tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
265 commits 1 branch 0 tags 968 KiB
Commit graph

265 commits

This branch
This branch
All branches
Author SHA1 Message Date
shokinn
47e0cb8e14 link static workdir deps to /run/authentik 2023-12-29 15:01:03 +01:00
WilliButz
d2367d0c21
update: 2023.10.4 -> 2023.10.5 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/a2a67161ac8b840d63cbaacdfbebb60fd48e901b' (2023-11-21)
  → 'github:goauthentik/authentik/a15a04036223c53bea841436f4943278b4eab460' (2023-12-21)
 2023-12-21 14:44:38 +01:00
WilliButz
4a61f8afb4
README: update 2023-12-20 21:34:25 +01:00
WilliButz
be532175cd
flake.lock: update napalm 
Flake lock file updates:

• Updated input 'napalm':
    'github:nix-community/napalm/a8215ccf1c80070f51a92771f3bc637dd9b9f7ee' (2023-09-06)
  → 'github:nix-community/napalm/edcb26c266ca37c9521f6a97f33234633cbec186' (2023-12-20)
 2023-12-20 21:19:38 +01:00
WilliButz
9b18007aac
provide authentik components in separate scope 
* provides a new function `lib.mkAuthentikScope` as a flake output to
  create a custom scope with overrides outside of this flake
* adds a slightly altered version of existing vm test to demonstrate the
  usage of `mkAuthentikScope` for overriding individual authentik
  components in tests/override-scope.nix
 2023-12-14 15:04:06 +01:00
WilliButz
6df56466f9
factor out components with callPackage to allow for easier overrides 
Before this change it was very inconvenient to override specific
dependencies, e.g. patching something in pythonEnv and having its
dependents use that patched version.
This is just a step towards better overridability for the individual
authentik components, because patched versions of components still need
to be manually passed to their dependents. An overlay-like approach
would be even better.
 2023-12-14 15:04:04 +01:00
WilliButz
d12bdcc87d
flake: replace runCommandLocal with builtin functions to avoid IFD 
Pointed out in https://github.com/nix-community/authentik-nix/issues/5

Co-authored-by: Philip Henning <philip.henning@base23.de>
 2023-12-11 15:31:43 +01:00
WilliButz
07c6476fbf
module: make authentikComponents a simple attrset 2023-12-10 15:16:53 +01:00
WilliButz
1b9f4dce95
test: move to tests dir 2023-12-10 15:16:53 +01:00
WilliButz
ed999ba030
use mkDefault for authentikComponents 2023-12-10 15:16:53 +01:00
WilliButz
8b05ebf200
module: drop unused recursiveUpdate 2023-12-10 15:16:53 +01:00
WilliButz
332d717766
module: update postgres config (ensurePermissions -> ensureDBOwnership) 
see https://github.com/NixOS/nixpkgs/pull/266270
 2023-12-10 15:16:41 +01:00
WilliButz
aeba8124d2
flake: drop obsolete devShell 2023-12-10 15:13:28 +01:00
WilliButz
7f46d7ee99
flake.lock: Update, reference nixos-23.11 instead of unstable 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03)
  → 'github:hercules-ci/flake-parts/34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5' (2023-12-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/f5892ddac112a1e9b3612c39af1b72987ee5783a?dir=lib' (2023-09-29)
  → 'github:NixOS/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58?dir=lib' (2023-11-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12)
  → 'github:numtide/flake-utils/4022d587cbbfd70fe950c1e2083a02621806a725' (2023-12-04)
• Updated input 'nixpkgs-23-05':
    'github:NixOS/nixpkgs/41de143fda10e33be0f47eab2bfe08a50f234267' (2023-11-06)
  → 'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/8f2c483f9a40db26011f6668559574a4b86ed499' (2023-10-26)
  → 'github:nix-community/poetry2nix/9fc487b32a68473da4bf9573f85b388043c5ecda' (2023-12-06)
• Updated input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/bd5bdbb52350e145c526108f4ef192eb8e554fa0' (2023-09-02)
  → 'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/aae39f64f5ecbe89792d05eacea5cb241891292a' (2023-10-15)
  → 'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
 2023-12-10 15:13:28 +01:00
WilliButz
9663811618
update: 2023.10.3 -> 2023.10.4 (security update) 
Includes fix for https://goauthentik.io/docs/security/CVE-2023-48228

