Commit Graph

242 Commits

Author SHA1 Message Date
Jens Langhammer 15026748d1
security: fix CVE-2023-36456
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

# Conflicts:
#	website/sidebars.js
2023-07-06 18:15:46 +02:00
Tana M Berry 8356ceaead
website/docs: added info about how to upgrade (#5589)
added info about how to upgrade

Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-05-12 10:25:26 -05:00
risson 7265a56f05
root: switch sentry dsn to our relay (#5494)
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-05-11 15:24:38 +02:00
Jens L 3704f4ccf4
core: disallow username and email changes by default (#5571)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:57:57 +02:00
Bardi Harborow 5c8f024d12
website: add documentation for AUTHENTIK_REDIS__TLS (#5349)
* website: add documentation for AUTHENTIK_REDIS__TLS

Signed-off-by: Bardi Harborow <bardi@bardiharborow.com>

* add tls reqs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Bardi Harborow <bardi@bardiharborow.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-23 11:37:53 +03:00
Jens L d4e502fdf5
ci: bump setup-node version (#5340)
* ci: bump setup-node version

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* set skip-pkg-cache

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix failing codeQL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix airgapped avatars

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 15:45:41 +03:00
Bojan Bogojevic 05b2fb5ec1
root: Change docker-compose HTTP and HTTPS port variables (#5335)
* Clarify that COMPOSE_PORT_ changes exposed ports

Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>

* Change AUTHENTIK_PORT to COMPOSE_PORT 

Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>

* Change AUTHENTIK_PORT to COMPOSE_PORT 

Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>

* Add hint to Configuration for internal ports

Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>

* dont use different env syntaxes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add changelog entry

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 14:54:40 +03:00
Tana M Berry 3ab9ee5acc
website/docs: separate docker steps (#5246)
* separated steps for macs

* fixed formatting

* fixed formatting harder

* two passwords

* tweaks

* separated error logging step

* comments in wrong place

---------

Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-04-14 17:04:09 -05:00
Ongy adcd11b1f8
core: extend postgres configuration (#5138)
Add postgres configuration options to control
TLS verification and client certificates.
2023-04-02 17:39:36 +02:00
Tana M Berry cafff808ab
website/docs: "productive" to "production" term change and version info (#5010)
* production site change and version info

* changed future tense to present tense

* fixed section about .env file

* removed code block with port info

---------

Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local>
2023-03-21 09:04:50 -05:00
Tana M Berry bbdb0df42e
website/docs: capitalization and clarifications (#4948)
* capitalization and clarifications

* minor edits

* Update website/docs/installation/docker-compose.md

Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/installation/docker-compose.md

Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local>
Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 11:19:03 -05:00
Jens L 596ff529c4
core: bootstrap email (#4788) 2023-02-26 17:02:45 +01:00
sdimovv b69e55eae9
core: Add support for auto generating unique avatars based on the user's initials (#4663) 2023-02-12 16:35:17 +01:00
Jens L 98485c528e
ci: build beta for amd64 and arm64 (#4468)
* ci: build for arm64, but independently

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add notice to beta

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 21:41:56 +01:00
Jens Langhammer 07767c9376
website/docs: add disclaimer to beta page that downgrade isn't supported
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-16 10:44:42 +01:00
Jens L cd12e177ea
providers/proxy: add initial header token auth (#4421)
* initial implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check for openid/profile claims

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include jwks sources in proxy provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add web ui for jwks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only show sources with JWKS data configured

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix introspection tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start basic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add basic auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs, update admonitions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add client_id to api, add tab for auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
Jens Langhammer d3e2f41561
website/docs: fix typo
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 13:13:41 +01:00
Jens Langhammer bec538c543
sources/ldap: make task timeout adjustable
closes #4375

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 12:37:59 +01:00
Jens Langhammer 1efc7eecbf
website/docs: add metrics for monitoring and metrics
closes #4308

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 20:49:35 +01:00
Jens Langhammer 42c278b4f8
root: migrate to hosted sentry with rate-limited DSN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:18:26 +01:00
Jens L f4990bb5da
core: bundle geoip (#4250)
* bundle geoip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly pass secrets

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add geoip docs and release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-20 22:09:30 +01:00
Jens Langhammer 3418943949 root: allow custom settings via python module
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-15 10:59:14 +01:00
Jens L 276af8457d
root: make sentry DSN configurable (#4016)
* make sentry DSN configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make proxy smarter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix typo in config struct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:29 +01:00
Jens L 55aa1897af
root: use single redis db (#4009)
* use single redis db

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ensure __str__ always returns string

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix remaining old prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 14:31:29 +01:00
Philipp Kolberg 2980c5884f
root: Add setting to adjust database config for pgbouncer (#3769)
* Add setting to adjust database config for pgbouncer

