tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
131 commits 1 branch 0 tags 968 KiB
Commit graph

131 commits

This branch
This branch
All branches
Author SHA1 Message Date
WilliButz
5bf15f6630
Merge pull request #34 from Ma27/flake-update 
Update `nixpkgs` input
 2024-09-27 17:26:51 +02:00
Maximilian Bosch
97f96dc50f
poetry2nix-python-overrides: fix build of opencontainers 
`pytest-runner` was dropped upstream, the build of opencontainers is
fine even without it.
 2024-09-25 18:55:29 +02:00
Maximilian Bosch
643fe9d34c
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/567b938d64d4b4112ee253b9274472dc3a346eb6' (2024-09-01)
  → 'github:hercules-ci/flake-parts/bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a' (2024-09-12)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
  → 'github:numtide/flake-utils/c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a' (2024-09-17)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/574d1eac1c200690e27b8eb4e24887f8df7ac27c' (2024-09-06)
  → 'github:NixOS/nixpkgs/9357f4f23713673f310988025d9dc261c20e70c6' (2024-09-21)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2' (2024-09-05)
  → 'github:nix-community/poetry2nix/7624b3e0275d9b52dbdda46ef7ffee66b36ff823' (2024-09-24)
 2024-09-25 13:22:14 +02:00
WilliButz
0fd076529b
components: fix typo 2024-09-08 17:29:30 +02:00
WilliButz
0932385a36
module: restart services on-failure 2024-09-08 17:12:43 +02:00
WilliButz
7dc6bd5377
flake: use napalm fork to avoid stackoverflow 
It seems that the set of npm dependencies is large enough for foldl to
overflow the stack since the latest update. Use the fork with the fix
for now until its properly upstreamed.

Fixes #31

Flake lock file updates:

• Updated input 'napalm':
    'github:nix-community/napalm/e1babff744cd278b56abe8478008b4a9e23036cf' (2024-06-09)
  → 'github:willibutz/napalm/b492440d9e64ae20736d3bec5c7715ffcbde83f5' (2024-09-08)
 2024-09-08 16:43:11 +02:00
WilliButz
f1bd855c23
flake: make systems overridable 
Flake lock file updates:

• Added input 'systems':
    'github:nix-systems/default-linux/31732fcf5e8fea42e59c2488ad31a0e651500f68' (2023-07-14)
 2024-09-07 22:12:39 +02:00
WilliButz
ee7e7ed147
tests: improve vmtest 
`wait_for_text()` takes a regex and it seems that sometimes OCR fails to
recognize the dots in the version string. To make this more resilient,
zero or one symbol is not matched between the numerical components of
the version string.
 2024-09-07 22:07:37 +02:00
WilliButz
a1630aaf9f
update: 2024.6.4 -> 2024.8.1 
Release notes: https://docs.goauthentik.io/docs/releases/2024.8

Still includes the same hacky workaround for one of the dependencies
that was introduced in the 2024.6.1 update. See components/docs.nix for
more information.

Also, as upstream package-lock.json files do not include source hashes
and urls for a lot of dependencies, building authentik from source is
only possible after they've been resolved. This makes it kind of a
gamble to try and reproduce a build with the same set of dependencies
that the devs use. This is why the two relevant lock files are vendored
here now. See upstream issues for more information:
- https://github.com/goauthentik/authentik/issues/6180
- https://github.com/goauthentik/authentik/issues/11169
and the npm issue for the underlying reason:
https://github.com/npm/cli/issues/4263

Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
  → 'github:hercules-ci/flake-parts/567b938d64d4b4112ee253b9274472dc3a346eb6' (2024-09-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz?narHash=sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q%3D' (2024-08-01)
  → 'https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz?narHash=sha256-Ss8QWLXdr2JCBPcYChJhz4xJm%2Bh/xjl4G0c0XlP6a74%3D' (2024-09-01)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c374d94f1536013ca8e92341b540eba4c22f9c62' (2024-08-21)
  → 'github:NixOS/nixpkgs/574d1eac1c200690e27b8eb4e24887f8df7ac27c' (2024-09-06)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/884b66152b0c625b8220b570a31dc7acc36749a3' (2024-08-21)
  → 'github:nix-community/poetry2nix/a313fd7169ae43ecd1a2ea2f1e4899fe3edba4d2' (2024-09-05)
 2024-09-07 22:07:37 +02:00
WilliButz
39cf62b921
README: add note about cachix 
Fixes #23
 2024-08-22 23:27:05 +02:00
WilliButz
5ca95f49ec
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9' (2024-06-30)
  → 'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz?narHash=sha256-lIbdfCsf8LMFloheeE6N31%2BBMIeixqyQWbSr2vk79EQ%3D' (2024-06-01)
  → 'https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz?narHash=sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q%3D' (2024-08-01)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/feb2849fdeb70028c70d73b848214b00d324a497' (2024-07-09)
  → 'github:NixOS/nixpkgs/c374d94f1536013ca8e92341b540eba4c22f9c62' (2024-08-21)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/4fd045cdb85f2a0173021a4717dc01d92d7ab2b2' (2024-06-28)
  → 'github:nix-community/poetry2nix/884b66152b0c625b8220b570a31dc7acc36749a3' (2024-08-21)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/68eb1dc333ce82d0ab0c0357363ea17c31ea1f81' (2024-06-16)
  → 'github:numtide/treefmt-nix/8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd' (2024-06-30)
 2024-08-22 23:05:34 +02:00
WilliButz
e7f57f7067
update: 2024.6.3 -> 2024.6.4 (security update) 
Fixes CVE-2024-42490

See https://docs.goauthentik.io/docs/releases/2024.6#fixed-in-202464

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/8f207c75046d722c17dee2bcf65fa386b06f5b9a' (2024-08-05)
  → 'github:goauthentik/authentik/8a0b31b9227ca33b96c5448f185419f17090ed38' (2024-08-22)
 2024-08-22 22:57:31 +02:00
WilliButz
80fc873618
update: 2024.6.2 -> 2024.6.3 
See https://docs.goauthentik.io/docs/releases/2024.6#fixed-in-202463

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/d6904b6aa1440f98f8061c3d12f7358c21b5ae2d' (2024-07-31)
  → 'github:goauthentik/authentik/8f207c75046d722c17dee2bcf65fa386b06f5b9a' (2024-08-05)
 2024-08-05 19:44:09 +02:00
WilliButz
9067dd09db
update: 2024.6.1 -> 2024.6.2 
Release notes: https://docs.goauthentik.io/docs/releases/2024.6#fixed-in-202462

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/9075270b01e784d25f2ec08b82e73f1ce3086184' (2024-07-11)
  → 'github:goauthentik/authentik/d6904b6aa1440f98f8061c3d12f7358c21b5ae2d' (2024-07-31)
 2024-08-03 10:24:41 +02:00
WilliButz
89cfaf2eb1
terraform-provider: 2024.4.1 -> 2024.6.0 2024-07-12 13:46:53 +02:00
WilliButz
0fc8ad1349
update: 2024.4.3 -> 2024.6.1 
Release notes: https://docs.goauthentik.io/docs/releases/2024.6

Includes a hacky workaround for a node dependency that is required to
build the `/website` subdirectory of the authentik repo, i.e. "docs".
That should not be required after the next major update, as the
dependency causing this is no longer used on authentik's main branch.

See components/docs.nix for more info.

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/5afceaa55f4d831db0cf9d80562e86eb43b622ec' (2024-06-26)
  → 'github:goauthentik/authentik/9075270b01e784d25f2ec08b82e73f1ce3086184' (2024-07-11)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d' (2024-04-01)
  → 'github:hercules-ci/flake-parts/c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9' (2024-06-30)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/d8fe5e6c92d0d190646fb9f1056741a229980089?dir=lib' (2024-03-29)
  → 'https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz?narHash=sha256-lIbdfCsf8LMFloheeE6N31%2BBMIeixqyQWbSr2vk79EQ%3D' (2024-06-01)
• Updated input 'napalm':
    'github:nix-community/napalm/edcb26c266ca37c9521f6a97f33234633cbec186' (2023-12-20)
  → 'github:nix-community/napalm/e1babff744cd278b56abe8478008b4a9e23036cf' (2024-06-09)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/6143fc5eeb9c4f00163267708e26191d1e918932' (2024-04-21)
  → 'github:NixOS/nixpkgs/feb2849fdeb70028c70d73b848214b00d324a497' (2024-07-29)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/e6b36523407ae6a7a4dfe29770c30b3a3563b43a' (2024-05-06)
  → 'github:nix-community/poetry2nix/4fd045cdb85f2a0173021a4717dc01d92d7ab2b2' (2024-06-28)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/c6aaf729f34a36c445618580a9f95a48f5e4e03f' (2024-04-25)
  → 'github:numtide/treefmt-nix/68eb1dc333ce82d0ab0c0357363ea17c31ea1f81' (2024-06-16)
 2024-07-12 12:24:51 +02:00
WilliButz
262910c7e9
README: add new matrix room 2024-07-12 12:24:51 +02:00
WilliButz
bb756751b0
update: 2024.4.2 -> 2024.4.3 (security update) 
Fixes CVE-2024-37905 and CVE-2024-38371

