Jens L
320a600349
root: migrate pipenv to poetry ( #1995 )
2021-12-24 23:25:38 +01:00
Jens Langhammer
741822424a
Merge branch 'master' into version-2021.12
2021-12-16 15:48:53 +01:00
Jens Langhammer
f410a77010
lifecycle: add -Ofair to celery
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 16:44:09 +01:00
Jens Langhammer
5914bbf173
Merge branch 'master' into version-2021.12
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
2021-12-13 10:54:21 +01:00
Jens Langhammer
552ddda909
lifecycle: use custom worker class
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 19:55:09 +01:00
Jens Langhammer
ee0ddc3d17
Merge branch 'master' into version-2021.12
2021-12-09 13:23:28 +01:00
Jens Langhammer
5dd979d66c
root: add flower entrypoint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 11:38:57 +01:00
Jens Langhammer
f8a6aa3250
root: fix missing certs directly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-04 20:06:02 +01:00
Jens Langhammer
572f6d4ea0
crypto: add certificate discovery to automatically import certificates from lets encrypt
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1835
2021-12-03 18:27:36 +01:00
Jens Langhammer
39acb044fb
lifecycle: allow custom worker count in k8s
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:27:55 +01:00
Jens L
ef994e0084
lifecycle: improve redis connection debug py printing full URL
2021-11-25 13:44:42 +01:00
Jens L
e1ef196283
core: remove dump_config, handle directly in config loader without booting django, don't check database
2021-11-25 13:38:31 +01:00
Jens Langhammer
61621e7d60
lifecycle: improve backup restore by dropping database before
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-20 00:32:24 +01:00
Jens Langhammer
cf5e70c759
lifecycle: revert to non-h11 worker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:16:10 +01:00
Jens Langhammer
9679be39fa
lifecycle: bump celery healthcheck to 5s timeout
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1627
2021-10-16 14:28:05 +02:00
Jens Langhammer
98907ec889
root: remove structlog.processors.format_exc_info for new structlog version
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 09:42:49 +02:00
Jens Langhammer
48f96ea55f
lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 14:44:32 +02:00
Jens Langhammer
6c603cdf80
internal: add internal healthchecking to prevent websocket errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:21:14 +02:00
Jens Langhammer
e8420957b1
lifecycle: fix syntax error in ak wrapper
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 21:03:54 +02:00
Jens Langhammer
aee58c8d53
root: add docker-native healthcheck for web and celery
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:45:18 +02:00
Jens Langhammer
e22a286a6f
lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 23:14:16 +02:00
Jens Langhammer
9778050dda
lifecycle: switch to h11 uvicorn worker for now
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:03:08 +02:00
Jens Langhammer
8e59b06611
lifecycle: migrate to gunicorn instead of runserver
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 17:54:23 +02:00
Jens Langhammer
c5cf17b60b
lifecycle: fix worker startup error when docker socket's group is not called docker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:24:35 +02:00
Jens Langhammer
52f2838f57
lifecycle: rename to ak
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:54:02 +02:00
Jens Langhammer
229468175a
lifecycle: fix error in gunicorn config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 01:07:50 +02:00
Jens Langhammer
4cd3466e56
root: ignore known warnings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:27:29 +02:00
Jens Langhammer
919946609d
web/elements: add separate flag for chips when checkboxes are enabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 10:16:13 +02:00
Jens Langhammer
13a8ad3126
lifecycle: decrease default worker count on compose
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 09:37:14 +02:00
Jens Langhammer
77ed25ae34
root: reformat to 100 line width
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:45:16 +02:00
Jens Langhammer
89fafff0af
lifecycle: fix postgresql port not being passed for migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-16 12:04:36 +02:00
Starz0r
a5bb583268
root: optional TLS support on redis connections ( #1147 )
...
* root: optional TLS support on redis connections
* root: don't use f-strings when not interpolating variables
* root: use f-string in redis protocol prefix interpolation
* root: glaring typo
* formatting
* small formatting change I missed
* root: swap around default redis protocol prefixes
2021-07-15 11:48:52 +02:00
Starz0r
5cfbb0993a
Allow for Configurable Redis Port ( #1124 )
...
* root: make redis port configurable
* root: parse redis port from config as an integer
* code formatting
* lifecycle: truncate line under 100 chars
* lifecycle: incorrect indenting on newline
2021-07-12 11:01:41 +02:00
Jens Langhammer
b73de96aa6
lifecycle: fix permissions for unittest xml
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 16:03:51 +02:00
Jens Langhammer
4ee2f951da
lifecycle: fix check_if_root not working without docker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:56:12 +02:00
Jens Langhammer
01c5235e82
ci: use bootstrap for testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:54:47 +02:00
Jens Langhammer
20493252e2
lifecycle: fix custom port not being set for postgres healthcheck
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 10:59:48 +02:00
Jens Langhammer
c1c55a6005
lifecycle: fix permission error with local docker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 20:47:05 +02:00
Jens Langhammer
634ea61b50
lifecycle: check if group of docker socket exists
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 00:50:20 +02:00
Jens Langhammer
934e62d5be
lifecycle: fix error when worker is not running as root
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 22:55:35 +02:00
Jens Langhammer
72e41c03f5
lifecycle: run worker as root and drop perms later to fix docker permission issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:11:49 +02:00
Jens Langhammer
f072c600cc
lifecycle: use URl for redis on startup to prevent errors with no paswords
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:13:58 +02:00
Jens Langhammer
ca5761652c
lifecycle: show errors when initial db check fails
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:15:01 +02:00
Jens Langhammer
8a666535a8
website/docs: update container explanation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:49:21 +02:00
Jens Langhammer
988cf15b71
root: initial go proxy, update compose and helm
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:39:09 +02:00
Jens Langhammer
7b8e5c4272
root: auto-migrate on startup, lock database using pg_advisory_lock
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:47:50 +02:00
Jens Langhammer
5627848fad
lifecycle: allow adjustment of worker cores
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:20:27 +02:00
Jens Langhammer
4054e6da8c
helm: don't automount Service token when integration is not enabled, improve k8s detection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 16:16:17 +02:00
Jens L
8708e487ae
stages: add WebAuthn stage ( #550 )
...
* core: add User.uid for globally unique user ID
* admin: fix ?next for Flow list
* stages: add initial webauthn implementation
* web: add ak-flow-submit event to submit flow stage
* web: show error message for webauthn registration
* admin: fix next param not redirecting correctly
* stages/webauthn: remove form
* stages/webauthn: add API
* web: update flow diagram on ak-refresh
* stages/webauthn: add initial authentication
* stages/webauthn: initial authentication implementation
* web: cleanup webauthn utils
* stages: rename otp_* to authenticator and move webauthn to authenticator
* docs: fix broken links
* stages/authenticator_*: fix template paths
* stages/authenticator_validate: add device classes
* stages/authenticator_webauthn: implement django_otp.devices
* stages/authenticator_*: update default stage names
* web: add button to create stage on flow page
* web: don't minify HTML, remove nbsp
* admin: fix typo in stage list
* stages/*: use common base class for stage serializer
* stages/authenticator_*: create default objects after rename
* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
Jens Langhammer
bfe8bb5e61
lifecycle: fix typo causing single process in docker-compose
2021-01-27 10:13:23 +01:00