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/82b5274b15ddf6d9925e7b349f70bbff5be1d8be' (2023-11-09)
  → 'github:goauthentik/authentik/a2a67161ac8b840d63cbaacdfbebb60fd48e901b' (2023-11-21)
 2023-11-21 18:47:39 +01:00
WilliButz
976d382bf4
update: 2023.10.2 -> 2023.10.3 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/8e72fcab59a65e900a35a0faa21fe0bfef4c63c3' (2023-10-28)
  → 'github:goauthentik/authentik/82b5274b15ddf6d9925e7b349f70bbff5be1d8be' (2023-11-09)
 2023-11-09 19:08:49 +01:00
WilliButz
2445de2001
terraform-provider-authentik: 2023.8.0 -> 2023.10.0 
The provider still specifies go 1.18 in go.mod, so nixpkgs@23.05 needs
to be pulled in again. Not really happy about this, maybe there's some
cleaner approach.
 2023-11-08 15:31:30 +01:00
WilliButz
c775e737f5
update: 2023.10.1 -> 2023.10.2 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/64c38909ffd969787f2d634b0e971b90a451d5db' (2023-10-26)
  → 'github:goauthentik/authentik/8e72fcab59a65e900a35a0faa21fe0bfef4c63c3' (2023-10-28)
 2023-10-28 22:42:43 +02:00
WilliButz
d3b1353030
github-workflows/flakehub: don't auto run 2023-10-28 22:42:28 +02:00
WilliButz
1ec83f48ae
update: 2023.10.0 -> 2023.10.1 2023-10-27 17:02:14 +02:00
WilliButz
e1ccfb9fb6
test: add trailing slash to urls 
Before 2023.10 this was implicitly supported, but undocumented.
See https://github.com/goauthentik/authentik/pull/6928/commits/c4ea44da1bb63182e5413bdf8f0a9
 2023-10-27 17:02:14 +02:00
WilliButz
cdffc37ad9
update: 2023.8.3 -> 2023.10.0 
* nixpkgs-23.05 -> nixpkgs-unstable (for nodejs 21)
* nodejs_20 -> nodejs_21
* go_1_20 -> go_1_21
* added workaround for poetry2nix to drop python dev-dependencies

