Jens Langhammer
bf771f8b6c
release: 2021.8.5
2021-09-11 19:20:13 +02:00
Jens L
7158c9d2ea
core: metrics v2 ( #1370 )
...
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
Jens L
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
Jens Langhammer
276d8fe5cf
release: 2021.8.4
2021-09-02 20:21:21 +02:00
Jens Langhammer
d9a6ec2ac0
webiste/docs: update extensionvs/v1beta ingress
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-31 21:11:01 +02:00
Jens Langhammer
e872371970
website/docs: add embedded outpost docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 14:43:13 +02:00
Jens Langhammer
160139813d
release: 2021.8.3
2021-08-28 16:58:44 +02:00
Jens Langhammer
dc41d0af27
outposts: add configurable docker_network for outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:26:11 +02:00
Jens Langhammer
c4f72c2bc1
release: 2021.8.2
2021-08-26 17:58:20 +02:00
Jens Langhammer
897f6f3473
release: 2021.8.1
2021-08-26 16:03:45 +02:00
Jens Langhammer
4d27694706
release: 2021.8.1-rc2
2021-08-24 21:29:29 +02:00
Jens Langhammer
7639cdad0a
release: 2021.8.1-rc1
2021-08-22 20:17:35 +02:00
Jens Langhammer
18211a2033
release: 2021.7.3
2021-08-05 19:23:03 +02:00
Jens Langhammer
add7a80fdc
release: 2021.7.2
2021-08-01 19:11:50 +02:00
Jens Langhammer
e6b515e3f7
release: 2021.7.1
2021-07-27 10:35:45 +02:00
Jens Langhammer
3041a30193
release: 2021.7.1-rc2
2021-07-24 18:32:05 +02:00
Jens Langhammer
285a9b8b1d
website/docs: remove duplicate proxy docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 10:48:10 +02:00
Jens Langhammer
39ad9d7c9d
release: 2021.7.1-rc1
2021-07-21 10:44:40 +02:00
Toboshii Nakama
efa09d5e1d
providers/ldap: fix: Return user DN with virtual group ( #1142 )
...
* fix: incorrect ldap virtual group member DN
Signed-off-by: Toboshii Nakama <toboshii@gmail.com>
* fix: imports
Signed-off-by: Toboshii Nakama <toboshii@gmail.com>
2021-07-14 10:59:40 +00:00
Lukas Söder
7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. ( #1138 )
...
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.
The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.
The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.
I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.
* Add a 'fake' primary group for each user
* First attempt att adding config to interface
* Updated API to support new fields
* Refactor code, update documentation and remove obsolete comment
Simplify `GetRIDForGroup`, was a bit overcomplicated before.
Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User
Add proper support in the interface for changing gidNumber and uidNumber starting points
* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
Jens L
7dfc621ae4
LDAP Provider: TLS support ( #1137 )
2021-07-13 18:24:18 +02:00
Jens Langhammer
5e03b27348
website/docs: add note about logging out
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1113
2021-07-06 14:26:11 +02:00
Jens Langhammer
adc4cd9c0d
release: 2021.6.4
2021-07-05 16:59:29 +02:00
Jens Langhammer
ade8644da6
outposts/ldap: add support for boolean fields in ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-01 11:51:07 +02:00
Jens Langhammer
1e6c081e5c
website/docs: update forward_auth for nginx config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-29 20:32:49 +02:00
Jens Langhammer
680b182d95
release: 2021.6.3
2021-06-29 16:19:07 +02:00
Jens Langhammer
fe069c5e55
website/docs: fix use of escaped_request_uri in standalone nginx
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 19:51:55 +02:00
Jens Langhammer
31a58e2c25
release: 2021.6.2
2021-06-22 23:35:10 +02:00
Jens Langhammer
fe6963c428
release: 2021.6.1
2021-06-17 22:14:52 +02:00
Jens Langhammer
e0f48a30b7
release: 2021.6.1-rc6
2021-06-15 21:18:33 +02:00
Jens Langhammer
4e9be85353
website/docs: add docs for outpost configuration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 09:21:35 +02:00
Jens Langhammer
d78fda990a
release: 2021.6.1-rc5
2021-06-12 15:19:24 +02:00
Jens Langhammer
e25f6aea8c
release: 2021.6.1-rc4
2021-06-10 18:59:00 +02:00
Jens Langhammer
2c15ab9995
release: 2021.6.1-rc3
2021-06-10 18:04:59 +02:00
Jens Langhammer
6c985acb36
release: 2021.6.1-rc2
2021-06-10 14:10:47 +02:00
Jens Langhammer
f4a53c89ef
release: 2021.6.1-rc1
2021-06-09 11:01:14 +02:00
Jens L
dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain ( #971 )
...
* outposts: initial cookie domain implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add cookie domain setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: replace forward_auth_mode with general mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: rebuild proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: re-add forward_auth_mode for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix data.mode not being set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: always set log level to debug when testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: use new mode attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only ingress /akprox on forward_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix error on ProxyProviderForm when not using proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix default for outpost form's type missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add additional desc for proxy modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix service account permissions not always being updated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: fix redirecting to incorrect host for domain mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: improve error handling for network errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: fix image naming not matching main imaeg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: fix redirects for domain mode and traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix colour for paragraphs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix consent stage not showing permissions correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add domain-level docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: fix broken links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: remove dead code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix missing id for #header-text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 23:10:17 +02:00
Jens Langhammer
ebfa7c8dce
website/docs: fix docs for outpost annotations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 23:32:17 +02:00
CuBiC
c98e4196bd
website/docs: ingress nginx auth headers ( #916 )
...
Extend example how to pass through auth headers from authentik if using ingress nginx as forward auth.
2021-05-23 22:49:31 +02:00
Jens Langhammer
2d5c45543b
release: 2021.5.4
2021-05-22 20:15:23 +02:00
Jens Langhammer
bf4cbb25fe
release: 2021.5.3
2021-05-20 20:17:39 +02:00
Jens Langhammer
5a465fbc36
release: 2021.5.2
2021-05-17 19:54:10 +02:00
Jens Langhammer
176360fdd7
website/docs: fix $auth_cookie not being defined in outpost docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:31 +02:00
Jens Langhammer
36b694fc41
website/docs: add example ldapsearch command
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:47:38 +02:00
Jens Langhammer
8d7bb7da17
providers/proxy: connect ingress to https instead of http
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#882
2021-05-14 11:42:03 +02:00
Jens Langhammer
9bdd6f23a4
website/docs: add ldap example, use ghcr
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:19:09 +02:00
Jens Langhammer
0b7ebf0e07
release: 2021.5.1
2021-05-13 20:50:31 +02:00
Jens Langhammer
8f99891a9d
release: 2021.5.1-rc10
2021-05-12 21:25:18 +02:00
Jens Langhammer
97a3c2d88b
release: 2021.5.1-rc9
2021-05-12 20:50:29 +02:00
Jens Langhammer
3665e2fefa
release: 2021.5.1-rc8
2021-05-12 14:52:34 +02:00