tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: tamipes:6bb0bc723d4bf61eaa0af4fbe6c3bbae8e20c8fe
Branches Tags
tamipes:main
..
compare: tamipes:3c41de82c3bbb4fb5a280723795e3dc5a88cd7be
Branches Tags
tamipes:main

10 commits
6bb0bc723d ... 3c41de82c3

Author SHA1 Message Date
Tamipes
3c41de82c3 fix: temporary fix by tami
Some checks failed
Tests / Flake Check (push) Failing after 3s
Details
2026-05-29 15:33:50 +02:00
Maximilian Bosch
88a8771c30
Merge pull request #123 from nix-community/dependabot/nix/pyproject-build-systems-7bff980 
build(deps): bump pyproject-build-systems from `ffaa216` to `7bff980`
 2026-05-26 13:40:54 +02:00
Maximilian Bosch
dd9ef81535
Merge pull request #122 from nix-community/dependabot/nix/uv2nix-fdf2a76 
build(deps): bump uv2nix from `b48abe9` to `fdf2a76`
 2026-05-26 13:40:49 +02:00
dependabot[bot]
43032d4d04
build(deps): bump pyproject-build-systems from ffaa216 to 7bff980 
Bumps [pyproject-build-systems](https://github.com/pyproject-nix/build-system-pkgs) from `ffaa216` to `7bff980`.
- [Commits](ffaa2161dd...7bff980f37)

---
updated-dependencies:
- dependency-name: pyproject-build-systems
  dependency-version: 7bff980f37fc24e09dbc986643719900c139bf12
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 18:18:28 +00:00
dependabot[bot]
a41613b712
build(deps): bump uv2nix from b48abe9 to fdf2a76 
Bumps [uv2nix](https://github.com/pyproject-nix/uv2nix) from `b48abe9` to `fdf2a76`.
- [Commits](b48abe99ef...fdf2a76275)

---
updated-dependencies:
- dependency-name: uv2nix
  dependency-version: fdf2a76275d7a9c27deb5d2f2ab33526ac9052ff
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-25 18:18:23 +00:00
Maximilian Bosch
451a9a1d27
Merge pull request #116 from Ma27/maintenance 
Flake update & project maintenance
 2026-05-15 17:27:29 +02:00
Maximilian Bosch
4f27356536
tests: address machine deprecation 2026-05-15 11:48:16 +02:00
Marcel
03895f5997
terraform-provider-authentik: 2025.12.0 -> 2026.2.0 2026-05-15 11:47:01 +02:00
Marcel
6dc61c8c21
checks: use firefox in kiosk mode 
I don't know why but this fixes the tests after the `nix flake update`.
 2026-05-15 11:46:41 +02:00
Maximilian Bosch
0bc1bd9de1
flake.lock: Update 
Flake lock file updates:

• Updated input 'authentik-go':
    'github:goauthentik/client-go/4c1444ee54d945fbcc5ae107b4f191ca0352023d' (2026-02-23)
  → 'github:goauthentik/client-go/58f64509446aab6bc2d9b1fe36be19b5f2a3b4a8' (2026-05-13)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/57928607ea566b5db3ad13af0e57e921e6b12381' (2026-02-02)
  → 'github:hercules-ci/flake-parts/f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb' (2026-05-13)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:nix-community/nixpkgs.lib/72716169fe93074c333e8d0173151350670b824c' (2026-02-01)
  → 'github:nix-community/nixpkgs.lib/f5901329dade4a6ea039af1433fb087bd9c1fe14' (2026-04-26)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/2fc6539b481e1d2569f25f8799236694180c0993' (2026-02-23)
  → 'github:NixOS/nixpkgs/da5ad661ba4e5ef59ba743f0d112cbc30e474f32' (2026-05-10)
• Updated input 'pyproject-build-systems':
    'github:pyproject-nix/build-system-pkgs/04e9c186e01f0830dad3739088070e4c551191a4' (2026-02-18)
  → 'github:pyproject-nix/build-system-pkgs/ffaa2161dd5d63e0e94591f86b54fc239660fb2e' (2026-04-20)
• Updated input 'pyproject-nix':
    'github:pyproject-nix/pyproject.nix/eb204c6b3335698dec6c7fc1da0ebc3c6df05937' (2026-02-19)
  → 'github:pyproject-nix/pyproject.nix/69f57f27e52a87c54e28138a75ec741cd46663c9' (2026-04-20)
• Updated input 'uv2nix':
    'github:pyproject-nix/uv2nix/5ad90d48b80ecc920ca2247d53f46beba302e186' (2026-05-04)
  → 'github:pyproject-nix/uv2nix/b48abe99ef639cd100c224898529370e5d935294' (2026-05-13)
 2026-05-14 17:55:10 +02:00
5 changed files with 82 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

