RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: openssf best practices (#5079) 

* docs: openssf best practices

* docs: update csp

* docs: update sponsors and governance
pull/5088/head
James Elliott 2023-03-19 17:29:12 +11:00 committed by GitHub
parent bfb45c57b8
commit a2b3cbd794
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 525 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CONTRIBUTING.md
View File

@ -18,7 +18,9 @@ repository (but search first in case a similar issue already exists).
If you would like to fix a bug or implement a feature, please fork the repository and create a Pull Request.
More information on getting set up locally can be found in the
[Development Contribution](https://www.authelia.com/contributing/development/introduction/) documentation.
[Development Contribution](https://www.authelia.com/contributing/development/introduction/) documentation, in addition
the [Contribution Guidelines](https://www.authelia.com/contributing/guidelines/introduction/) documentation includes
several contribution guidelines.
Before you start any Pull Request, it's recommended that you create an issue to discuss first if you have any doubts
about requirement or implementation. That way you can be sure that the maintainer(s) agree on what to change and how,

5
README.md
View File

@ -4,9 +4,10 @@
[![Build](https://img.shields.io/buildkite/d6543d3ece3433f46dbe5fd9fcfaf1f68a6dbc48eb1048bc22/master?logo=buildkite&style=flat-square&color=brightgreen)](https://buildkite.com/authelia/authelia)
[![Go Report Card](https://goreportcard.com/badge/github.com/authelia/authelia/v4?logo=go&style=flat-square)](https://goreportcard.com/report/github.com/authelia/authelia/v4)
[![GitHub Release](https://img.shields.io/github/release/authelia/authelia.svg?logo=github&style=flat-square&color=blue)](https://github.com/authelia/authelia/releases)
[![Docker Tag](https://img.shields.io/docker/v/authelia/authelia/latest?logo=docker&style=flat-square&color=blue&sort=semver)](https://hub.docker.com/r/authelia/authelia/tags)
[![Docker Size](https://img.shields.io/docker/image-size/authelia/authelia/latest?logo=docker&style=flat-square&color=blue&sort=semver)](https://hub.docker.com/r/authelia/authelia/tags)
[![GitHub Release](https://img.shields.io/github/release/authelia/authelia.svg?logo=github&style=flat-square&color=blue)](https://github.com/authelia/authelia/releases)
![Docker Pulls](https://img.shields.io/docker/pulls/authelia/authelia?label=pulls&style=flat-square)
[![AUR source version](https://img.shields.io/aur/version/authelia?logo=arch-linux&label=authelia&style=flat-square&color=blue)](https://aur.archlinux.org/packages/authelia/)
[![AUR binary version](https://img.shields.io/aur/version/authelia-bin?logo=arch-linux&label=authelia-bin&style=flat-square&color=blue)](https://aur.archlinux.org/packages/authelia-bin/)
[![AUR development version](https://img.shields.io/aur/version/authelia-git?logo=arch-linux&label=authelia-git&style=flat-square&color=blue)](https://aur.archlinux.org/packages/authelia-git/)
@ -15,6 +16,8 @@
[![Discord](https://img.shields.io/discord/707844280412012608?label=discord&logo=discord&style=flat-square&color=blue)](https://discord.authelia.com)
[![Matrix](https://img.shields.io/matrix/authelia-support:matrix.org?label=matrix&logo=matrix&style=flat-square&color=blue)](https://matrix.to/#/#support:authelia.com)
[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/7128/badge?label=matrix&logo=matrix&style=flat-square&color=blue)](https://bestpractices.coreinfrastructure.org/projects/7128)
**Authelia** is an open-source authentication and authorization server providing two-factor authentication and single
sign-on (SSO) for your applications via a web portal. It acts as a companion for [reverse proxies](#proxy-support) by
allowing, denying, or redirecting requests.

