trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,778 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

73 Commits

Author SHA1 Message Date
Jens L 320a600349
root: migrate pipenv to poetry (#1995) 2021-12-24 23:25:38 +01:00
Jens Langhammer 741822424a Merge branch 'master' into version-2021.12 2021-12-16 15:48:53 +01:00
Jens Langhammer f410a77010 lifecycle: add -Ofair to celery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-15 16:44:09 +01:00
Jens Langhammer 5914bbf173 Merge branch 'master' into version-2021.12 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Dockerfile
 2021-12-13 10:54:21 +01:00
Jens Langhammer 552ddda909 lifecycle: use custom worker class 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-11 19:55:09 +01:00
Jens Langhammer ee0ddc3d17 Merge branch 'master' into version-2021.12 2021-12-09 13:23:28 +01:00
Jens Langhammer 5dd979d66c root: add flower entrypoint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 11:38:57 +01:00
Jens Langhammer f8a6aa3250 root: fix missing certs directly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-04 20:06:02 +01:00
Jens Langhammer 572f6d4ea0 crypto: add certificate discovery to automatically import certificates from lets encrypt 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1835
 2021-12-03 18:27:36 +01:00
Jens Langhammer 39acb044fb lifecycle: allow custom worker count in k8s 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-29 14:27:55 +01:00
Jens L ef994e0084 lifecycle: improve redis connection debug py printing full URL 2021-11-25 13:44:42 +01:00
Jens L e1ef196283 core: remove dump_config, handle directly in config loader without booting django, don't check database 2021-11-25 13:38:31 +01:00
Jens Langhammer 61621e7d60 lifecycle: improve backup restore by dropping database before 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-20 00:32:24 +01:00
Jens Langhammer cf5e70c759 lifecycle: revert to non-h11 worker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-04 13:16:10 +01:00
Jens Langhammer 9679be39fa lifecycle: bump celery healthcheck to 5s timeout 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1627
 2021-10-16 14:28:05 +02:00
Jens Langhammer 98907ec889 root: remove structlog.processors.format_exc_info for new structlog version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-13 09:42:49 +02:00
Jens Langhammer 48f96ea55f lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-12 14:44:32 +02:00
Jens Langhammer 6c603cdf80 internal: add internal healthchecking to prevent websocket errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 22:21:14 +02:00
Jens Langhammer e8420957b1 lifecycle: fix syntax error in ak wrapper 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 21:03:54 +02:00
Jens Langhammer aee58c8d53 root: add docker-native healthcheck for web and celery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 20:45:18 +02:00
Jens Langhammer e22a286a6f lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 23:14:16 +02:00
Jens Langhammer 9778050dda lifecycle: switch to h11 uvicorn worker for now 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 18:03:08 +02:00
Jens Langhammer 8e59b06611 lifecycle: migrate to gunicorn instead of runserver 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 17:54:23 +02:00
Jens Langhammer c5cf17b60b lifecycle: fix worker startup error when docker socket's group is not called docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 15:24:35 +02:00
Jens Langhammer 52f2838f57 lifecycle: rename to ak 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:54:02 +02:00
Jens Langhammer 229468175a lifecycle: fix error in gunicorn config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 01:07:50 +02:00
Jens Langhammer 4cd3466e56 root: ignore known warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:27:29 +02:00
Jens Langhammer 919946609d web/elements: add separate flag for chips when checkboxes are enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 10:16:13 +02:00
Jens Langhammer 13a8ad3126 lifecycle: decrease default worker count on compose 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 09:37:14 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens Langhammer 89fafff0af lifecycle: fix postgresql port not being passed for migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-16 12:04:36 +02:00
Starz0r a5bb583268
root: optional TLS support on redis connections (#1147) 
* root: optional TLS support on redis connections

* root: don't use f-strings when not interpolating variables

* root: use f-string in redis protocol prefix interpolation

* root: glaring typo

* formatting

* small formatting change I missed

* root: swap around default redis protocol prefixes
 2021-07-15 11:48:52 +02:00
Starz0r 5cfbb0993a
Allow for Configurable Redis Port (#1124) 
* root: make redis port configurable

* root: parse redis port from config as an integer

* code formatting

* lifecycle: truncate line under 100 chars

* lifecycle: incorrect indenting on newline
 2021-07-12 11:01:41 +02:00
Jens Langhammer b73de96aa6 lifecycle: fix permissions for unittest xml 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 16:03:51 +02:00
Jens Langhammer 4ee2f951da lifecycle: fix check_if_root not working without docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 15:56:12 +02:00
Jens Langhammer 01c5235e82 ci: use bootstrap for testing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 15:54:47 +02:00
Jens Langhammer 20493252e2 lifecycle: fix custom port not being set for postgres healthcheck 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 10:59:48 +02:00
Jens Langhammer c1c55a6005 lifecycle: fix permission error with local docker 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-22 20:47:05 +02:00
Jens Langhammer 634ea61b50 lifecycle: check if group of docker socket exists 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 00:50:20 +02:00
Jens Langhammer 934e62d5be lifecycle: fix error when worker is not running as root 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 22:55:35 +02:00
Jens Langhammer 72e41c03f5 lifecycle: run worker as root and drop perms later to fix docker permission issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 20:11:49 +02:00
Jens Langhammer f072c600cc lifecycle: use URl for redis on startup to prevent errors with no paswords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 20:13:58 +02:00
Jens Langhammer ca5761652c lifecycle: show errors when initial db check fails 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 20:15:01 +02:00
Jens Langhammer 8a666535a8 website/docs: update container explanation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 17:49:21 +02:00
Jens Langhammer 988cf15b71 root: initial go proxy, update compose and helm 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 09:39:09 +02:00
Jens Langhammer 7b8e5c4272 root: auto-migrate on startup, lock database using pg_advisory_lock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 14:47:50 +02:00
Jens Langhammer 5627848fad lifecycle: allow adjustment of worker cores 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:20:27 +02:00
Jens Langhammer 4054e6da8c helm: don't automount Service token when integration is not enabled, improve k8s detection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 16:16:17 +02:00
Jens L 8708e487ae
stages: add WebAuthn stage (#550) 
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
 2021-02-17 20:49:58 +01:00
Jens Langhammer bfe8bb5e61 lifecycle: fix typo causing single process in docker-compose 2021-01-27 10:13:23 +01:00