internal: fix race conditions when accessing settings before bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
d5703dce39
commit
85640d402f
|
@ -56,6 +56,7 @@ outposts:
|
||||||
# %(build_hash)s: Build hash if you're running a beta version
|
# %(build_hash)s: Build hash if you're running a beta version
|
||||||
container_image_base: ghcr.io/goauthentik/%(type)s:%(version)s
|
container_image_base: ghcr.io/goauthentik/%(type)s:%(version)s
|
||||||
discover: true
|
discover: true
|
||||||
|
disable_embedded_outpost: false
|
||||||
|
|
||||||
ldap:
|
ldap:
|
||||||
tls:
|
tls:
|
||||||
|
|
|
@ -61,7 +61,7 @@ func main() {
|
||||||
g := gounicorn.NewGoUnicorn()
|
g := gounicorn.NewGoUnicorn()
|
||||||
ws := web.NewWebServer(g)
|
ws := web.NewWebServer(g)
|
||||||
g.HealthyCallback = func() {
|
g.HealthyCallback = func() {
|
||||||
if !config.Get().DisableEmbeddedOutpost {
|
if !config.Get().Outposts.DisableEmbeddedOutpost {
|
||||||
go attemptProxyStart(ws, u)
|
go attemptProxyStart(ws, u)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
1
go.mod
1
go.mod
|
@ -16,7 +16,6 @@ require (
|
||||||
github.com/gorilla/securecookie v1.1.1
|
github.com/gorilla/securecookie v1.1.1
|
||||||
github.com/gorilla/sessions v1.2.1
|
github.com/gorilla/sessions v1.2.1
|
||||||
github.com/gorilla/websocket v1.5.0
|
github.com/gorilla/websocket v1.5.0
|
||||||
github.com/imdario/mergo v0.3.13
|
|
||||||
github.com/jellydator/ttlcache/v3 v3.0.0
|
github.com/jellydator/ttlcache/v3 v3.0.0
|
||||||
github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
|
github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
|
||||||
github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba
|
github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba
|
||||||
|
|
3
go.sum
3
go.sum
|
@ -221,8 +221,6 @@ github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/ad
|
||||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||||
github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
|
|
||||||
github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
|
|
||||||
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
|
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
|
||||||
github.com/jellydator/ttlcache/v3 v3.0.0 h1:zmFhqrB/4sKiEiJHhtseJsNRE32IMVmJSs4++4gaQO4=
|
github.com/jellydator/ttlcache/v3 v3.0.0 h1:zmFhqrB/4sKiEiJHhtseJsNRE32IMVmJSs4++4gaQO4=
|
||||||
github.com/jellydator/ttlcache/v3 v3.0.0/go.mod h1:WwTaEmcXQ3MTjOm4bsZoDFiCu/hMvNWLO1w67RXz6h4=
|
github.com/jellydator/ttlcache/v3 v3.0.0/go.mod h1:WwTaEmcXQ3MTjOm4bsZoDFiCu/hMvNWLO1w67RXz6h4=
|
||||||
|
@ -675,7 +673,6 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
|
||||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
|
|
@ -9,7 +9,6 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
env "github.com/Netflix/go-env"
|
env "github.com/Netflix/go-env"
|
||||||
"github.com/imdario/mergo"
|
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
)
|
)
|
||||||
|
@ -18,8 +17,9 @@ var cfg *Config
|
||||||
|
|
||||||
func Get() *Config {
|
func Get() *Config {
|
||||||
if cfg == nil {
|
if cfg == nil {
|
||||||
cfg = defaultConfig()
|
c := defaultConfig()
|
||||||
cfg.Setup()
|
c.Setup()
|
||||||
|
cfg = c
|
||||||
}
|
}
|
||||||
return cfg
|
return cfg
|
||||||
}
|
}
|
||||||
|
@ -28,10 +28,12 @@ func defaultConfig() *Config {
|
||||||
return &Config{
|
return &Config{
|
||||||
Debug: false,
|
Debug: false,
|
||||||
Listen: ListenConfig{
|
Listen: ListenConfig{
|
||||||
HTTP: "localhost:9000",
|
HTTP: "0.0.0.0:9000",
|
||||||
HTTPS: "localhost:9443",
|
HTTPS: "0.0.0.0:9443",
|
||||||
LDAP: "localhost:3389",
|
LDAP: "0.0.0.0:3389",
|
||||||
LDAPS: "localhost:6636",
|
LDAPS: "0.0.0.0:6636",
|
||||||
|
Metrics: "0.0.0.0:9300",
|
||||||
|
Debug: "0.0.0.0:9900",
|
||||||
},
|
},
|
||||||
Paths: PathsConfig{
|
Paths: PathsConfig{
|
||||||
Media: "./media",
|
Media: "./media",
|
||||||
|
@ -64,28 +66,20 @@ func (c *Config) LoadConfig(path string) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Failed to load config file: %w", err)
|
return fmt.Errorf("Failed to load config file: %w", err)
|
||||||
}
|
}
|
||||||
nc := Config{}
|
err = yaml.Unmarshal(raw, c)