98
SECURITY.md
View File

@ -2,46 +2,92 @@
## Prologue
Authelia takes security very seriously. We follow the rule of
[responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure), and we urge our community to do so as
well instead of making the vulnerability public. This allows time for the security issue to be patched quickly.
The __Authelia__ team takes security very seriously. Because __Authelia__ is intended as a security product a lot of
decisions are made with security being the priority and we always aim to implement security by design.
If you discover a vulnerability in Authelia, please first contact one of the maintainers privately as described in the
[contact options](#contact-options) below.
## Coordinated vulnerability disclosure
We urge you not to disclose the bug publicly at least until we've had a
reasonable chance to fix it, and to clearly communicate any public disclosure timeline in your initial contact with us.
If you do not have a particular public disclosure timeline, we will clearly communicate ours as we publish security
advisories.
__Authelia__ follows the
[coordinated vulnerability disclosure](https://en.wikipedia.org/wiki/Coordinated_vulnerability_disclosure) model when
dealing with security vulnerabilities. This was previously known as responsible disclosure. We strongly urge anyone
reporting vulnerabilities to __Authelia__ or any other project to follow this model as it is considered as a best
practice by many in the security industry.
If you believe you have identified a security vulnerability or security related bug with __Authelia__ please make every
effort to contact us privately using one of the [contact options](#contact-options) below. Please do not open an issue,
do not notify us in public, and do not disclose this issue to third parties.
Using this process helps ensure that users affected have an avenue to fixing the issue as close to the issue being
made public as possible. This mitigates the increasing the attack surface (via improving attacker knowledge) for
diligent administrators simply via the act of disclosing the security issue.
For more information about [security](https://www.authelia.com/information/security/) related matters, please read
[the documentation](https://www.authelia.com/information/security/).
## Contact Options
Several [contact options](README.md#contact-options) exist, it's important to make sure you contact the maintainers
privately which is described in each available contact method. The methods include our [security email](README.md#security),
[Matrix](README.md#matrix), and [Discord](README.md#discord).
Several contact options exist however it's important you specifically use a security contact method when reporting a
security vulnerability or security related bug. These methods are clearly documented below.
## Credit
### GitHub Security
Users who report bugs will optionally be credited for the discovery. Both in the [security advisory] and in our
[all contributors](README.md#contribute) configuration/documentation.
Users can utilize GitHub's security vulnerability system to privately [report a vulnerability]. This is an easy method
for users who have a GitHub account.
### Email
Users can utilize the [security@authelia.com](mailto:security@authelia.com) email address to privately report a
vulnerability. This is an easy method of users who do not have a GitHub account.
This email address is only accessible by key members of the team for the purpose of disclosing security vulnerabilities
and issues within the __Authelia__ code base.
### Chat
If you wish to chat directly instead of sending an email please use either [Matrix](README.md#matrix) or
[Discord](README.md#discord) to direct / private message one of the core team members.
Please avoid this method unless absolutely necessary. We generally prefer that users use either the
[GitHub Security](#github-security) or [Email](#email) option rather than this option as it both allows multiple team
members to deal with the report and prevents mistakes when contacting a core team member.
The core team members are identified in [Matrix](README.md#matrix) as room admins, and in [Discord](README.md#discord)
with the `Core Team` role.
## Process
1. User privately reports a potential vulnerability.
2. The core team reviews the report and ascertain if additional information is required.
3. The core team reproduces the bug.
4. The bug is patched, and if possible the user reporting te bug is given access to a fixed version or git patch.
5. The fix is confirmed to resolve the vulnerability.
6. The fix is released.
7. The [security advisory] is published sometime after users have had a chance to update.
1. The user privately reports a potential vulnerability.
2. The report is acknowledged as received.
3. The report is reviewed to ascertain if additional information is required. If it is required:
1. The user is informed that the additional information is required.
2. The user privately adds the additional information.
3. The process begins at step 3 again, proceeding to step 4 if the additional information provided is sufficient.
4. The vulnerability is reproduced.
5. The vulnerability is patched, and if possible the user reporting the bug is given access to a fixed binary, docker
image, and git patch.
6. The patch is confirmed to resolve the vulnerability.
7. The fix is released.
8. The [security advisory] is published sometime after users have had a chance to update.
## Help Wanted
## Credit
We are actively looking for sponsorship to obtain either a code security audit, penetration testing, or other audits
related to improving the security of Authelia. If your company or you personally are willing to offer discounts, pro
bono, or funding towards services like these please feel free to contact us on *any* of the methods above.
Users who report bugs will at their discretion (i.e. they do not have to be if they wish to remain anonymous) be
credited for the discovery. Both in the [security advisory] and in our [all contributors](README.md#contribute)
documentation.
## Help wanted
We are actively looking for sponsorship to obtain security audits to comprehensively ensure the security of _Authelia_.
As security is really important to us we see this as one of the main financial priorities.
We believe that we should obtain the following categories of security audits:
* Code Security Audit / Analysis
* Penetration Testing
If you know of a company which either performs these kinds of audits and would be willing to sponsor the audit in some
way such as doing it pro bono or at a discounted rate, or wants to help improve _Authelia_ in a meaningful way and is
willing to make a financial contribution towards this then please feel free to contact us.
[security advisory]: https://github.com/authelia/authelia/security/advisories
[report a vulnerability]: https://github.com/authelia/authelia/security/advisories/new

