From 4b7126941b7684b5abe8d2274929c22c62163188 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 27 Feb 2026 15:00:21 +0100 Subject: [PATCH] update: 2025.12.4 -> 2026.2.0 ChangeLog: https://docs.goauthentik.io/releases/2026.2/ --- components/docs.nix | 3 ++- components/fix-lxml-libxml-2.15-build.patch | 12 ------------ components/gopkgs.nix | 2 +- components/python-overrides.nix | 21 +++++++++++++-------- flake.lock | 8 ++++---- flake.nix | 6 +++--- tests/minimal-vmtest.nix | 2 +- tests/override-scope.nix | 2 +- 8 files changed, 25 insertions(+), 31 deletions(-) delete mode 100644 components/fix-lxml-libxml-2.15-build.patch diff --git a/components/docs.nix b/components/docs.nix index 58bcebb..e849268 100644 --- a/components/docs.nix +++ b/components/docs.nix @@ -13,7 +13,8 @@ buildNapalmPackage "${authentik-src}/website" { "cp -v ${authentik-src}/SECURITY.md ../SECURITY.md" "cp -vr ${authentik-src}/blueprints ../blueprints" "cp -v ${authentik-src}/schema.yml ../schema.yml" - "cp -v ${authentik-src}/docker-compose.yml ../docker-compose.yml" + "mkdir -p ../lifecycle/container" + "cp -v ${authentik-src}/lifecycle/container/compose.yml ../lifecycle/container/compose.yml" "npm config set loglevel verbose" "npm ci --workspaces --include-workspace-root --no-audit" "npm run build" diff --git a/components/fix-lxml-libxml-2.15-build.patch b/components/fix-lxml-libxml-2.15-build.patch deleted file mode 100644 index 3cc369b..0000000 --- a/components/fix-lxml-libxml-2.15-build.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/src/lxml/etree.c b/src/lxml/etree.c -index 9fbfe5a..74c83c7 100644 ---- a/src/lxml/etree.c -+++ b/src/lxml/etree.c -@@ -35183,7 +35183,6 @@ static void __pyx_f_4lxml_5etree_fixThreadDictNamesForDtd(xmlDtd *__pyx_v_c_dtd, - * _fixThreadDictPtr(&c_attribute.name, c_src_dict, c_dict) - * _fixThreadDictPtr(&c_attribute.prefix, c_src_dict, c_dict) - */ -- __pyx_f_4lxml_5etree__fixThreadDictPtr((&__pyx_v_c_attribute->defaultValue), __pyx_v_c_src_dict, __pyx_v_c_dict); - - /* "src/lxml/proxy.pxi":578 - * while c_attribute: diff --git a/components/gopkgs.nix b/components/gopkgs.nix index 9bebe9d..774cb1c 100644 --- a/components/gopkgs.nix +++ b/components/gopkgs.nix @@ -69,7 +69,7 @@ buildGo125Module { ] ++ lib.optionals guacamoleAvailable [ "cmd/rac" ]; - vendorHash = "sha256-hdkd7/bqgTvYwlhVA9zEQny6yDowMaoRcC7TdRoXfJc="; + vendorHash = "sha256-0YKn6qScUjkLOq/hyUZp7e+dQ58POSgj4CgfDro+5J4="; nativeBuildInputs = [ makeWrapper ]; doCheck = false; postInstall = '' diff --git a/components/python-overrides.nix b/components/python-overrides.nix index a6d665c..e0246f5 100644 --- a/components/python-overrides.nix +++ b/components/python-overrides.nix @@ -8,6 +8,7 @@ libtool, pkg-config, xmlsec, + python, }: let @@ -44,6 +45,18 @@ let # Fixes for dependencies with C libraries. buildFixes = final: prev: { + django-tenants = prev.django-tenants.overrideAttrs { + /* + Resolves + + > FileCollisionError: Two or more packages are trying to provide the same file with different contents + > + > Files: /nix/store/snsw4gij9l7pllphdskxqmr3y5a951aq-django-tenants-3.10.0/lib/python3.14/site-packages/docs/Makefile /nix/store/dxy56wp46sm8nqjfhmfswb5k5rcwrj6y-pyrad-2.5.4/lib/python3.14/site-packages/docs/Makefile + */ + postFixup = '' + rm -r $out/${python.sitePackages}/docs + ''; + }; gssapi = prev.gssapi.overrideAttrs ( { buildInputs ? [ ], @@ -77,7 +90,6 @@ let lxml = prev.lxml.overrideAttrs ( { buildInputs ? [ ], - patches ? [ ], ... }: { @@ -86,13 +98,6 @@ let libxml2 zlib ]; - patches = patches ++ [ - # The upstream fix for this is - # https://github.com/lxml/lxml/commit/f7a813483c4482dd114e7ee8b42b54337e285503, - # however, this doesn't help us here because the `etree.c` file is already generated - # (we're using the wheel), so we have to patch the C file directly. - ./fix-lxml-libxml-2.15-build.patch - ]; } ); xmlsec = prev.xmlsec.overrideAttrs ( diff --git a/flake.lock b/flake.lock index a7f43c9..67cd0d6 100644 --- a/flake.lock +++ b/flake.lock @@ -19,16 +19,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1770911230, - "narHash": "sha256-alTyrMBbjZbw4jhEna8saabf93sqSrZCu+Z5xH3pZ7M=", + "lastModified": 1771963976, + "narHash": "sha256-pVQ34cZYX3hlk6hF1aZ/n32xMqTF4Jmp0G0VGDU7iXc=", "owner": "goauthentik", "repo": "authentik", - "rev": "19ad8d3ae3f266ec1096bc4461fdf6bcda1aa079", + "rev": "8af491630b70ff6bd089753e21bef511bfb3f557", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.12.4", + "ref": "version/2026.2.0", "repo": "authentik", "type": "github" } diff --git a/flake.nix b/flake.nix index 086dfce..913a573 100644 --- a/flake.nix +++ b/flake.nix @@ -42,7 +42,7 @@ }; authentik-src = { # change version string in outputs as well when updating - url = "github:goauthentik/authentik/version/2025.12.4"; + url = "github:goauthentik/authentik/version/2026.2.0"; flake = false; }; authentik-go = { @@ -72,7 +72,7 @@ ... }: let - authentik-version = "2025.12.4"; # to pass to the drvs of some components + authentik-version = "2026.2.0"; # to pass to the drvs of some components in { systems = import inputs.systems; @@ -114,7 +114,7 @@ { pkgs, system ? pkgs.stdenv.hostPlatform.system, - python ? pkgs.python313, + python ? pkgs.python314, authentik-version ? authentik-version', buildNapalmPackage ? napalm.legacyPackages.${system}.buildPackage, }: diff --git a/tests/minimal-vmtest.nix b/tests/minimal-vmtest.nix index eabe78e..096fe93 100644 --- a/tests/minimal-vmtest.nix +++ b/tests/minimal-vmtest.nix @@ -9,7 +9,7 @@ pkgs.testers.runNixOSTest { authentik = { virtualisation = { cores = 3; - memorySize = 2048; + memorySize = 3072; }; imports = [ nixosModules.default diff --git a/tests/override-scope.nix b/tests/override-scope.nix index 1781f9a..7ac1180 100644 --- a/tests/override-scope.nix +++ b/tests/override-scope.nix @@ -48,7 +48,7 @@ pkgs.testers.runNixOSTest { authentik = { virtualisation = { cores = 3; - memorySize = 2048; + memorySize = 3072; }; imports = [ nixosModules.default