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/f885f8c0395df639ccabd762910867bef0f4577c' (2023-09-11)
  → 'github:goauthentik/authentik/b7c02808c664714144bd7ae6fee4c6402a88f426' (2023-10-26)
• Updated input 'flake-compat':
    'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
  → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01)
  → 'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/3e52e76b70d5508f3cec70b882a29199f4d1ee85?dir=lib' (2023-08-31)
  → 'github:NixOS/nixpkgs/f5892ddac112a1e9b3612c39af1b72987ee5783a?dir=lib' (2023-09-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23)
  → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10)
  → 'github:NixOS/nixpkgs/8efd5d1e283604f75a808a20e6cde0ef313d07d4' (2023-10-24)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/c3d3c4a0396b1bcccd72c82551a319229997f6e4' (2023-09-08)
  → 'github:nix-community/poetry2nix/8f2c483f9a40db26011f6668559574a4b86ed499' (2023-10-26)
• Updated input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
  → 'github:nix-community/nix-github-actions/bd5bdbb52350e145c526108f4ef192eb8e554fa0' (2023-09-02)
• Added input 'poetry2nix/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/aae39f64f5ecbe89792d05eacea5cb241891292a' (2023-10-15)
• Added input 'poetry2nix/treefmt-nix/nixpkgs':
    follows 'poetry2nix/nixpkgs'
 2023-10-27 17:02:13 +02:00
WilliButz
e3e7edaba4
README: add explicit comment about secrets and enviromentFile 2023-10-04 20:13:25 +02:00
WilliButz
b200238be2
fill README with some instructions 2023-10-04 19:35:39 +02:00
WilliButz
f7fa85cc1f
module: add nginx support with cert auto-discovery 2023-10-04 17:55:39 +02:00
WilliButz
bc05d5ce25
test: check for correct version in admin settings 2023-10-04 16:32:01 +02:00
WilliButz
251d78a7f2
module: provide option to specify EnvironmentFile for secrets 
The systemd service module references the module's environmentFile in a
list to allow for merging with EnvironmentFiles injected elsewhere.
 2023-10-04 14:47:29 +02:00
WilliButz
cd00a35204
flake: remove node_modules/.cache in output 
(reduces closure size by ~250MiB)
 2023-09-11 22:03:14 +02:00
WilliButz
e298bde8c0
github-workflows/flakehub: try workaround for accepted version format 2023-09-11 21:32:32 +02:00
WilliButz
0fa7dd5ac7
update: 2023.8.2 -> 2023.8.3 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/97e4c8d5e22f21295b8d0eda039243433253ddfc' (2023-09-01)
  → 'github:goauthentik/authentik/f885f8c0395df639ccabd762910867bef0f4577c' (2023-09-11)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/59cf3f1447cfc75087e7273b04b31e689a8599fb' (2023-08-01)
  → 'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/9e1960bc196baf6881340d53dccb203a951745a2?dir=lib' (2023-08-01)
  → 'github:NixOS/nixpkgs/3e52e76b70d5508f3cec70b882a29199f4d1ee85?dir=lib' (2023-08-31)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c540061ac8d72d6e6d99345bd2d590c82b2f58c1' (2023-08-28)
  → 'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/5b3a5151cf212021ff8d424f215fb030e4ff2837' (2023-08-26)
  → 'github:nix-community/poetry2nix/c3d3c4a0396b1bcccd72c82551a319229997f6e4' (2023-09-08)
 2023-09-11 21:26:18 +02:00
WilliButz
374fe09426
init flakehub-publish-tagged.yml 2023-09-09 15:39:41 +02:00
WilliButz
42e9874ace
add flake-compat 2023-09-09 11:35:21 +02:00
WilliButz
f89134f9ce
frontend: drop patch for package-lock.json after napalm update 
Napalm now correctly handles aliased dependencies.
 2023-09-06 12:45:03 +02:00
WilliButz
4ae65bc41c
flake.lock: Update 
Flake lock file updates:

• Updated input 'napalm':
    'github:nix-community/napalm/22b610cdb812ad7abf22c05af45778ee394fbfd1' (2023-06-22)
  → 'github:nix-community/napalm/a8215ccf1c80070f51a92771f3bc637dd9b9f7ee' (2023-09-06)
 2023-09-06 12:44:40 +02:00
WilliButz
604736f429
update: 2023.8.1 -> 2023.8.2 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/be3cfaee560a7d6fac157d61ae7186a92a279c9c' (2023-08-29)
  → 'github:goauthentik/authentik/97e4c8d5e22f21295b8d0eda039243433253ddfc' (2023-09-01)
 2023-09-01 18:43:47 +02:00
WilliButz
fbac551e86
terraform-provider: 2023.6.0 -> 2023.8.0 2023-08-31 11:58:28 +02:00
WilliButz
5d5cd2f358
README: drop outdated info 2023-08-30 16:48:59 +02:00
WilliButz
ae8ff44762
update: 2023.6.2 -> 2023.8.1 
* patched the package-lock for /web slightly to avoid what's likely a
  bug in napalm, causing the request for wrap-ansi@7.0.0 to be answered
  with a a 500 response. This seems to be the case because a name
  override is used for this module in the lock-file. While that is also
  the case for some other modules like string-width@4.2.3, they have a
  matching module with the name used in the override at the same
  version. Only wrap-ansi's version differs here, which causes the
  issue.
 2023-08-30 16:37:06 +02:00
WilliButz
d464790711
update: 2023.6.1 -> 2023.6.2 (security update) 
contains fix for CVE-2023-39522
https://github.com/goauthentik/authentik/security/advisories/GHSA-vmf9-6pcv-xr87