7
docs/config/_default/menus/menus.en.toml
View File

@ -62,7 +62,12 @@
url = "/code-of-conduct"
weight = 30
[[footer]]
name = "About"
url = "/information/about"
weight = 40
[[footer]]
name = "Contact"
url = "/information/contact"
weight = 40
weight = 50

20
docs/content/en/contributing/development/build-and-test.md
View File

@ -94,6 +94,26 @@ authelia-scripts suites test Standalone
The suite will be spawned, tests will be run and then the suite will be torn down automatically.
## Manually Building
### Binary
If you want to manually build the binary from source you will require the open source software described in the
[Development Environment](./environment.md#setup) documentation.
Then the commands required are as follows:
```bash
git clone https://github.com/authelia/authelia.git
cd authelia\web
pnpm install
pnpm build
cd ..
go mod download
CGO_ENABLED=1 CGO_CPPFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-strong" CGO_LDFLAGS="-Wl,-z,relro,-z,now" \
go build -ldflags "-linkmode=external -s -w" -trimpath -buildmode=pie -o authelia ./cmd/authelia
```
[suites]: ./integration-suites.md
[React]: https://reactjs.org/
[go]: https://go.dev/dl/

17
docs/content/en/contributing/guidelines/introduction.md
View File

@ -19,3 +19,20 @@ those which are automated and those which are not in this section.
While it's expected that people aim to follow all of these guidelines we understand that there are logical exceptions to
all guidelines and if it makes sense we're likely to agree with you. So if you find a situation where it doesn't make
sense to follow one just let us know your reasoning when you make a PR if it's not obvious.
## General Guidelines
Some general guidelines include:
- Testing:
- While we aim for 100% coverage on changes, we do not enforce this where it doesn't make practical sense:
- A test which just marks a line as tested is not necessarily an effectual test
- Sometimes there is limited ways in which tests can be performed and the limitation makes the test ineffectual
- Tests should be named to reflect what they testing for and which part of the code they are testing
- It's strongly encouraged for bug fixes that contributors create a test that fails prior to fixing the bug and passes
after fixing the bug and that this test is part of the contribution
- It's strongly encouraged for features that contributors create have as much testing as is reasonable
- It's recommended people wishing to contribute discuss their intended changes prior to contributing
- This helps avoid people doubling up on contributions
- This helps avoid conflicts between contributions
- This helps avoid contributors wasting their percussion time in a contribution that may not be accepted

38
docs/content/en/contributing/prologue/financial.md
View File

@ -44,40 +44,4 @@ We are currently directly looking for someone to sponsor:
* [Security Audit](../../policies/security.md#help-wanted)
### Balto
Our [apt repository](https://apt.authelia.com) is hosted thanks to [Balto](https://www.getbalto.com/?from=Authelia).
{{< figure src="/images/logos/balto.svg" alt="Balto" width="193" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Buildkite
Our [continuous integration and continuous deployment pipelines](https://buildkite.com/authelia/?from=Authelia) are hosted by
[Buildkite](https://buildkite.com/features?from=Authelia).
### Crowdin
Our [localization platform](https://translate.authelia.com) is hosted by [Crowdin](https://crowdin.com/?from=Authelia).
### JetBrains
Our development IDE's are provided by [JetBrains](https://www.jetbrains.com/?from=Authelia).
{{< figure src="/images/logos/jetbrains.svg" alt="JetBrains" width="50" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Microsoft
Our pipeline agents which we rely on for productivity are hosted on [Azure](https://azure.microsoft.com/?from=Authelia)
and our [git repositories](https://github.com/authelia) are hosted on [GitHub](https://github.com/?from=Authela)
which are both [Microsoft](https://www.microsoft.com/?from=Authelia) products.
{{< figure src="/images/logos/microsoft.svg" alt="Microsoft" width="234.45" style="padding-right: 10px" ignoreStaticImages="false" >}}
{{< figure src="/images/logos/azure.svg" alt="Azure" width="173.55" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Netlify
Our [website and documentation](https://www.authelia.com) are built and hosted by
[Netlify](https://www.netlify.com/?from=Authelia).
[Open Collective]: https://opencollective.com/authelia-sponsors
To see a list of our sponsors pleaase see the [sponsors section](../../information/about.md#sponsors) on the about page.

