Merge pull request #78 from Ma27/authentik-2025.10

update: 2025.8.4 -> 2025.10.0
2025-11-04 11:44:08 +01:00 · 2025-11-04 11:44:08 +01:00 · bbd5f56c4b
commit bbd5f56c4b
parent ea1e06f9fe bb1a7604fc
7 changed files with 12 additions and 19 deletions
--- a/README.md
+++ b/README.md
@ -16,7 +16,7 @@ Please note that this project is not directly affiliated with the official [auth
 * [flake.nix](./flake.nix)
  This flake provides packages (server, worker, outposts, ...) as outputs, a NixOS module and a simple VM integration test for the module.
 * [module.nix](./module.nix)
-  The NixOS module configures authentik services, redis and (by default) a local postgres instance. The upstream default authentik configuration can be partially overridden by setting desired parameters under `services.authentik.settings`.
+  The NixOS module configures authentik services and (by default) a local postgres instance. The upstream default authentik configuration can be partially overridden by setting desired parameters under `services.authentik.settings`.
 * [poetry2nix-python-overrides.nix](./poetry2nix-python-overrides.nix)
  contains overrides and fixes for building the python env
 * [minimal-vmtest.nix](./tests/minimal-vmtest.nix)
--- a/components/gopkgs.nix
+++ b/components/gopkgs.nix
@ -61,7 +61,7 @@ buildGo124Module {
  ] ++ lib.optionals guacamoleAvailable [
    "cmd/rac"
  ];
-  vendorHash = "sha256-wTTEDBRYCW1UFaeX49ufLT0c17sacJzcCaW/8cPNYR4=";
+  vendorHash = "sha256-m2shrCwoVdbtr8B83ZcAyG+J6dEys2xdjtlfFFF4CDo=";
  nativeBuildInputs = [ makeWrapper ];
  doCheck = false;
  postInstall = ''
--- a/flake.lock
+++ b/flake.lock
@ -3,16 +3,16 @@
    "authentik-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1759190535,
+        "lastModified": 1762188128,
-        "narHash": "sha256-pIzDaoDWc58cY/XhsyweCwc4dfRvkaT/zqsV1gDSnCI=",
+        "narHash": "sha256-HowB6DTGCqz770fKYbnE+rQ11XRV0WSNkLD+HSWZwz8=",
        "owner": "goauthentik",
        "repo": "authentik",
-        "rev": "8d3a289d12c7de2f244c76493af7880f70d08af2",
+        "rev": "70406664dca2a13aabb695094f85471585668cb1",
        "type": "github"
      },
      "original": {
        "owner": "goauthentik",
-        "ref": "version/2025.8.4",
+        "ref": "version/2025.10.1",
        "repo": "authentik",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@ -42,7 +42,7 @@
    };
    authentik-src = {
      # change version string in outputs as well when updating
-      url = "github:goauthentik/authentik/version/2025.8.4";
+      url = "github:goauthentik/authentik/version/2025.10.1";
      flake = false;
    };
  };
@ -67,7 +67,7 @@
        ...
      }:
      let
-        authentik-version = "2025.8.4"; # to pass to the drvs of some components
+        authentik-version = "2025.10.1"; # to pass to the drvs of some components
      in
      {
        systems = import inputs.systems;
@ -162,17 +162,17 @@
                manage
                ;
-              terraform-provider-authentik = inputs.nixpkgs.legacyPackages.${system}.buildGo124Module rec {
+              terraform-provider-authentik = inputs.nixpkgs.legacyPackages.${system}.buildGoModule rec {
                pname = "terraform-provider-authentik";
-                version = "2025.8.0";
+                version = "2025.10.0";
                src = pkgs.fetchFromGitHub {
                  owner = "goauthentik";
                  repo = pname;
                  rev = "v${version}";
-                  sha256 = "sha256-mDPFuLTr8JKSlJ+I/yAfTkEf5Sd841EUkLNFZr9xHoM=";
+                  sha256 = "sha256-w5XBAeUKGui4pnDikIWuN/dWLDqKXVsQ5glZX1o1934=";
                };
                doCheck = false; # tests are run against authentik -> vm test
-                vendorHash = "sha256-eyI+UEufRTNBzbMIxPehIMd7SgDkb6PZlUhj+4lPEac=";
+                vendorHash = "sha256-jy+SBlbXnr+k03fJM8eA0DLN8LFqGIBrYIq9fPmqSaw=";
                postInstall = ''
                  path="$out/libexec/terraform-providers/registry.terraform.io/goauthentik/authentik/${version}/''${GOOS}_''${GOARCH}/"
                  mkdir -p "$path"
--- a/module.nix
+++ b/module.nix
@ -318,10 +318,6 @@ in
            };
            media.enable_upload = mkDefault true;
          };
          redis.servers.authentik = {
            enable = true;
            port = 6379;
          };
          postgresql = mkIf cfg.createDatabase {
            enable = true;
            ensureDatabases = [ "authentik" ];
@ -417,7 +413,6 @@ in
            ];
            after = [
              "network-online.target"
              "redis-authentik.service"
            ]
            ++ (lib.optionals cfg.createDatabase [ "postgresql.service" ]);
            restartTriggers = [ config.environment.etc."authentik/config.yml".source ];
--- a/tests/minimal-vmtest.nix
+++ b/tests/minimal-vmtest.nix
@ -51,7 +51,6 @@ pkgs.nixosTest {
    start_all()
    authentik.wait_for_unit("postgresql.service")
    authentik.wait_for_unit("redis-authentik.service")
    authentik.wait_for_unit("authentik-migrate.service")
    authentik.wait_for_unit("authentik-worker.service")
    authentik.wait_for_unit("authentik.service")
--- a/tests/override-scope.nix
+++ b/tests/override-scope.nix
@ -92,7 +92,6 @@ pkgs.nixosTest {
    start_all()
    authentik.wait_for_unit("postgresql.service")
    authentik.wait_for_unit("redis-authentik.service")
    authentik.wait_for_unit("authentik-migrate.service")
    authentik.wait_for_unit("authentik-worker.service")
    authentik.wait_for_unit("authentik.service")