* docker-compose.yml cleanup

Delete pgbouncer setting as false is the default value

* Cleanup docker-compose.yml

Also remove use_pgbouncer option in server section
2022-10-14 11:53:24 +02:00
Jens L cca0f60bda
root: decrease default token size to 60 chars for compatibility (#3710)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2614
2022-09-30 23:12:51 +02:00
Jens Langhammer 32c80467b6 website/docs: update log level warning phrasing 2022-09-29 09:52:48 +00:00
Jens Langhammer 74c5a5b4c1 website/docs: add warning to trace log level 2022-09-29 09:27:35 +00:00
Riccardo Di Maio bba21d2b85
website/docs: Fix typo (#3641)
Signed-off-by: Riccardo Di Maio <35903974+rdimaio@users.noreply.github.com>

Signed-off-by: Riccardo Di Maio <35903974+rdimaio@users.noreply.github.com>
2022-09-25 11:44:41 +02:00
Jens L b16a3d5697
internal: use config system for workers/threads, document the settings (#3626)
use config system for workers/threads, document the settings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-21 09:59:03 +02:00
Stavros Kois d0a69557d4
website/docs: explain LISTEN envs better (#3532)
From a recent adventure discovered that this env's define `address:port` not just `port`.
If you define only `port` it will error out with `"error":"listen tcp: address 9000: missing port in address"`

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
2022-09-05 20:37:11 +02:00
Jens L 2ce8e18bab
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3360

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 21:33:27 +02:00
Jens L d4b8dd7fcc
ci: comment on PR with instructions on how to use branch (#3333)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 21:22:27 +02:00
Jens Langhammer de26c65fa0 core: add attributes. avatar method to allow custom uploaded avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2631
2022-07-26 21:42:41 +02:00
Jens Langhammer a9636b5727 website/docs: fix configuration item headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 13:01:40 +02:00
Jens Langhammer 1c64616ebd sources/ldap: add configuration for LDAP Source ciphers
closes #3110

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:53:49 +02:00
sev db07f564aa website/docs: expand nginx reverse-proxy setup (#3079)
* website/docs: expand nginx reverse-proxy setup

* website/docs: simplify reverse-proxy config

Combine location blocks and remove documentstion links, they were not doing much.
2022-06-29 15:02:59 +00:00
Jens L e17f7020e6
webiste/docs: use autogenerated pages and categories (#3102)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 20:56:27 +02:00
Jens L 7ee655a318
core: add bootstrap variables with authentik prefix for helm charts (#3031)
https://github.com/goauthentik/helm/pull/72
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 15:22:56 +02:00
Andre Mainka fa81adf254
website/docs: Add warning for timezone mounts (#3022)
Improve documentation: #3005
2022-06-02 14:02:01 +02:00
Jens L f9469e3f99
website: format docs with prettier (#2833)
* run prettier

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add scim to comparison

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-09 21:22:41 +02:00
Jens Langhammer 778065f468 core: add flag to globally disable impersonation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 16:52:55 +02:00
Chris Britt 6e5ac4bffc
website/docs: add missing redis port to configuration page (#2731)
Added the `AUTHENTIK_REDIS__PORT` to the documentation.
2022-04-17 16:40:00 +02:00
Jens Langhammer 957bb1c5ef core: make generated token length configurable
closes #2574

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:57:16 +02:00
Jens Langhammer 133528ee90 website/docs: add email sender name explanation
closes #2378

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-24 10:39:33 +01:00
Jens Langhammer 0da043a9fe outposts: make local discovery configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 17:27:41 +01:00
lyh16 6c880e0e62
website/docs: Enable 'secure' option for pwgen (#2260)
* Enable 'secure' option for pwgen

As per the [pwgen manual](https://linux.die.net/man/1/pwgen, "pwgen manual"), the "-s"(secure) option instructs pwgen to generate completely random passwords, where as the default for pwgen is to generate more memorable passwords. Since, the passwords generated in this part of the installation process are to be "remembered" by the dot env file, I believe that users may benefit from the additional entropy provided by the "-s" option in pwgen.

* Enable 'secure' option for pwgen
2022-02-08 12:24:29 +01:00
Jens L d5e04a2301
*: remove deprecated backup (#2129)
* *: remove backup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: final cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: use correct pyproject when migrating from stable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-05 18:54:15 +01:00
Daniel Thorpe 3189c56fc3
website/docs: default to upgrade with install flag set (#2234) 2022-02-04 22:36:34 +01:00
Jens Langhammer 2997542114 lib: disable backup by default, add note to configuration 2022-01-24 10:00:15 +00:00