8
docs/content/en/contributors/amir-zarrinkafsh/_index.md 100644
View File

@ -0,0 +1,8 @@
---
title: "Amir Zarrinkafsh"
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
---
{{< profile-details name="amir-zarrinkafsh" >}}

8
docs/content/en/contributors/clement-michaud/_index.md 100644
View File

@ -0,0 +1,8 @@
---
title: "Clément Michaud"
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
---
{{< profile-details name="clement-michaud" >}}

9
docs/content/en/contributors/james-elliott/_index.md
View File

@ -1,15 +1,8 @@
---
title: "James Elliott"
description: "Authelia Core Team"
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
---
*__Authelia Core Team Member.__*
__GitHub:__ [james-d-elliott](https://github.com/james-d-elliott)
__Email:__ [james.elliott@authelia.com](mailto:james.elliott@authelia.com)
__Matrix:__ [@james:authelia.com](https://matrix.to/#/@james:authelia.com) __Discord:__ [James#6549](https://discord.com/users/209869584814047232/)
{{< profile-details name="james-elliott" >}}

8
docs/content/en/contributors/manuel-nunez/_index.md 100644
View File

@ -0,0 +1,8 @@
---
title: "Manuel Nuñez"
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
---
{{< profile-details name="manuel-nunez" >}}

104
docs/content/en/information/about.md 100644
View File

@ -0,0 +1,104 @@
---
title: "About"
description: "About Authelia and the Authelia Team"
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
aliases:
- /about
- /about.html
---
## What is Authelia?
Authelia is a project with several open source developers who contribute to the project in their free time. We are not
a company or another type of incorporated entity, and do not have any monetization model. Individuals and Organizations
are free to contribute [financially](../contributing/prologue/financial.md) or with their time to the
[documentation](../contributing/prologue/documentation-contributions.md) or
[code base](../contributing/development/introduction.md).
## Teams
The following section describes the various teams within the Authelia project.
### Core Team
{{% profile-team name="core" %}}
### Maintainers Team
{{% profile-team name="maintainers" %}}
## Sponsors
Authelia is sponsored by the organizations listed below. The organizations below sponsor us completely voluntarily
and do not expect anything additional other than us mentioning them or having a code of conduct, and some do not even
require either of those things.
Please see the [sponsorship section](../contributing/prologue/financial.md#sponsorship) of the financial contributing
page for more information on how to become a sponsor.
### Balto
Our [apt repository](https://apt.authelia.com) is hosted thanks to [Balto](https://www.getbalto.com/?from=Authelia).
{{< figure src="/images/logos/balto.svg" alt="Balto" width="193" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Buildkite
Our [continuous integration and continuous deployment pipelines](https://buildkite.com/authelia/?from=Authelia) are hosted by
[Buildkite](https://buildkite.com/features?from=Authelia).
### Crowdin
Our [localization platform](https://translate.authelia.com) is hosted by [Crowdin](https://crowdin.com/?from=Authelia).
### JetBrains
Our development IDE's are provided by [JetBrains](https://www.jetbrains.com/?from=Authelia).
{{< figure src="/images/logos/jetbrains.svg" alt="JetBrains" width="50" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Microsoft
Our pipeline agents which we rely on for productivity are hosted on [Azure](https://azure.microsoft.com/?from=Authelia)
and our [git repositories](https://github.com/authelia) are hosted on [GitHub](https://github.com/?from=Authela)
which are both [Microsoft](https://www.microsoft.com/?from=Authelia) products.
{{< figure src="/images/logos/microsoft.svg" alt="Microsoft" width="234.45" style="padding-right: 10px" ignoreStaticImages="false" >}}
{{< figure src="/images/logos/azure.svg" alt="Azure" width="173.55" style="padding-right: 10px" ignoreStaticImages="false" >}}
### Netlify
Our [website and documentation](https://www.authelia.com) are built and hosted by
[Netlify](https://www.netlify.com/?from=Authelia).
[Open Collective]: https://opencollective.com/authelia-sponsors
## Governance and Affiliations
Authelia is free from any outside governance and is entirely governed as outlined on this page, in addition we do not
have any affiliations which have ever asked this of us.
Our affiliations with external companies will be transparently communicated in this section and the
[sponsors](#sponsors) section.
## Compliance
The following section contains various compliance related information.
### Key Individuals
There is no key individual who if they were incapacitated or unavailable would prevent future operations of the project.
All of the following areas can be reset or are otherwise accessible to all of the members of the [Core Team](#core-team):
- Private Keys
- Access Rights
- Passwords
### Bus Factor
The Authelia team has a bus factor of 3. Meaning that the project would stall if 3 team members were suddenly hit by a
bus.