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/d6af506a78caaf9e6ef394dffa1f931bcc2cd656' (2023-07-10)
  → 'github:goauthentik/authentik/aba857753bcf785a2023d3ac80f9a6f7f15979fe' (2023-08-29)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8e8d955c22df93dbe24f19ea04f47a74adbdc5ec' (2023-07-04)
  → 'github:hercules-ci/flake-parts/59cf3f1447cfc75087e7273b04b31e689a8599fb' (2023-08-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/4bc72cae107788bf3f24f30db2e2f685c9298dc9?dir=lib' (2023-06-29)
  → 'github:NixOS/nixpkgs/9e1960bc196baf6881340d53dccb203a951745a2?dir=lib' (2023-08-01)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
  → 'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e11142026e2cef35ea52c9205703823df225c947' (2023-07-05)
  → 'github:NixOS/nixpkgs/c540061ac8d72d6e6d99345bd2d590c82b2f58c1' (2023-08-28)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/f9c886e188503db79b59f15c014d86aa680d9141' (2023-07-07)
  → 'github:nix-community/poetry2nix/5b3a5151cf212021ff8d424f215fb030e4ff2837' (2023-08-26)
• Added input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
• Added input 'poetry2nix/nix-github-actions/nixpkgs':
    follows 'poetry2nix/nixpkgs'
 2023-08-29 20:18:44 +02:00
WilliButz
a0111331a9
Merge pull request #2 from muccc/terraform-provider-2023.6.0 
terraform-provider-authentik: 2023.5.0 -> 2023.6.0
 2023-07-31 12:27:16 +02:00
Franz Pletz
77eef774b5
authentik-gopkgs: fix typo 2023-07-31 12:16:16 +02:00
Franz Pletz
f9ccfdbb61
flake: remove unused rec 2023-07-31 12:16:16 +02:00
Franz Pletz
41eca29b3a
terraform-provider-authentik: 2023.5.0 -> 2023.6.0 2023-07-31 12:16:16 +02:00
WilliButz
39d0aeba31
update: 2023.6.0 -> 2023.6.1 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/7db9ced218ed6584fe4ab9e4f115509fac9bdd52' (2023-07-07)
  → 'github:goauthentik/authentik/d6af506a78caaf9e6ef394dffa1f931bcc2cd656' (2023-07-10)
 2023-07-13 12:25:58 +02:00
WilliButz
9449792f5b
python-overrides: update for 2023.6.0 2023-07-13 12:10:56 +02:00
WilliButz
8d4ad4d50c
flake: patch migrate.py to discover system_migrations 
Previously "system_migrations" were silently not applied, because the
migration script tries to find them relatively to its own location, but
here they are not in the same /bin folder that migrate.py is placed in.
 2023-07-13 11:58:28 +02:00
WilliButz
71f8f2a652
flake: update go vendor hash 2023-07-13 11:58:00 +02:00
WilliButz
6207ab1e66
frontend: switch to patched web/package-lock.json version 3 2023-07-13 11:57:15 +02:00
WilliButz
3b9fff6c23
flake: update inputs for 2023.6.0 2023-07-13 11:45:15 +02:00
WilliButz
4baa548996
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/37dd7bb15791c86d55c5121740a1887ab55ee836' (2023-06-26)
  → 'github:hercules-ci/flake-parts/8e8d955c22df93dbe24f19ea04f47a74adbdc5ec' (2023-07-04)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/4f53efe34b3a8877ac923b9350c874e3dcd5dc0a?dir=lib' (2023-05-31)
  → 'github:NixOS/nixpkgs/4bc72cae107788bf3f24f30db2e2f685c9298dc9?dir=lib' (2023-06-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/3db36a8b464d0c4532ba1c7dda728f4576d6d073' (2023-02-13)
  → 'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
• Added input 'flake-utils/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/3a70dd92993182f8e514700ccf5b1ae9fc8a3b8d' (2023-05-31)
  → 'github:NixOS/nixpkgs/e11142026e2cef35ea52c9205703823df225c947' (2023-07-05)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/f11cc14e28078c701072f2d1fb34a6495c9376b1' (2023-05-30)
  → 'github:nix-community/poetry2nix/f9c886e188503db79b59f15c014d86aa680d9141' (2023-07-07)
 2023-07-07 14:13:51 +02:00