tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
52 commits 1 branch 0 tags 968 KiB
Commit graph

52 commits

This branch
This branch
All branches
Author SHA1 Message Date
WilliButz
7f46d7ee99
flake.lock: Update, reference nixos-23.11 instead of unstable 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03)
  → 'github:hercules-ci/flake-parts/34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5' (2023-12-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/f5892ddac112a1e9b3612c39af1b72987ee5783a?dir=lib' (2023-09-29)
  → 'github:NixOS/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58?dir=lib' (2023-11-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12)
  → 'github:numtide/flake-utils/4022d587cbbfd70fe950c1e2083a02621806a725' (2023-12-04)
• Updated input 'nixpkgs-23-05':
    'github:NixOS/nixpkgs/41de143fda10e33be0f47eab2bfe08a50f234267' (2023-11-06)
  → 'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/8f2c483f9a40db26011f6668559574a4b86ed499' (2023-10-26)
  → 'github:nix-community/poetry2nix/9fc487b32a68473da4bf9573f85b388043c5ecda' (2023-12-06)
• Updated input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/bd5bdbb52350e145c526108f4ef192eb8e554fa0' (2023-09-02)
  → 'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
• Updated input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/aae39f64f5ecbe89792d05eacea5cb241891292a' (2023-10-15)
  → 'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
 2023-12-10 15:13:28 +01:00
WilliButz
9663811618
update: 2023.10.3 -> 2023.10.4 (security update) 
Includes fix for https://goauthentik.io/docs/security/CVE-2023-48228

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/82b5274b15ddf6d9925e7b349f70bbff5be1d8be' (2023-11-09)
  → 'github:goauthentik/authentik/a2a67161ac8b840d63cbaacdfbebb60fd48e901b' (2023-11-21)
 2023-11-21 18:47:39 +01:00
WilliButz
976d382bf4
update: 2023.10.2 -> 2023.10.3 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/8e72fcab59a65e900a35a0faa21fe0bfef4c63c3' (2023-10-28)
  → 'github:goauthentik/authentik/82b5274b15ddf6d9925e7b349f70bbff5be1d8be' (2023-11-09)
 2023-11-09 19:08:49 +01:00
WilliButz
2445de2001
terraform-provider-authentik: 2023.8.0 -> 2023.10.0 
The provider still specifies go 1.18 in go.mod, so nixpkgs@23.05 needs
to be pulled in again. Not really happy about this, maybe there's some
cleaner approach.
 2023-11-08 15:31:30 +01:00
WilliButz
c775e737f5
update: 2023.10.1 -> 2023.10.2 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/64c38909ffd969787f2d634b0e971b90a451d5db' (2023-10-26)
  → 'github:goauthentik/authentik/8e72fcab59a65e900a35a0faa21fe0bfef4c63c3' (2023-10-28)
 2023-10-28 22:42:43 +02:00
WilliButz
d3b1353030
github-workflows/flakehub: don't auto run 2023-10-28 22:42:28 +02:00
WilliButz
1ec83f48ae
update: 2023.10.0 -> 2023.10.1 2023-10-27 17:02:14 +02:00
WilliButz
e1ccfb9fb6
test: add trailing slash to urls 
Before 2023.10 this was implicitly supported, but undocumented.
See https://github.com/goauthentik/authentik/pull/6928/commits/c4ea44da1bb63182e5413bdf8f0a9
 2023-10-27 17:02:14 +02:00
WilliButz
cdffc37ad9
update: 2023.8.3 -> 2023.10.0 
* nixpkgs-23.05 -> nixpkgs-unstable (for nodejs 21)
* nodejs_20 -> nodejs_21
* go_1_20 -> go_1_21
* added workaround for poetry2nix to drop python dev-dependencies