17
docs/content/en/information/contact.md
View File

@ -11,14 +11,23 @@ aliases:
## Security
If you believe you have identified a security related bug with Authelia please visit the
[security policy](../policies/security.md) documentation.
If you believe you have identified a security vulnerability or security related bug with __Authelia__ please view our
[security policy](../policies/security.md).
## Individual Team Members
If you're interested in contacting an individual team member for any reason please see the [About](about.md)
informational page.
## GitHub
### Discussions
If you have a general question or want to discuss an idea that's not entirely hashed out please visit
The [GitHub Discussions](https://github.com/authelia/authelia/discussions) forum is the correct location to discus
anything that is not a bug or feature request such as:
- Ideas about
If you have a general question or want to discuss an idea that you're not entirely sure about out please visit
[GitHub Discussions](https://github.com/authelia/authelia/discussions) and start a new discussion.
### Issues
@ -55,7 +64,7 @@ are bridged to the [Matrix Rooms](#matrix) with the same names providing they ex
To contact the team for anything not security related you can utilize [team@authelia.com](mailto:team@authelia.com).
For all security related matters over email please ensure you use [security@authelia.com](mailto:team@authelia.com).
For all security related matters over email please ensure you use [security@authelia.com](mailto:security@authelia.com).
[Discord]: https://discord.com/
[Matrix]: https://matrix.org/

76
docs/content/en/policies/security.md
View File

@ -11,7 +11,7 @@ aliases:
---
The __Authelia__ team takes security very seriously. Because __Authelia__ is intended as a security product a lot of
decisions are made with security being the priority.
decisions are made with security being the priority and we always aim to implement security by design.
## Coordinated vulnerability disclosure
@ -21,48 +21,69 @@ dealing with security vulnerabilities. This was previously known as responsible
reporting vulnerabilities to __Authelia__ or any other project to follow this model as it is considered as a best
practice by many in the security industry.
If you believe you have identified a security related bug with Authelia please do not open an issue, do not notify us in
public, and do not disclose this issue to third parties. Please use one of the [contact options](#contact-options)
below.
If you believe you have identified a security vulnerability or security related bug with __Authelia__ please make every
effort to contact us privately using one of the [contact options](#contact-options) below. Please do not open an issue,
do not notify us in public, and do not disclose this issue to third parties.
Using this process helps ensure that users affected have an avenue to fixing the issue as close to the issue being
made public as possible. This mitigates the increasing the attack surface (via improving attacker knowledge) for
diligent administrators simply via the act of disclosing the security issue.
## Contact Options
Several contact options exist however it's important you specifically use a security contact method when reporting a
security vulnerability or security related bug. These methods are clearly documented below.
### GitHub Security
Users can utilize GitHub's security vulnerability system to privately [report a vulnerability]. This is an easy method
for users who have a GitHub account.
### Email
Please utilize the [security@authelia.com](mailto:team@authelia.com) email address for security issues discovered. This
email address is only accessible by key members of the team for the purpose of disclosing security issues within the
__Authelia__ code base.
Users can utilize the [security@authelia.com](mailto:security@authelia.com) email address to privately report a
vulnerability. This is an easy method of users who do not have a GitHub account.
This is the preferred method of reporting.
This email address is only accessible by key members of the team for the purpose of disclosing security vulnerabilities
and issues within the __Authelia__ code base.
### Chat
If you wish to chat directly instead of sending an email please use one of the
[chat options](../information/contact.md#chat) but it is vital that when you do that you only do so privately with one
of the maintainers. In order to start a private discussion you should ask to have a private discussion with a team
member without mentioning the reason why you wish to have a private discussion so that provided the bug is confirmed we
can coordinate the release of fixes and information responsibly.
[chat options](../information/contact.md#chat) to direct / private message one of the core team members.
## Credit
Please avoid this method unless absolutely necessary. We generally prefer that users use either the
[GitHub Security](#github-security) or [Email](#email) option rather than this option as it both allows multiple team
members to deal with the report and prevents mistakes when contacting a core team member.
Users who report bugs will optionally be credited for the discovery in the
[security advisory](https://github.com/authelia/authelia/security/advisories) and/or in our
[all contributors](https://github.com/authelia/authelia/blob/master/README.md#contribute) configuration/documentation.
The core team members are identified in [Matrix](../information/contact.md#matrix) as room admins, and in
[Discord](../information/contact.md#discord) with the `Core Team` role.
## Process
1. User privately reports a potential vulnerability.
2. The core team reviews the report and ascertain if additional information is required.
3. The core team reproduces the bug.
4. The bug is patched, and if possible the user reporting te bug is given access to a fixed version or git patch.
5. The fix is confirmed to resolve the vulnerability.
6. The fix is released.
7. The security advisory is published sometime after users have had a chance to update.
1. The user privately reports a potential vulnerability.
2. The report is acknowledged as received.
3. The report is reviewed to ascertain if additional information is required. If it is required:
1. The user is informed that the additional information is required.
2. The user privately adds the additional information.
3. The process begins at step 3 again, proceeding to step 4 if the additional information provided is sufficient.
4. The vulnerability is reproduced.
5. The vulnerability is patched, and if possible the user reporting the bug is given access to a fixed binary, docker
image, and git patch.
6. The patch is confirmed to resolve the vulnerability.
7. The fix is released.
8. The [security advisory] is published sometime after users have had a chance to update.
## Credit
Users who report bugs will at their discretion (i.e. they do not have to be if they wish to remain anonymous) be
credited for the discovery. Both in the [security advisory] and in our
[all contributors](https://github.com/authelia/authelia/blob/master/README.md#contribute) documentation.
## Help wanted
We are actively looking for sponsorship to obtain security audits to comprehensively ensure the security of Authelia.
As security is imperative to us we see this as one of the main financial priorities.
We are actively looking for sponsorship to obtain security audits to comprehensively ensure the security of _Authelia_.
As security is really important to us we see this as one of the main financial priorities.
We believe that we should obtain the following categories of security audits:
@ -70,5 +91,8 @@ We believe that we should obtain the following categories of security audits:
* Penetration Testing
If you know of a company which either performs these kinds of audits and would be willing to sponsor the audit in some
way such as doing it pro bono or at a discounted rate, or wants to help improve Authelia in a meaningful way and is
way such as doing it pro bono or at a discounted rate, or wants to help improve _Authelia_ in a meaningful way and is
willing to make a financial contribution towards this then please feel free to contact us.
[security advisory]: https://github.com/authelia/authelia/security/advisories
[report a vulnerability]: https://github.com/authelia/authelia/security/advisories/new