|
||||||
err = yaml.Unmarshal(raw, &nc)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Failed to parse YAML: %w", err)
|
return fmt.Errorf("Failed to parse YAML: %w", err)
|
||||||
}
|
}
|
||||||
if err := mergo.Merge(c, nc, mergo.WithOverride); err != nil {
|
|
||||||
return fmt.Errorf("failed to overlay config: %w", err)
|
|
||||||
}
|
|
||||||
c.walkScheme(c)
|
c.walkScheme(c)
|
||||||
log.WithField("path", path).Debug("Loaded config")
|
log.WithField("path", path).Debug("Loaded config")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) fromEnv() error {
|
func (c *Config) fromEnv() error {
|
||||||
nc := Config{}
|
_, err := env.UnmarshalFromEnviron(c)
|
||||||
_, err := env.UnmarshalFromEnviron(&nc)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to load environment variables: %w", err)
|
return fmt.Errorf("failed to load environment variables: %w", err)
|
||||||
}
|
}
|
||||||
if err := mergo.Merge(c, nc, mergo.WithOverride); err != nil {
|
|
||||||
return fmt.Errorf("failed to overlay config: %w", err)
|
|
||||||
}
|
|
||||||
c.walkScheme(c)
|
c.walkScheme(c)
|
||||||
log.Debug("Loaded config from environment")
|
log.Debug("Loaded config from environment")
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
package config
|
package config
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG"`
|
Debug bool `yaml:"debug" env:"AUTHENTIK_DEBUG"`
|
||||||
SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY"`
|
SecretKey string `yaml:"secret_key" env:"AUTHENTIK_SECRET_KEY"`
|
||||||
Listen ListenConfig `yaml:"listen"`
|
Listen ListenConfig `yaml:"listen"`
|
||||||
Paths PathsConfig `yaml:"paths"`
|
Paths PathsConfig `yaml:"paths"`
|
||||||
LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL"`
|
LogLevel string `yaml:"log_level" env:"AUTHENTIK_LOG_LEVEL"`
|
||||||
ErrorReporting ErrorReportingConfig `yaml:"error_reporting"`
|
ErrorReporting ErrorReportingConfig `yaml:"error_reporting"`
|
||||||
Redis RedisConfig `yaml:"redis"`
|
Redis RedisConfig `yaml:"redis"`
|
||||||
DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"AUTHENTIK_WEB__DISABLE_EMBEDDED_OUTPOST"`
|
Outposts OutpostConfig `yaml:"outposts" `
|
||||||
}
|
}
|
||||||
|
|
||||||
type RedisConfig struct {
|
type RedisConfig struct {
|
||||||
|
@ -30,10 +30,10 @@ type RedisConfig struct {
|
||||||
type ListenConfig struct {
|
type ListenConfig struct {
|
||||||
HTTP string `yaml:"listen_http" env:"AUTHENTIK_LISTEN__HTTP"`
|
HTTP string `yaml:"listen_http" env:"AUTHENTIK_LISTEN__HTTP"`
|
||||||
HTTPS string `yaml:"listen_https" env:"AUTHENTIK_LISTEN__HTTPS"`
|
HTTPS string `yaml:"listen_https" env:"AUTHENTIK_LISTEN__HTTPS"`
|
||||||
LDAP string `yaml:"listen_ldap" env:"AUTHENTIK_LISTEN__LDAP,default=0.0.0.0:3389"`
|
LDAP string `yaml:"listen_ldap" env:"AUTHENTIK_LISTEN__LDAP"`
|
||||||
LDAPS string `yaml:"listen_ldaps" env:"AUTHENTIK_LISTEN__LDAPS,default=0.0.0.0:6636"`
|
LDAPS string `yaml:"listen_ldaps" env:"AUTHENTIK_LISTEN__LDAPS"`
|
||||||
Metrics string `yaml:"listen_metrics" env:"AUTHENTIK_LISTEN__METRICS,default=0.0.0.0:9300"`
|
Metrics string `yaml:"listen_metrics" env:"AUTHENTIK_LISTEN__METRICS"`
|
||||||
Debug string `yaml:"listen_debug" env:"AUTHENTIK_LISTEN__DEBUG,default=0.0.0.0:9900"`
|
Debug string `yaml:"listen_debug" env:"AUTHENTIK_LISTEN__DEBUG"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type PathsConfig struct {
|
type PathsConfig struct {
|
||||||
|
@ -47,3 +47,9 @@ type ErrorReportingConfig struct {
|
||||||
DSN string
|
DSN string
|
||||||
SampleRate float64 `yaml:"sample_rate" env:"AUTHENTIK_ERROR_REPORTING__SAMPLE_RATE"`
|
SampleRate float64 `yaml:"sample_rate" env:"AUTHENTIK_ERROR_REPORTING__SAMPLE_RATE"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type OutpostConfig struct {
|
||||||
|
ContainerImageBase string `yaml:"container_image_base" env:"AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE"`
|
||||||
|
Discover bool `yaml:"discover" env:"AUTHENTIK_OUTPOSTS__DISCOVER"`
|
||||||
|
DisableEmbeddedOutpost bool `yaml:"disable_embedded_outpost" env:"AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST"`
|
||||||
|
}
|
||||||
|
|
Reference in a new issue