trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

finalize RabbitMQ replacement, update debian package, remove redis tgz

This commit is contained in:
Jens Langhammer 2019-03-11 21:35:06 +01:00
parent cf7323c41b
commit 8d4dabde02
5 changed files with 77 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
debian/changelog vendored
View File

@ -1,3 +1,12 @@
passbook (0.1.16) stable; urgency=medium
* Replace redis with RabbitMQ
* updated debian package to suggest RabbitMQ
* update helm chart to require RabbitMQ
* fix invalid default config in debian package
-- Jens Langhammer <jens.langhammer@beryju.org> Mon, 11 Mar 2019 10:28:36 +0000
passbook (0.1.14) stable; urgency=medium passbook (0.1.14) stable; urgency=medium
* bump version: 0.1.11-beta -> 0.1.12-beta * bump version: 0.1.11-beta -> 0.1.12-beta

101
debian/etc/passbook/config.yml vendored
View File

@ -1,4 +1,3 @@
debug: false
http: http:
host: 0.0.0.0 host: 0.0.0.0
port: 8000 port: 8000
@ -8,37 +7,71 @@ log:
console: INFO console: INFO
file: DEBUG file: DEBUG
file: /var/log/passbook/passbook.log file: /var/log/passbook/passbook.log
# Error reporting, disabled by default debug: false
# error_report_enabled: true secure_proxy_header:
HTTP_X_FORWARDED_PROTO: https
rabbitmq: guest:guest@localhost/passbook
# Error reporting, sends stacktrace to sentry.services.beryju.org
error_report_enabled: true
# Set this to the server's external address. passbook:
# This is used to generate external URLs sign_up:
external_url: http://image.example.com # Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true
enabled: true
# This dictates how the Path is generated password_reset:
# can be either of: # Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true
# - view_sha512_short enabled: true
# - view_md5 # Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
# - view_sha256 verification:
# - view_sha512 - email
default_return_view: view_sha256 # Text used in title, on login page and multiple other places
branding: passbook
# Set this to true if you only want to use external authentication login:
external_auth_only: false # Override URL used for logo
logo_url: null
# If this is true, images are automatically claimed if the windows user exists # Override URL used for Background on Login page
# in django bg_url: null
auto_claim_enabled: true # Optionally add a subtext, placed below logo on the login page
subtext: null
# LDAP Authentication footer:
# ldap: links:
# enabled: false # Optionally add links to the footer on the login page
# server: # - name: test
# uri: 'ldap://dc1.example.com' # href: https://test
# tls: false # Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
# bind: uid_fields:
# dn: '' - username
# password: '' - email
# search_base: '' session:
# filter: '(sAMAccountName=%(user)s)' remember_age: 2592000 # 60 * 60 * 24 * 30, one month
# require_group: '' # Provider-specific settings
ldap:
# Which field from `uid_fields` maps to which LDAP Attribute
login_field_map:
username: sAMAccountName
email: mail # or userPrincipalName
user_attribute_map:
active_directory:
username: "%(sAMAccountName)s"
email: "%(mail)s"
name: "%(displayName)"
oauth_client:
# List of python packages with sources types to load.
types:
- passbook.oauth_client.source_types.discord
- passbook.oauth_client.source_types.facebook
- passbook.oauth_client.source_types.github
- passbook.oauth_client.source_types.google
- passbook.oauth_client.source_types.reddit
- passbook.oauth_client.source_types.supervisr
- passbook.oauth_client.source_types.twitter
saml_idp:
# List of python packages with provider types to load.
types:
- passbook.saml_idp.processors.generic
- passbook.saml_idp.processors.aws
- passbook.saml_idp.processors.gitlab
- passbook.saml_idp.processors.nextcloud
- passbook.saml_idp.processors.salesforce
- passbook.saml_idp.processors.shibboleth
- passbook.saml_idp.processors.wordpress_orange

BIN
helm/passbook/charts/redis-5.1.0.tgz
View File

Binary file not shown.

2
helm/passbook/templates/passbook-configmap.yaml
View File

@ -36,7 +36,7 @@ data:
debug: false debug: false
secure_proxy_header: secure_proxy_header:
HTTP_X_FORWARDED_PROTO: https HTTP_X_FORWARDED_PROTO: https
rabbitmq: "user:{{ .Values.rabbitmq.rabbitmq.password }}@{{ .Release.Name }}-rabbitmq-master" rabbitmq: "user:{{ .Values.rabbitmq.rabbitmq.password }}@{{ .Release.Name }}-rabbitmq"
# Error reporting, sends stacktrace to sentry.services.beryju.org # Error reporting, sends stacktrace to sentry.services.beryju.org
error_report_enabled: {{ .Values.config.error_reporting }} error_report_enabled: {{ .Values.config.error_reporting }}

5
passbook/lib/default.yml
View File

@ -62,11 +62,6 @@ passbook:
uid_fields: uid_fields:
- username - username
- email - email
# Factors to load
factors:
- passbook.core.auth.factors.backend
- passbook.core.auth.factors.dummy
- passbook.captcha_factor.factor
session: session:
remember_age: 2592000 # 60 * 60 * 24 * 30, one month remember_age: 2592000 # 60 * 60 * 24 * 30, one month
# Provider-specific settings # Provider-specific settings