See https://docs.goauthentik.io/docs/releases/2024.4#fixed-in-202443

Flake lock file update:
• Updated input 'authentik-src':
    'github:goauthentik/authentik/1f5953b5b7e72c085246e8f19b94482dac946d83' (2024-05-07)
  → 'github:goauthentik/authentik/5afceaa55f4d831db0cf9d80562e86eb43b622ec' (2024-06-26)
 2024-06-26 13:36:02 +02:00
WilliButz
1942bdac27
Merge pull request #25 from Ma27/media-root-cfg-fix 
module: fix media root config
 2024-06-07 13:19:13 +02:00
WilliButz
46785dd20a
Merge pull request #26 from Ma27/go-testing 
components/gopkgs: skip tests
 2024-06-07 13:17:48 +02:00
Maximilian Bosch
a220eb605f
components/gopkgs: skip tests 
There aren't any tests, but it's hanging in this phase for a while since
it compiles Go code to see if there are any tests in the modules.

    authentik-gopkgs> Running phase: checkPhase
    authentik-gopkgs> ?     goauthentik.io/cmd/ldap [no test files]
    authentik-gopkgs> ?     goauthentik.io/cmd/server       [no test files]
    authentik-gopkgs> ?     goauthentik.io/cmd/proxy        [no test files]
    authentik-gopkgs> ?     goauthentik.io/cmd/radius       [no test files]
 2024-06-02 21:07:19 +02:00
Maximilian Bosch
d4c45b01f2
module: fix media root config 
Was changed within upstream commit abc0c2d2a2a0bfb0214798ed6bca9d59359b39f8.

The sole reason this worked was that `settings.storage.media.file.path`
pointed to `./media`, relative to `/var/lib/authentik`.

Update our config accordingly.
 2024-06-02 17:40:27 +02:00
WilliButz
e9ae3992d5
flake: comment out override-scope test for ci 2024-05-08 21:59:17 +02:00
WilliButz
dd78a73a98
terraform-provider: 2024.4.0 -> 2024.4.1 2024-05-08 13:09:35 +02:00
WilliButz
53e00921be
update: 2024.4.1 -> 2024.4.2 
- removed patch for frontend package-lock.json, meaning IFD (import from
  derivation) is no longer an issue

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/ca70c963e55daf73b479a4513da06ac5cea77718' (2024-04-26)
  → 'github:goauthentik/authentik/1f5953b5b7e72c085246e8f19b94482dac946d83' (2024-05-07)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/9245811b58905453033f1ef551f516cbee71c42c' (2024-04-26)
  → 'github:nix-community/poetry2nix/e6b36523407ae6a7a4dfe29770c30b3a3563b43a' (2024-05-06)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/e504621290a1fd896631ddbc5e9c16f4366c9f65' (2024-02-19)
  → 'github:numtide/treefmt-nix/c6aaf729f34a36c445618580a9f95a48f5e4e03f' (2024-04-25)
 2024-05-08 13:00:03 +02:00
WilliButz
47e376250e
module: increase priority for posgresql package default 
This gives the default value from this module a slightly higher
priority than the upstream module's default, while still allowing users
to simply set `services.postgresql.package` using the default priority.

The change in 8bc790171f introduced
`mkDefault` for the postgresql package.
Unfortunately the upstream package option default is also specified
using `mkDefault` instead of the more appropriate `mkOptionDefault`.

