move path config into paths. object

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-12-25 19:35:44 +01:00
parent ee75357059
commit ae0d28abde
No known key found for this signature in database
12 changed files with 33 additions and 29 deletions

View file

@ -131,10 +131,10 @@ RUN apt-get update && \
apt-get clean && \
rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/ && \
adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && \
mkdir -p /certs /media /blueprints && \
mkdir -p /data/certs /data/media /data/blueprints && \
mkdir -p /authentik/.ssh && \
mkdir -p /ak-root && \
chown authentik:authentik /certs /media /authentik/.ssh /ak-root
chown authentik:authentik /data/certs /data/media /authentik/.ssh /ak-root
COPY ./authentik/ /ak-root/authentik
COPY ./pyproject.toml /ak-root
@ -143,7 +143,7 @@ COPY ./schemas /ak-root/schemas
COPY ./locale /ak-root/locale
COPY ./tests /ak-root/tests
COPY ./manage.py /ak-root/
COPY ./blueprints /blueprints
COPY ./blueprints /data/blueprints
COPY ./lifecycle/ /ak-root/lifecycle
COPY --from=go-builder /go/authentik /bin/authentik
COPY --from=python-deps /ak-root/venv /ak-root/venv
@ -151,7 +151,7 @@ COPY --from=python-deps /work/venv /ak-root/venv
COPY --from=web-builder /work/web/dist/ /ak-root/web/dist/
COPY --from=web-builder /work/web/authentik/ /ak-root/web/authentik/
COPY --from=website-builder /work/website/help/ /ak-root/website/help/
COPY --from=geoip /usr/share/GeoIP /ak-root/geoip
COPY --from=geoip /usr/share/GeoIP /data/geoip
USER 1000

View file

@ -30,7 +30,7 @@ def check_blueprint_v1_file(BlueprintInstance: type, path: Path):
return
blueprint_file.seek(0)
instance: BlueprintInstance = BlueprintInstance.objects.filter(path=path).first()
rel_path = path.relative_to(Path(CONFIG.get("blueprints_dir")))
rel_path = path.relative_to(Path(CONFIG.get("paths.blueprints")))
meta = None
if metadata:
meta = from_dict(BlueprintMetadata, metadata)
@ -55,7 +55,7 @@ def migration_blueprint_import(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
Flow = apps.get_model("authentik_flows", "Flow")
db_alias = schema_editor.connection.alias
for file in glob(f"{CONFIG.get('blueprints_dir')}/**/*.yaml", recursive=True):
for file in glob(f"{CONFIG.get('paths.blueprints')}/**/*.yaml", recursive=True):
check_blueprint_v1_file(BlueprintInstance, Path(file))
for blueprint in BlueprintInstance.objects.using(db_alias).all():

View file

@ -82,7 +82,7 @@ class BlueprintInstance(SerializerModel, ManagedModel, CreatedUpdatedModel):
def retrieve_file(self) -> str:
"""Get blueprint from path"""
try:
base = Path(CONFIG.get("blueprints_dir"))
base = Path(CONFIG.get("paths.blueprints"))
full_path = base.joinpath(Path(self.path)).resolve()
if not str(full_path).startswith(str(base.resolve())):
raise BlueprintRetrievalFailed("Invalid blueprint path")

View file

@ -19,7 +19,7 @@ class TestBlueprintsV1API(APITestCase):
self.user = create_test_admin_user()
self.client.force_login(self.user)
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_api_available(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:

View file

@ -16,7 +16,7 @@ TMP = mkdtemp("authentik-blueprints")
class TestBlueprintsV1Tasks(TransactionTestCase):
"""Test Blueprints v1 Tasks"""
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_invalid_file_syntax(self):
"""Test syntactically invalid file"""
with NamedTemporaryFile(suffix=".yaml", dir=TMP) as file:
@ -25,7 +25,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
blueprints = blueprints_find()
self.assertEqual(blueprints, [])
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_invalid_file_version(self):
"""Test invalid file"""
with NamedTemporaryFile(suffix=".yaml", dir=TMP) as file:
@ -34,7 +34,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
blueprints = blueprints_find()
self.assertEqual(blueprints, [])
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_valid(self):
"""Test valid file"""
blueprint_id = generate_id()
@ -64,7 +64,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
},
)
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_valid_updated(self):
"""Test valid file"""
BlueprintInstance.objects.filter(name="foo").delete()
@ -123,7 +123,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
},
)
@CONFIG.patch("blueprints_dir", TMP)
@CONFIG.patch("paths.blueprints", TMP)
def test_valid_disabled(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:

View file

@ -62,7 +62,7 @@ def start_blueprint_watcher():
if _file_watcher_started:
return
observer = Observer()
observer.schedule(BlueprintEventHandler(), CONFIG.get("blueprints_dir"), recursive=True)
observer.schedule(BlueprintEventHandler(), CONFIG.get("paths.blueprints"), recursive=True)
observer.start()
_file_watcher_started = True
@ -75,7 +75,7 @@ class BlueprintEventHandler(FileSystemEventHandler):
return
if event.is_directory:
return
root = Path(CONFIG.get("blueprints_dir")).absolute()
root = Path(CONFIG.get("paths.blueprints")).absolute()
path = Path(event.src_path).absolute()
rel_path = str(path.relative_to(root))
if isinstance(event, FileCreatedEvent):
@ -101,7 +101,7 @@ def blueprints_find_dict():
def blueprints_find() -> list[BlueprintFile]:
"""Find blueprints and return valid ones"""
blueprints = []
root = Path(CONFIG.get("blueprints_dir"))
root = Path(CONFIG.get("paths.blueprints"))
for path in root.rglob("**/*.yaml"):
rel_path = path.relative_to(root)
# Check if any part in the path starts with a dot and assume a hidden file

View file

@ -46,7 +46,7 @@ def certificate_discovery(self: MonitoredTask):
certs = {}
private_keys = {}
discovered = 0
for file in glob(CONFIG.get("cert_discovery_dir") + "/**", recursive=True):
for file in glob(CONFIG.get("path.cert_discovery") + "/**", recursive=True):
path = Path(file)
if not path.exists():
continue

View file

@ -265,7 +265,7 @@ class TestCrypto(APITestCase):
_cert.write(builder.certificate)
with open(f"{temp_dir}/foo.bar/privkey.pem", "w+", encoding="utf-8") as _key:
_key.write(builder.private_key)
with CONFIG.patch("cert_discovery_dir", temp_dir):
with CONFIG.patch("path.cert_discovery", temp_dir):
certificate_discovery() # pylint: disable=no-value-for-parameter
keypair: CertificateKeyPair = CertificateKeyPair.objects.filter(
managed=MANAGED_DISCOVERED % "foo"

View file

@ -54,7 +54,10 @@ cache:
# url: ""
paths:
media: ./media
media: /data/media
cert_discovery: /data/certs
email_templates: /data/email-templates
blueprints: /data/blueprints
debug: false
remote_debug: false
@ -78,7 +81,6 @@ email:
use_ssl: false
timeout: 10
from: authentik@localhost
template_dir: /templates
throttle:
providers:
@ -110,8 +112,8 @@ disable_startup_analytics: false
avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar,initials
events:
context_processors:
geoip: "/ak-root/geoip/GeoLite2-City.mmdb"
asn: "/ak-root/geoip/GeoLite2-ASN.mmdb"
geoip: "/data/geoip/GeoLite2-City.mmdb"
asn: "/data/geoip/GeoLite2-ASN.mmdb"
footer_links: []
@ -120,12 +122,9 @@ default_user_change_email: false
default_user_change_username: false
gdpr_compliance: true
cert_discovery_dir: /certs
default_token_length: 60
impersonation: true
blueprints_dir: /blueprints
web:
# No default here as it's set dynamically
# workers: 2

View file

@ -237,7 +237,7 @@ ROOT_URLCONF = "authentik.root.urls"
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"DIRS": [CONFIG.get("email.template_dir")],
"DIRS": [CONFIG.get("paths.email_templates")],
"APP_DIRS": True,
"OPTIONS": {
"context_processors": [

View file

@ -34,7 +34,7 @@ class PytestTestRunner(DiscoverRunner): # pragma: no cover
CONFIG.set("avatars", "none")
CONFIG.set("events.context_processors.geoip", "tests/GeoLite2-City-Test.mmdb")
CONFIG.set("events.context_processors.asn", "tests/GeoLite2-ASN-Test.mmdb")
CONFIG.set("blueprints_dir", "./blueprints")
CONFIG.set("paths.blueprints", "./blueprints")
CONFIG.set(
"outposts.container_image_base",
f"ghcr.io/goauthentik/dev-%(type)s:{get_docker_tag()}",

View file

@ -15,8 +15,13 @@ with open("local.env.yml", "w", encoding="utf-8") as _config:
"outposts": {
"container_image_base": "ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s",
},
"blueprints_dir": "./blueprints",
"cert_discovery_dir": "./certs",
"paths.blueprints": "./blueprints",
"paths": {
"cert_discovery": "./data/certs",
"media": "./data/media",
"email_templates": "./data/email-templates",
"blueprints": "./blueprints",
},
"events": {
"processors": {
"geoip": "tests/GeoLite2-City-Test.mmdb",