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/f885f8c0395df639ccabd762910867bef0f4577c' (2023-09-11)
  → 'github:goauthentik/authentik/b7c02808c664714144bd7ae6fee4c6402a88f426' (2023-10-26)
• Updated input 'flake-compat':
    'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
  → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01)
  → 'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/3e52e76b70d5508f3cec70b882a29199f4d1ee85?dir=lib' (2023-08-31)
  → 'github:NixOS/nixpkgs/f5892ddac112a1e9b3612c39af1b72987ee5783a?dir=lib' (2023-09-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23)
  → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10)
  → 'github:NixOS/nixpkgs/8efd5d1e283604f75a808a20e6cde0ef313d07d4' (2023-10-24)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/c3d3c4a0396b1bcccd72c82551a319229997f6e4' (2023-09-08)
  → 'github:nix-community/poetry2nix/8f2c483f9a40db26011f6668559574a4b86ed499' (2023-10-26)
• Updated input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
  → 'github:nix-community/nix-github-actions/bd5bdbb52350e145c526108f4ef192eb8e554fa0' (2023-09-02)
• Added input 'poetry2nix/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/aae39f64f5ecbe89792d05eacea5cb241891292a' (2023-10-15)
• Added input 'poetry2nix/treefmt-nix/nixpkgs':
    follows 'poetry2nix/nixpkgs'
 2023-10-27 17:02:13 +02:00
WilliButz
e3e7edaba4
README: add explicit comment about secrets and enviromentFile 2023-10-04 20:13:25 +02:00
WilliButz
b200238be2
fill README with some instructions 2023-10-04 19:35:39 +02:00
WilliButz
f7fa85cc1f
module: add nginx support with cert auto-discovery 2023-10-04 17:55:39 +02:00
WilliButz
bc05d5ce25
test: check for correct version in admin settings 2023-10-04 16:32:01 +02:00
WilliButz
251d78a7f2
module: provide option to specify EnvironmentFile for secrets 
The systemd service module references the module's environmentFile in a
list to allow for merging with EnvironmentFiles injected elsewhere.
 2023-10-04 14:47:29 +02:00
WilliButz
cd00a35204
flake: remove node_modules/.cache in output 
(reduces closure size by ~250MiB)
 2023-09-11 22:03:14 +02:00
WilliButz
e298bde8c0
github-workflows/flakehub: try workaround for accepted version format 2023-09-11 21:32:32 +02:00
WilliButz
0fa7dd5ac7
update: 2023.8.2 -> 2023.8.3 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/97e4c8d5e22f21295b8d0eda039243433253ddfc' (2023-09-01)
  → 'github:goauthentik/authentik/f885f8c0395df639ccabd762910867bef0f4577c' (2023-09-11)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/59cf3f1447cfc75087e7273b04b31e689a8599fb' (2023-08-01)
  → 'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/9e1960bc196baf6881340d53dccb203a951745a2?dir=lib' (2023-08-01)
  → 'github:NixOS/nixpkgs/3e52e76b70d5508f3cec70b882a29199f4d1ee85?dir=lib' (2023-08-31)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/c540061ac8d72d6e6d99345bd2d590c82b2f58c1' (2023-08-28)
  → 'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/5b3a5151cf212021ff8d424f215fb030e4ff2837' (2023-08-26)
  → 'github:nix-community/poetry2nix/c3d3c4a0396b1bcccd72c82551a319229997f6e4' (2023-09-08)
 2023-09-11 21:26:18 +02:00
WilliButz
374fe09426
init flakehub-publish-tagged.yml 2023-09-09 15:39:41 +02:00
WilliButz
42e9874ace
add flake-compat 2023-09-09 11:35:21 +02:00
WilliButz
f89134f9ce
frontend: drop patch for package-lock.json after napalm update 
Napalm now correctly handles aliased dependencies.
 2023-09-06 12:45:03 +02:00
WilliButz
4ae65bc41c
flake.lock: Update 
Flake lock file updates:

