. **Project Name**: Choose a name
|
||||
4. **Organization**: Leave as defaut if unsure
|
||||
4. **Organization**: Leave as default if unsure
|
||||
5. **Location**: Leave as default if unsure
|
||||
|
||||
![Example Screen](googledeveloper2.png)
|
||||
|
@ -36,7 +36,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel
|
|||
![Example Screen](googledeveloper4.png)
|
||||
|
||||
|
||||
10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_. If you do have a Google Workspace (Gsuite) account and want to limit acces to only users inside of your organization choose _Internal_
|
||||
10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_. If you do have a Google Workspace (Gsuite) account and want to limit access to only users inside of your organization choose _Internal_
|
||||
|
||||
_I'm only going to list the mandatory/important fields to complete._
|
||||
|
||||
|
|
|
@ -11,4 +11,4 @@ To have sources show on the default login screen you will need to add them. This
|
|||
2. Click on **default-authentication-flow**
|
||||
3. Click the **Stage Bindings** tab
|
||||
4. Chose **Edit Stage** for the _default-authentication-identification_ stage
|
||||
5. Under **Sources** you should see the addtional sources you have configured. Click all applicable sources to have them displayed on the Login Page
|
||||
5. Under **Sources** you should see the additional sources you have configured. Click all applicable sources to have them displayed on the Login Page
|
||||
|
|
|
@ -67,7 +67,7 @@ import Objects from '../expressions/_objects.md'
|
|||
return ak_client_ip.is_private
|
||||
```
|
||||
|
||||
See also [Python documetnation](https://docs.python.org/3/library/ipaddress.html#ipaddress.ip_address)
|
||||
See also [Python documentation](https://docs.python.org/3/library/ipaddress.html#ipaddress.ip_address)
|
||||
|
||||
Additionally, when the policy is executed from a flow, every variable from the flow's current context is accessible under the `context` object.
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ slug: "0.14"
|
|||
- outposts: validate kubeconfig before saving
|
||||
- proxy: update to latest stable oauth2_proxy version
|
||||
- root: update license
|
||||
- web: fix sidebar being overlayed over modal backdrop
|
||||
- web: fix sidebar being overlaid over modal backdrop
|
||||
- web: fix table styling on mobile
|
||||
- web: use displyname in sidebar for user
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ slug: "2021.3"
|
|||
|
||||
A new stage which simply denies access. This can be used to conditionally deny access to users during a flow. Authorization flows for example required an authenticated user, but there was no previous way to block access for un-authenticated users.
|
||||
|
||||
If you conditionally include this stage in a flow, make sure to disable "Evaluate on plan", as that will always include the stage in the flow, irregardless of the inputs.
|
||||
If you conditionally include this stage in a flow, make sure to disable "Evaluate on plan", as that will always include the stage in the flow, regardless of the inputs.
|
||||
|
||||
|
||||
## Fixed in 2021.3.2
|
||||
|
|
|
@ -115,4 +115,4 @@ The helm chart has been rewritten by [@dirtycajunrice](https://github.com/dirtyc
|
|||
|
||||
Please upgrade to the new chart using values from [ArtifactHub](https://artifacthub.io/packages/helm/goauthentik/authentik).
|
||||
|
||||
The old repository will stil exist for backwards-compatibility.
|
||||
The old repository will still exist for backwards-compatibility.
|
||||
|
|
|
@ -11,7 +11,7 @@ slug: "2021.7"
|
|||
|
||||
Currently, only SSL on port 636 is supported, not StartTLS.
|
||||
|
||||
- Add bundeled docs
|
||||
- Add bundled docs
|
||||
|
||||
You can now browse the authentik docs for your version by browsing to `/help`. This means you don't have to rely on an
|
||||
internet connection to check the docs, and you also have the correct docs for your currently running version.
|
||||
|
|
|
@ -46,7 +46,7 @@ slug: "2021.8"
|
|||
- core: handle error when ?for_user is not numberical
|
||||
- lib: move id and key generators to lib (#1286)
|
||||
- lifecycle: rename to ak
|
||||
- outpost: handle non-existant permission
|
||||
- outpost: handle non-existent permission
|
||||
- outpost: add recursion limit for docker controller
|
||||
- outpost: add repair_permissions command
|
||||
- root: add alias for akflow files
|
||||
|
|
|
@ -7,7 +7,7 @@ slug: "2021.9"
|
|||
|
||||
- Split user interface
|
||||
|
||||
This release splits the administration interface from the end-user interface. This makes things clearer for end-users, as all their options are layed out more clearly.
|
||||
This release splits the administration interface from the end-user interface. This makes things clearer for end-users, as all their options are laid out more clearly.
|
||||
|
||||
Additionally, the new end-user interface will be more customisable than the admin interface, allowing Administrators to configure what their users can see.
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ Property Mappings allow you to make information available for external applicati
|
|||
|
||||
### Outpost
|
||||
|
||||
An outpost is a separate component of authentik, which can be deployed anywhere, irregardless of the authentik deployment. The outpost offers services that aren't implemented directly into the authentik core, like Reverse Proxying.
|
||||
An outpost is a separate component of authentik, which can be deployed anywhere, regardless of the authentik deployment. The outpost offers services that aren't implemented directly into the authentik core, like Reverse Proxying.
|
||||
|
||||
Currently there is only a reverse-proxy outpost, in the future there will be more different outpost types.
|
||||
|
||||
|
|
Reference in a new issue