2
components/gopkgs.nix
View file

@ -69,7 +69,7 @@ buildGo125Module {
] ++ lib.optionals guacamoleAvailable [ ] ++ lib.optionals guacamoleAvailable [
"cmd/rac" "cmd/rac"
]; ];
vendorHash = "sha256-Rz6qSQjcTcwJy94fs6MDx/M/dfPxe7V2GTu7/ugvFTA="; vendorHash = "sha256-aWXC0D3ixJ+G3gKx3v4gTyF6SfLKaLuMx6kTzhjW65Y=";
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [ makeWrapper ];
doCheck = false; doCheck = false;
postInstall = '' postInstall = ''

42
flake.lock generated
View file

@ -3,11 +3,11 @@
"authentik-go": { "authentik-go": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1771856219, "lastModified": 1778672763,
"narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=", "narHash": "sha256-K0dzj+GnajGz63Gp+NYyhanjhtDxpzCKpmdIZYMfz/M=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "client-go", "repo": "client-go",
"rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d", "rev": "58f64509446aab6bc2d9b1fe36be19b5f2a3b4a8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -54,11 +54,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1769996383, "lastModified": 1778716662,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -113,11 +113,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1771848320, "lastModified": 1778443072,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", "narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993", "rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -129,11 +129,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1769909678, "lastModified": 1777168982,
"narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", "narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "72716169fe93074c333e8d0173151350670b824c", "rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -155,11 +155,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1771423342, "lastModified": 1779676664,
"narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=", "narHash": "sha256-MbXylBTkWqVm8/VYjoULtMoVRgWBN1gSHbeRKsOsPlU=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "build-system-pkgs", "repo": "build-system-pkgs",
"rev": "04e9c186e01f0830dad3739088070e4c551191a4", "rev": "7bff980f37fc24e09dbc986643719900c139bf12",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -175,11 +175,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1771518446, "lastModified": 1776715674,
"narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=", "narHash": "sha256-Gs1VnEkCkkRZxJQAC/Dhz0Jbfi22mFXChbtNg9w/Ybg=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "pyproject.nix", "repo": "pyproject.nix",
"rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937", "rev": "69f57f27e52a87c54e28138a75ec741cd46663c9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -228,11 +228,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1777895960, "lastModified": 1779411315,
"narHash": "sha256-KebDsQd+A7pm++Tp0744EjULttHvz1wbKqNKkMA/088=", "narHash": "sha256-IMFlxeyClau51KplhhSRGhdGTvD/knShHdybP1UOTuk=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "uv2nix", "repo": "uv2nix",
"rev": "5ad90d48b80ecc920ca2247d53f46beba302e186", "rev": "fdf2a76275d7a9c27deb5d2f2ab33526ac9052ff",
"type": "github" "type": "github"
}, },
"original": { "original": {