81
docs/data/profiles.json 100644
View File

@ -0,0 +1,81 @@
{
"people": {
"clement-michaud": {
"display": "Clément Michaud",
"description": "",
"team": "core",
"location": "Paris",
"github": "clems4ever",
"email": "",
"discord": {
"id": "",
"tag": ""
},
"matrix": ""
},
"amir-zarrinkafsh": {
"display": "Amir Zarrinkafsh",
"description": "",
"team": "core",
"location": "Melbourne, Australia",
"github": "nightah",
"email": "",
"discord": {
"id": "",
"tag": ""
},
"matrix": ""
},
"james-elliott": {
"display": "James Elliott",
"description": "",
"team": "core",
"location": "Melbourne, Australia",
"github": "james-d-elliott",
"email": "james.elliott@authelia.com",
"discord": {
"id": "209869584814047232",
"tag": "James#6549"
},
"matrix": "@james:authelia.com"
},
"manuel-nunez": {
"display": "Manuel Nuñez",
"description": "",
"team": "maintainers",
"location": "Argentina",
"github": "mind-ar",
"email": "",
"discord": {
"id": "",
"tag": ""
},
"matrix": ""
}
},
"teams": {
"core": {
"display": "Core",
"description": "The Core Team are effectively members of the Maintainers Team with extra responsibilities.",
"people": ["clement-michaud", "amir-zarrinkafsh", "james-elliott"],
"responsibilities": [
"All responsibilities of the Maintainers Team",
"Review and merge pull requests from all other teams",
"Handle vulnerability and security related bug reports",
"Handle project governance unanimously",
"Maintain the project roadmap",
"Coordinate collaboration",
"Maintain the continuous integration and delivery pipelines and related mechanisms"
]
},
"maintainers": {
"display": "Maintainers",
"description": "The Maintainer Team are traditional repository maintainers.",
"people": ["manuel-nunez"],
"responsibilities": [
"Review and merge pull requests from external parties",
"Respond to bug reports, feature requests, discussions, and support chat rooms"
]
}
}
}