This meant that users with a `system.stateVersion` other than `22.05`,
`22.11` or `23.05` got an evaluation error because there are two
conflicting definitions for the package option.
 2024-05-02 18:27:53 +02:00
WilliButz
e9a0d0e62f
tests: update instructions, fix override-scope test 
Fixes divergence between the two test scripts.
The test doesn't need to be executed by default. It is just a
demonstration on how to use a custom scope that can be created with
the function `mkAuthentikScope`, that is available through the `lib`
flake output.
 2024-05-02 17:05:13 +02:00
WilliButz
e3a0712b29
Merge pull request #18 from quentinmit/softer-integration 
Reduce NixOS config overrides
 2024-04-30 16:48:25 +02:00
WilliButz
965f4d4012
module: drop default settings for airgapped mode 
These settings were originally taken from
https://docs.goauthentik.io/docs/installation/air-gapped
but I think they should be configured by users themselves rather than
being enforced by this module.

Notes:
* error reporting is already disabled by default
* the update check setting obviously didn't do anthing as the update
  check was always running
* "startup analytics" currently refers to a post request[1] to upstream authentik,
  that includes the running version and a SHA-512 digest of the unique
  installation id and an env string that refers to the environment in which
  authentik is running, that should be "custom"[2] for NixOS.

[1]: https://github.com/goauthentik/authentik/blob/version/2024.4.1/lifecycle/gunicorn.conf.py#L122-L137
[2]: https://github.com/goauthentik/authentik/blob/version/2024.4.1/authentik/lib/utils/reflection.py#L52-L64
 2024-04-28 14:18:53 +02:00
WilliButz
876db63217
module: don't set services.postgresql.package for new installations 2024-04-28 14:18:53 +02:00
Quentin Smith
8bc790171f
module: don't force Postgres 14 2024-04-28 13:13:42 +02:00
Quentin Smith
c178d820d7
module: use TZ environment variable to set UTC timezone instead of overriding system zone 2024-04-28 13:13:26 +02:00
WilliButz
d2a70db150
terraform-provider: 2023.10.0 -> 2024.4.0 2024-04-27 22:09:32 +02:00
WilliButz
608c5dd4f5
update: 2024.2.3 -> 2024.4.1 
Release notes: https://docs.goauthentik.io/docs/releases/2024.4

Notable dependency updates:
python 3.11 -> python 3.12
golang 1.21 -> golang 1.22
nixpkgs-23.11 -> nixpkgs-unstable (for golang 1.22 until 24.05)

Introduces patch to `web/package-lock.json`, see `components/frontend.nix`,
this will cause IFD until the issue is resolved.
https://nixos.org/manual/nix/stable/language/import-from-derivation

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/6bb180f94ec124092c4f87ae5f5d892a70b32ff3' (2024-04-17)
  → 'github:goauthentik/authentik/ca70c963e55daf73b479a4513da06ac5cea77718' (2024-04-26)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
  → 'github:NixOS/nixpkgs/6143fc5eeb9c4f00163267708e26191d1e918932' (2024-04-21)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/3c92540611f42d3fb2d0d084a6c694cd6544b609' (2024-02-22)
  → 'github:nix-community/poetry2nix/9245811b58905453033f1ef551f516cbee71c42c' (2024-04-26)
 2024-04-27 20:59:27 +02:00
WilliButz
5011f30262
update README 
- dropped table of contents. There is one rendered by the GitHub UI and it became
inconsistent anyway.
- add short section about usage without flakes
 2024-04-17 15:53:34 +02:00
WilliButz
4cdde46347
update: 2024.2.2 -> 2024.2.3 
Adapted media upload patch.

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/4ec37c52395df6a3b431934cb27771ff814b024c' (2024-03-04)
  → 'github:goauthentik/authentik/6bb180f94ec124092c4f87ae5f5d892a70b32ff3' (2024-04-17)
 2024-04-17 14:53:22 +02:00
WilliButz
8be1dcc549
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2' (2024-03-01)
  → 'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d' (2024-04-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/1536926ef5621b09bba54035ae2bb6d806d72ac8?dir=lib' (2024-02-29)
  → 'github:NixOS/nixpkgs/d8fe5e6c92d0d190646fb9f1056741a229980089?dir=lib' (2024-03-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28)
  → 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/617579a787259b9a6419492eaac670a5f7663917' (2024-03-04)
  → 'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
 2024-04-17 14:25:17 +02:00
WilliButz
d700a0df67
Merge pull request #21 from MarcelCoding/main 
ordering authentik after network is configured
 2024-04-06 21:57:13 +02:00
Marcel
29c944aece
fixed broken online dependencies 2024-04-06 21:51:16 +02:00
WilliButz
30686ffd70
update: 2024.2.1 -> 2024.2.2 
https://docs.goauthentik.io/docs/releases/2024.2#fixed-in-202422