8
flake.nix
View file

@ -176,15 +176,15 @@
terraform-provider-authentik = inputs.nixpkgs.legacyPackages.${system}.buildGoModule rec { terraform-provider-authentik = inputs.nixpkgs.legacyPackages.${system}.buildGoModule rec {
pname = "terraform-provider-authentik"; pname = "terraform-provider-authentik";
version = "2025.12.0"; version = "2026.2.0";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "goauthentik"; owner = "goauthentik";
repo = pname; repo = pname;
rev = "v${version}"; tag = "v${version}";
sha256 = "sha256-1a8HaOqTckkbbHLM58L+LY1eCp8+sVkuOmAw7xljpTU="; hash = "sha256-a4V9bc7Xwq43Ld5Uey40+1BUUS9RFT2yqd0ZdILwsSE=";
}; };
doCheck = false; # tests are run against authentik -> vm test doCheck = false; # tests are run against authentik -> vm test
vendorHash = "sha256-LvXWlmCBXnHElZyTKpKPwfXgT53HpR+Bc5XjkB7bM/A="; vendorHash = "sha256-usaz9EKOCbTV2QEKWvCOdYDY2ieQOR5OZqU/S9PU1V0=";
postInstall = '' postInstall = ''
path="$out/libexec/terraform-providers/registry.terraform.io/goauthentik/authentik/${version}/''${GOOS}_''${GOARCH}/" path="$out/libexec/terraform-providers/registry.terraform.io/goauthentik/authentik/${version}/''${GOOS}_''${GOARCH}/"
mkdir -p "$path" mkdir -p "$path"

58
tests/minimal-vmtest.nix
View file

@ -59,44 +59,44 @@ pkgs.testers.runNixOSTest {
authentik.wait_until_succeeds("curl -fL http://localhost:9000/if/flow/initial-setup/ >&2") authentik.wait_until_succeeds("curl -fL http://localhost:9000/if/flow/initial-setup/ >&2")
with subtest("Frontend renders"): with subtest("Frontend renders"):
machine.succeed("su - alice -c 'firefox http://localhost:9000/if/flow/initial-setup/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost:9000/if/flow/initial-setup/' >&2 &")
machine.wait_for_text("Welcome to authentik") authentik.wait_for_text("Welcome to authentik")
machine.screenshot("1_rendered_frontend") authentik.screenshot("1_rendered_frontend")
with subtest("admin account setup works"): with subtest("admin account setup works"):
machine.send_key("tab") authentik.send_key("tab")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("akadmin@localhost") authentik.send_chars("akadmin@localhost")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("foobar") authentik.send_chars("foobar")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("foobar") authentik.send_chars("foobar")
machine.send_key("ret") authentik.send_key("ret")
machine.wait_for_text("My applications") authentik.wait_for_text("My applications")
machine.send_key("esc") authentik.send_key("esc")
machine.screenshot("2_initial_setup_successful") authentik.screenshot("2_initial_setup_successful")
with subtest("admin settings render and version as expected"): with subtest("admin settings render and version as expected"):
machine.succeed("su - alice -c 'firefox http://localhost:9000/if/admin/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost:9000/if/admin/' >&2 &")
machine.wait_for_text("General system status") authentik.wait_for_text("General system status")
machine.screenshot("3_rendered_admin_interface") authentik.screenshot("3_rendered_admin_interface")
machine.succeed("su - alice -c 'xdotool click 1' >&2") authentik.succeed("su - alice -c 'xdotool click 1' >&2")
machine.succeed("su - alice -c 'xdotool key --delay 100 Page_Down' >&2") authentik.succeed("su - alice -c 'xdotool key --delay 100 Page_Down' >&2")
# sometimes the cursor covers the version string # sometimes the cursor covers the version string
machine.succeed("su - alice -c 'xdotool mousemove_relative 50 50' >&2") authentik.succeed("su - alice -c 'xdotool mousemove_relative 50 50' >&2")
machine.wait_for_text("${builtins.replaceStrings [ "." ] [ ".?" ] authentik-version}") authentik.wait_for_text("${builtins.replaceStrings [ "." ] [ ".?" ] authentik-version}")
machine.screenshot("4_correct_version_in_admin_interface") authentik.screenshot("4_correct_version_in_admin_interface")
with subtest("nginx proxies to authentik"): with subtest("nginx proxies to authentik"):
machine.succeed("su - alice -c 'firefox http://localhost/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost/' >&2 &")
machine.wait_for_text("authentik") authentik.wait_for_text("authentik")
machine.screenshot("5_nginx_proxies_requests") authentik.screenshot("5_nginx_proxies_requests")
with subtest("metrics & worker"): with subtest("metrics & worker"):
machine.wait_for_open_port(9300) authentik.wait_for_open_port(9300)
machine.wait_for_open_port(9301) authentik.wait_for_open_port(9301)
print(machine.succeed("curl -L localhost:9300/metrics | grep authentik_outpost_connection | grep 'Embedded'")) print(authentik.succeed("curl -L localhost:9300/metrics | grep authentik_outpost_connection | grep 'Embedded'"))
print(machine.succeed("curl -L localhost:9301/metrics | grep authentik_tasks_total")) print(authentik.succeed("curl -L localhost:9301/metrics | grep authentik_tasks_total"))
''; '';
} }