2
docs/layouts/index.headers
View File

@ -3,7 +3,7 @@
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self' https://*.netlify.app 'unsafe-inline' 'sha512-RGGByJUOP98hE4wFZM78RM/3MijWJs0Tm0DbfrFhCDCXKXfDx60fii+syp5iMs3UcNX/1H4zJNgmqSejfhHrYw==' 'sha512-+T2H7TEv2U6umnIOWYijvTIrzdCZUYhm/FZo4YYQzKAHf8NWs+38cn3t9fdz2rCm2HqHDkthZZXnY4EWPdWnMA==' 'sha512-okYuGnNmmUuCX64AD7FVra0445z43U8riOY3jZue+WZ2KeVOWLo17hE/wZXGUIJh9WBiSHZ2epTd36MMP6R66w==' 'sha512-bv9WRsSROhTW5djDurORNUCGITVeRfjDXkhqg4Ez/4vTY6FcaVBPy4MXpn4EGC3J3oZNcxpfQIScElDKlmiLhw==' 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline'; img-src 'self' https://*.netlify.app data:; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; manifest-src 'self' https://*.netlify.app; object-src 'none'; frame-src https://app.netlify.com; frame-ancestors 'none'; base-uri 'none'
Content-Security-Policy: default-src 'self'; script-src 'self' https://*.netlify.app 'unsafe-inline' 'sha512-RGGByJUOP98hE4wFZM78RM/3MijWJs0Tm0DbfrFhCDCXKXfDx60fii+syp5iMs3UcNX/1H4zJNgmqSejfhHrYw==' 'sha512-+T2H7TEv2U6umnIOWYijvTIrzdCZUYhm/FZo4YYQzKAHf8NWs+38cn3t9fdz2rCm2HqHDkthZZXnY4EWPdWnMA==' 'sha512-okYuGnNmmUuCX64AD7FVra0445z43U8riOY3jZue+WZ2KeVOWLo17hE/wZXGUIJh9WBiSHZ2epTd36MMP6R66w==' 'sha512-bv9WRsSROhTW5djDurORNUCGITVeRfjDXkhqg4Ez/4vTY6FcaVBPy4MXpn4EGC3J3oZNcxpfQIScElDKlmiLhw==' 'sha512-RBYr6Ld4w1yVqaACrgrBLQfPgGhj/1jyacA74WxJ1KM6KVcSWymwrdDwb3HDcdpwiNJ5yssot1He0U9vXoQVlg==' 'sha256-aWZ3y/RxbBYKHXH0z8+8ljrHG1mSBvyzSfxSMjBSaXk=' 'sha256-vOgyKS2vkH4n5TxBJpeh9SgzrE6LVGsAeOAvEST6oCc='; style-src 'self' https://*.netlify.app 'unsafe-inline'; img-src 'self' https://*.netlify.app https://github.com https://avatars.githubusercontent.com data:; connect-src 'self' https://*.netlify.app; font-src 'self' https://*.netlify.app; manifest-src 'self' https://*.netlify.app; object-src 'none'; frame-src https://app.netlify.com; frame-ancestors 'none'; base-uri 'none'
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin
Feature-Policy: geolocation 'self'

46
docs/layouts/partials/content/profile-card.html 100644
View File

@ -0,0 +1,46 @@
{{- $profile := index $.Site.Data.profiles.people .Profile }}
{{- if $profile }}
{{- $team := "" }}
{{- if $profile.team }}
{{- $team = index $.Site.Data.profiles.teams $profile.team }}
{{- end }}
<div class="card" style="border-radius: 15px;">
<div class="card-body text-center">
{{- if $profile.github }}
<div class="mt-3 mb-4">
<img src="https://github.com/{{ $profile.github }}.png"
class="rounded-circle img-fluid" style="width: 100px;" />
</div>
{{- end }}
<h4 class="mb-2">{{ $profile.display }}</h4>
{{- if $team }}
<p class="text-muted mb-4"><a href="{{ printf "%s#%s-team" (absURL "information/about") ($profile.team | lower) }}" target="_self">{{ $team.display }} Team</a></p>
{{- end }}
<div class="mb-4 pb-2">
{{- if $profile.email }}
<a role="button" class="btn btn-outline-primary btn-floating rounded-circle" href="mailto:{{ $profile.email }}" data-toggle="tooltip" data-placement="bottom" title="Email {{ $profile.display }} ({{ $profile.email }})">
<i class="bi bi-envelope-fill"></i>
</a>
{{- end }}
{{- if $profile.github }}
<a role="button" class="btn btn-outline-primary btn-floating rounded-circle" href="https://github.com/{{ $profile.github }}/" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Checkout {{ $profile.display }} on GitHub ({{ $profile.github }})">
<i class="bi bi-github"></i>
</a>
{{- end }}
{{- if $profile.matrix }}
<a role="button" class="btn btn-outline-primary btn-floating rounded-circle" href="https://matrix.to/#/{{ $profile.matrix }}" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Message {{ $profile.display }} on Matrix ({{ $profile.matrix }})">
<i class="bi bi-chat-right-quote-fill"></i>
</a>
{{- end }}
{{- if (and $profile.discord $profile.discord.id) }}
<a role="button" class="btn btn-outline-primary btn-floating rounded-circle" href="https://discord.com/users/{{ $profile.discord.id }}" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Message {{ $profile.display}} on Discord ({{ $profile.discord.tag }})">
<i class="bi bi-discord"></i>
</a>
{{- end }}
</div>
<a role="button" class="btn btn-primary btn-rounded btn-lg" href="{{ printf "%s/%s/" (absURL "contributors") .Profile }}">
Profile Details
</a>
</div>
</div>
{{- end }}