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/8256f1897df0a741a81dcb066d4edae879c30408' (2024-02-22)
  → 'github:goauthentik/authentik/4ec37c52395df6a3b431934cb27771ff814b024c' (2024-03-04)
 2024-03-05 10:41:30 +01:00
WilliButz
a6284190eb
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/07f6395285469419cf9d078f59b5b49993198c00' (2024-01-11)
  → 'github:hercules-ci/flake-parts/f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2' (2024-03-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/b0d36bd0a420ecee3bc916c91886caca87c894e9?dir=lib' (2023-12-30)
  → 'github:NixOS/nixpkgs/1536926ef5621b09bba54035ae2bb6d806d72ac8?dir=lib' (2024-02-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/1ef2e671c3b0c19053962c07dbda38332dcebf26' (2024-01-15)
  → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/56911ef3403a9318b7621ce745f5452fb9ef6867' (2024-01-27)
  → 'github:NixOS/nixpkgs/617579a787259b9a6419492eaac670a5f7663917' (2024-03-04)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/403d923ea8e2e6cedce3a0f04a9394c4244cb806' (2024-02-17)
  → 'github:nix-community/poetry2nix/3c92540611f42d3fb2d0d084a6c694cd6544b609' (2024-02-22)
• Updated input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
  → 'github:nix-community/nix-github-actions/5163432afc817cf8bd1f031418d1869e4c9d5547' (2023-12-29)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
  → 'github:numtide/treefmt-nix/e504621290a1fd896631ddbc5e9c16f4366c9f65' (2024-02-19)
 2024-03-05 10:41:30 +01:00
WilliButz
1392167355
Merge pull request #20 from Ma27/ak-script 
module: add `ak` script
 2024-02-26 11:00:19 +01:00
Maximilian Bosch
2da27254c1
module: add ak script 
This was made possible by d85dacb6c2
which allows to directly use `manage.py`. That script is
effectively used whenever the `ak` command is referenced in the docs,
e.g. to set a new password for the superuser or to send a test email.

This needs to run as the same (dynamic) user and with the same env file,
otherwise `manage.py` exits early. To achieve that, I
decided to use `systemd-run(1)` because now the invocation can be
configured the same way as services are.
 2024-02-26 09:32:48 +01:00
WilliButz
5ed5c481f2
update: 2024.2.0 -> 2024.2.1 
release notes: https://goauthentik.io/docs/releases/2024.2#fixed-in-202421

cryptography hash: https://github.com/nix-community/poetry2nix/pull/1538

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/310983a4d027174afe40e6db908cdfdebf1182b8' (2024-02-21)
  → 'github:goauthentik/authentik/8256f1897df0a741a81dcb066d4edae879c30408' (2024-02-22)
 2024-02-22 17:38:01 +01:00
WilliButz
189ab274f5
Merge pull request #17 from MarcelCoding/radius 
Added radius outpost
 2024-02-22 15:01:51 +01:00
WilliButz
eb572302be
tests/minimal-vmtest: fix version check 
It's now further up :)
 2024-02-21 22:12:02 +01:00
WilliButz
d060292aa6
add patch to fix failing "tenant_files" migration 
The new migration in tenant_files.py references a MEDIA_ROOT directory
based on its own path, which in our case is in the read-only /nix/store.

We need it to refer to the actual authentik state directory instead,
which defaults to /var/lib/authentik/media in module.nix
 2024-02-21 22:12:02 +01:00
WilliButz
d85dacb6c2
components: drop celery, package manage.py instead 2024-02-21 22:12:02 +01:00
WilliButz
8edfcf318a
update: 2023.10.7 -> 2024.2.0 
Release notes: https://goauthentik.io/docs/releases/2024.2

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/e095e9f694d2a427940bc8616bc4025fef502a8b' (2024-01-29)
  → 'github:goauthentik/authentik/310983a4d027174afe40e6db908cdfdebf1182b8' (2024-02-21)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/4eb2ac54029af42a001c9901194e9ce19cbd8a40' (2024-02-06)
  → 'github:nix-community/poetry2nix/403d923ea8e2e6cedce3a0f04a9394c4244cb806' (2024-02-17)
 2024-02-21 22:12:02 +01:00
Marcel
52b831735c
Added radius outpost 2024-02-14 22:00:58 +01:00