54
tests/override-scope.nix
View file

@ -47,8 +47,8 @@ pkgs.testers.runNixOSTest {
nodes = { nodes = {
authentik = { authentik = {
virtualisation = { virtualisation = {
cores = 3; cores = 6;
memorySize = 3072; memorySize = 8192;
}; };
imports = [ imports = [
nixosModules.default nixosModules.default
@ -100,37 +100,37 @@ pkgs.testers.runNixOSTest {
authentik.wait_until_succeeds("curl -fL http://localhost:9000/if/flow/initial-setup/ >&2") authentik.wait_until_succeeds("curl -fL http://localhost:9000/if/flow/initial-setup/ >&2")
with subtest("Frontend renders"): with subtest("Frontend renders"):
machine.succeed("su - alice -c 'firefox http://localhost:9000/if/flow/initial-setup/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost:9000/if/flow/initial-setup/' >&2 &")
machine.wait_for_text("${customWelcome}") authentik.wait_for_text("${customWelcome}")
machine.screenshot("1_rendered_frontend") authentik.screenshot("1_rendered_frontend")
with subtest("admin account setup works"): with subtest("admin account setup works"):
machine.send_key("tab") authentik.send_key("tab")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("akadmin@localhost") authentik.send_chars("akadmin@localhost")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("foobar") authentik.send_chars("foobar")
machine.send_key("tab") authentik.send_key("tab")
machine.send_chars("foobar") authentik.send_chars("foobar")
machine.send_key("ret") authentik.send_key("ret")
machine.wait_for_text("My applications") authentik.wait_for_text("My applications")
machine.send_key("esc") authentik.send_key("esc")
machine.screenshot("2_initial_setup_successful") authentik.screenshot("2_initial_setup_successful")
with subtest("admin settings render and version as expected"): with subtest("admin settings render and version as expected"):
machine.succeed("su - alice -c 'firefox http://localhost:9000/if/admin/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost:9000/if/admin/' >&2 &")
machine.wait_for_text("General system status") authentik.wait_for_text("General system status")
machine.screenshot("3_rendered_admin_interface") authentik.screenshot("3_rendered_admin_interface")
machine.succeed("su - alice -c 'xdotool click 1' >&2") authentik.succeed("su - alice -c 'xdotool click 1' >&2")
machine.succeed("su - alice -c 'xdotool key --delay 100 Page_Down' >&2") authentik.succeed("su - alice -c 'xdotool key --delay 100 Page_Down' >&2")
# sometimes the cursor covers the version string # sometimes the cursor covers the version string
machine.succeed("su - alice -c 'xdotool mousemove_relative 50 50' >&2") authentik.succeed("su - alice -c 'xdotool mousemove_relative 50 50' >&2")
machine.wait_for_text("${builtins.replaceStrings [ "." ] [ ".?" ] authentik-version}") authentik.wait_for_text("${builtins.replaceStrings [ "." ] [ ".?" ] authentik-version}")
machine.screenshot("4_correct_version_in_admin_interface") authentik.screenshot("4_correct_version_in_admin_interface")
with subtest("nginx proxies to authentik"): with subtest("nginx proxies to authentik"):
machine.succeed("su - alice -c 'firefox http://localhost/' >&2 &") authentik.succeed("su - alice -c 'firefox --kiosk http://localhost/' >&2 &")
machine.wait_for_text("authentik") authentik.wait_for_text("authentik")
machine.screenshot("5_nginx_proxies_requests") authentik.screenshot("5_nginx_proxies_requests")
''; '';
} }