• Updated input 'napalm':
    'github:nix-community/napalm/22b610cdb812ad7abf22c05af45778ee394fbfd1' (2023-06-22)
  → 'github:nix-community/napalm/a8215ccf1c80070f51a92771f3bc637dd9b9f7ee' (2023-09-06)
 2023-09-06 12:44:40 +02:00
WilliButz
604736f429
update: 2023.8.1 -> 2023.8.2 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/be3cfaee560a7d6fac157d61ae7186a92a279c9c' (2023-08-29)
  → 'github:goauthentik/authentik/97e4c8d5e22f21295b8d0eda039243433253ddfc' (2023-09-01)
 2023-09-01 18:43:47 +02:00
WilliButz
fbac551e86
terraform-provider: 2023.6.0 -> 2023.8.0 2023-08-31 11:58:28 +02:00
WilliButz
5d5cd2f358
README: drop outdated info 2023-08-30 16:48:59 +02:00
WilliButz
ae8ff44762
update: 2023.6.2 -> 2023.8.1 
* patched the package-lock for /web slightly to avoid what's likely a
  bug in napalm, causing the request for wrap-ansi@7.0.0 to be answered
  with a a 500 response. This seems to be the case because a name
  override is used for this module in the lock-file. While that is also
  the case for some other modules like string-width@4.2.3, they have a
  matching module with the name used in the override at the same
  version. Only wrap-ansi's version differs here, which causes the
  issue.
 2023-08-30 16:37:06 +02:00
WilliButz
d464790711
update: 2023.6.1 -> 2023.6.2 (security update) 
contains fix for CVE-2023-39522
https://github.com/goauthentik/authentik/security/advisories/GHSA-vmf9-6pcv-xr87

Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/d6af506a78caaf9e6ef394dffa1f931bcc2cd656' (2023-07-10)
  → 'github:goauthentik/authentik/aba857753bcf785a2023d3ac80f9a6f7f15979fe' (2023-08-29)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8e8d955c22df93dbe24f19ea04f47a74adbdc5ec' (2023-07-04)
  → 'github:hercules-ci/flake-parts/59cf3f1447cfc75087e7273b04b31e689a8599fb' (2023-08-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/4bc72cae107788bf3f24f30db2e2f685c9298dc9?dir=lib' (2023-06-29)
  → 'github:NixOS/nixpkgs/9e1960bc196baf6881340d53dccb203a951745a2?dir=lib' (2023-08-01)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
  → 'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e11142026e2cef35ea52c9205703823df225c947' (2023-07-05)
  → 'github:NixOS/nixpkgs/c540061ac8d72d6e6d99345bd2d590c82b2f58c1' (2023-08-28)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/f9c886e188503db79b59f15c014d86aa680d9141' (2023-07-07)
  → 'github:nix-community/poetry2nix/5b3a5151cf212021ff8d424f215fb030e4ff2837' (2023-08-26)
• Added input 'poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
• Added input 'poetry2nix/nix-github-actions/nixpkgs':
    follows 'poetry2nix/nixpkgs'
 2023-08-29 20:18:44 +02:00
WilliButz
a0111331a9
Merge pull request #2 from muccc/terraform-provider-2023.6.0 
terraform-provider-authentik: 2023.5.0 -> 2023.6.0
 2023-07-31 12:27:16 +02:00
Franz Pletz
77eef774b5
authentik-gopkgs: fix typo 2023-07-31 12:16:16 +02:00
Franz Pletz
f9ccfdbb61
flake: remove unused rec 2023-07-31 12:16:16 +02:00
Franz Pletz
41eca29b3a
terraform-provider-authentik: 2023.5.0 -> 2023.6.0 2023-07-31 12:16:16 +02:00
WilliButz
39d0aeba31
update: 2023.6.0 -> 2023.6.1 
Flake lock file updates:

• Updated input 'authentik-src':
    'github:goauthentik/authentik/7db9ced218ed6584fe4ab9e4f115509fac9bdd52' (2023-07-07)
  → 'github:goauthentik/authentik/d6af506a78caaf9e6ef394dffa1f931bcc2cd656' (2023-07-10)
 2023-07-13 12:25:58 +02:00
WilliButz
9449792f5b
python-overrides: update for 2023.6.0 2023-07-13 12:10:56 +02:00
WilliButz
8d4ad4d50c
flake: patch migrate.py to discover system_migrations 
Previously "system_migrations" were silently not applied, because the
migration script tries to find them relatively to its own location, but
here they are not in the same /bin folder that migrate.py is placed in.
 2023-07-13 11:58:28 +02:00
WilliButz
71f8f2a652
flake: update go vendor hash 2023-07-13 11:58:00 +02:00
WilliButz
6207ab1e66
frontend: switch to patched web/package-lock.json version 3 2023-07-13 11:57:15 +02:00
WilliButz
3b9fff6c23
flake: update inputs for 2023.6.0 2023-07-13 11:45:15 +02:00
WilliButz
4baa548996
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/37dd7bb15791c86d55c5121740a1887ab55ee836' (2023-06-26)
  → 'github:hercules-ci/flake-parts/8e8d955c22df93dbe24f19ea04f47a74adbdc5ec' (2023-07-04)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/4f53efe34b3a8877ac923b9350c874e3dcd5dc0a?dir=lib' (2023-05-31)
  → 'github:NixOS/nixpkgs/4bc72cae107788bf3f24f30db2e2f685c9298dc9?dir=lib' (2023-06-29)
• Updated input 'flake-utils':
    'github:numtide/flake-utils/3db36a8b464d0c4532ba1c7dda728f4576d6d073' (2023-02-13)
  → 'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
• Added input 'flake-utils/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/3a70dd92993182f8e514700ccf5b1ae9fc8a3b8d' (2023-05-31)
  → 'github:NixOS/nixpkgs/e11142026e2cef35ea52c9205703823df225c947' (2023-07-05)
• Updated input 'poetry2nix':
    'github:nix-community/poetry2nix/f11cc14e28078c701072f2d1fb34a6495c9376b1' (2023-05-30)
  → 'github:nix-community/poetry2nix/f9c886e188503db79b59f15c014d86aa680d9141' (2023-07-07)
 2023-07-07 14:13:51 +02:00
WilliButz
cb27d69da8
update: 2023.5.4 -> 2023.5.5 2023-07-06 18:27:26 +02:00
WilliButz
fcc7b2f997
module: authentik-ldap drop environment variables 
This should be configured with a proper authentik hostname and a
matching certificate that can be validated with the system CA bundle.
 2023-06-29 22:51:57 +02:00
WilliButz
62f7cce184
module: add basic ldap outpost service 2023-06-29 13:24:17 +02:00
WilliButz
360f4c7321
module: refactor as preparation for ldap-outpost 2023-06-28 17:12:36 +02:00
WilliButz
48fb996263
flake: build cmd/radius in gopkgs ouput 2023-06-28 17:03:11 +02:00
WilliButz
6a36be0646
flake: add terraform-provider-authentik 2023-06-28 16:55:48 +02:00
WilliButz
6830ada44a
refactor flake 
* switched from flake-utils to flake-parts
* dropped the overlay and instead populate configurable options for all
required authentik components in the module
* `nixosModule.default` is now a top-level output following the flake spec,
instead of the previously incorrect system-specific definition
 2023-06-28 16:39:23 +02:00
WilliButz
e584b40578
update: 2023.5.3 -> 2023.5.4 2023-06-22 22:52:30 +02:00
WilliButz
16a034e9f8
README: provide basic project overview 2023-06-12 14:13:13 +02:00
WilliButz
e079fe0719
module: restart services if global config file changes 2023-06-07 15:11:54 +02:00
WilliButz
3c661c5095
module: use postgres peer auth instead of password auth 2023-06-07 15:11:54 +02:00
WilliButz
b51c438d24
update: 2023.5.1 -> 2023.5.3 2023-06-02 16:53:54 +02:00
WilliButz
2c42aa361f
add todos 2023-06-02 16:25:05 +02:00