0a63441935
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
93 lines
4.2 KiB
Markdown
93 lines
4.2 KiB
Markdown
---
|
|
title: Release 2021.8
|
|
slug: "2021.8"
|
|
---
|
|
|
|
## Headline Changes
|
|
|
|
- Embedded Outpost
|
|
|
|
To simplify the setup, an embedded outpost has been added. This outpost runs as part of the main authentik server, and requires no additional setup.
|
|
|
|
You can simply assign providers to the embedded outpost, and either use the integrations to configure reverse proxies, or point your traffic to the main authentik server.
|
|
Traffic is routed based on host-header, meaning every host that has been configured as a provider and is assigned to the embedded proxy will be sent to the outpost, and every sub-path under `/akprox` is sent to the outpost too. The rest is sent to authentik itself.
|
|
|
|
- App passwords
|
|
|
|
You can now create Tokens with the intent `app_password`, and use them when authenticating with a flow. This requires the `User database + app passwords` backend in your password stage (this is done automatically on upgrade).
|
|
|
|
You will also see in the logs which backend was used as the `auth_method` and `auth_method_args` arguments on the Event.
|
|
|
|
## Minor changes
|
|
|
|
- admin: add API to show embedded outpost status, add notice when its not configured properly
|
|
- api: ensure all resources can be filtered
|
|
- api: make all PropertyMappings filterable by multiple managed attributes
|
|
- core: add API to directly send recovery link to user
|
|
- core: add UserSelfSerializer and separate method for users to update themselves with limited fields
|
|
- core: allow changing of groups a user is in from user api
|
|
- flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event
|
|
- lifecycle: decrease default worker count on compose
|
|
- outpost/ldap: Performance improvements, support for (member=) lookup
|
|
- providers/proxy: don't create ingress when no hosts are defined
|
|
- sources/plex: add API to get user connections
|
|
- web: add API Drawer
|
|
- web/admin: add UI to copy invitation link
|
|
- web/admin: allow modification of users groups from user view
|
|
- web/admin: re-name service connection to integration
|
|
|
|
## Fixed in 2021.8.1-rc2
|
|
|
|
- ci: add pipeline to build and push js api package
|
|
- ci: upgrade web api client when schema changes
|
|
- core: add new token intent and auth backend (#1284)
|
|
- core: add token tests for invalid intent and token auth
|
|
- core: fix token intent not defaulting correctly
|
|
- core: handle error when ?for_user is not numberical
|
|
- lib: move id and key generators to lib (#1286)
|
|
- lifecycle: rename to ak
|
|
- outpost: handle non-existant permission
|
|
- outposts: add recursion limit for docker controller
|
|
- outposts: add repair_permissions command
|
|
- root: add alias for akflow files
|
|
- root: add ASGI Error handler
|
|
- root: add License to NPM package
|
|
- root: fix error_handler for websocket
|
|
- root: fix mis-matched postgres version for CI
|
|
- root: remove remainders from gen
|
|
- root: remove usage of make-gen
|
|
- root: test schema auto-update
|
|
- root: update schema
|
|
- stages/password: auto-enable app password backend
|
|
- stages/user_write: fix wrong fallback authentication backend
|
|
- web: add custom readme to api client
|
|
- web: add ESM to generated Client
|
|
- web: build. api in different folder
|
|
- web: improve api client versioning
|
|
- web: Merge pull request #1258 from goauthentik/publish-api-to-npm
|
|
- web: migrate to @goauthentik/api
|
|
- web: Update Web API Client version (#1283)
|
|
- web: use custom client for web linting
|
|
- web/admin: allow users to create app password tokens
|
|
- web/admin: display token's intents
|
|
- web/admin: fix missing app passwords backend
|
|
- web/admin: improve delete modal for stage bindings and policy bindings
|
|
- web/admin: select all password stage backends by default
|
|
- web/admin: show system status first
|
|
- web/flows: fix error during error handling
|
|
- website: add docs for making schema changes
|
|
- website: make default login-2fa flow ignore 2fa with app passwords
|
|
- website/docs: add docs for `auth_method` and `auth_method_args` fields
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
### docker-compose
|
|
|
|
Download the docker-compose file for 2021.7 from [here](https://raw.githubusercontent.com/goauthentik/authentik/version-2021.7/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
|
|
|
|
### Kubernetes
|
|
|
|
Upgrade to the latest chart version to get the new images.
|