10
docs/layouts/shortcodes/profile-card.html 100644
View File

@ -0,0 +1,10 @@
{{- $key := .Get "name" }}
<section class="vh-100">
<div class="container py-5 h-100">
<div class="row d-flex justify-content-center align-items-center h-100">
<div class="col-md-12">
{{ partial "content/profile-card.html" (dict "Site" .Site "Profile" $key) }}
</div>
</div>
</div>
</section>

49
docs/layouts/shortcodes/profile-details.html 100644
View File

@ -0,0 +1,49 @@
{{- $key := .Get "name" }}
{{- $profile := index $.Site.Data.profiles.people $key }}
{{- if $profile }}
{{- $team := "" }}
{{- if $profile.team }}
{{- $team = index $.Site.Data.profiles.teams $profile.team }}
{{- end }}
{{- $email := false }}
{{- if $profile.email }}{{ $email = true }}{{ end }}
{{- $matrix := false }}
{{- if $profile.matrix }}{{ $matrix = true }}{{ end }}
{{- $discord := false }}
{{- if (and $profile.discord $profile.discord.id) }}{{ $discord = true }}{{ end }}
{{- if $profile.github }}
<div class="mt-3 mb-4">
<img src="https://github.com/{{ $profile.github }}.png"
class="rounded-circle img-fluid" style="width: 100px;" />
</div>
{{- if $team }}
<p class="text-muted mb-4"><a href="{{ printf "%s#%s-team" (absURL "information/about") ($profile.team | lower) }}" target="_self">{{ $team.display }} Team</a></p>
{{- end }}
<p class="text-muted mb-4">
<i class="bi bi-geo-alt"></i> {{ $profile.location }}
</p>
{{- if $profile.description }}
<p class="text-muted mb-4">{{ $profile.description }}</p>
{{- end }}
{{- if $profile.github }}
<p>
<i class="bi bi-github"></i> <a href="https://github.com/{{ $profile.github }}/" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Checkout {{ $profile.display }} on GitHub ({{ $profile.github }})">{{ $profile.github }}</a>
</p>
{{- end }}
{{- if $email }}
<p>
<i class="bi bi-envelope"></i> <a href="mailto:{{ $profile.email }}" data-toggle="tooltip" data-placement="bottom" title="Email {{ $profile.display }} ({{ $profile.email }})">{{ $profile.email }}</a>
</p>
{{- end }}
{{- if (or $matrix $discord) }}
<p>
{{- if $matrix }}
<i class="bi bi-chat-right-quote"></i> <a href="https://matrix.to/#/{{ $profile.matrix }}" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Message {{ $profile.display }} on Matrix ({{ $profile.matrix }})">{{ $profile.matrix }}</a>
{{- end }}
{{- if $discord }}
<i class="bi bi-discord"></i> <a href="https://discord.com/users/{{ $profile.discord.id }}" target="_blank" rel="noopener" data-toggle="tooltip" data-placement="bottom" title="Message {{ $profile.display}} on Discord ({{ $profile.discord.tag }})">{{ $profile.discord.tag }}</a>
{{- end }}
</p>
{{- end }}
{{- end }}
{{- end }}

23
docs/layouts/shortcodes/profile-team.html 100644
View File

@ -0,0 +1,23 @@
{{- $key := .Get "name" }}
{{- $team := index $.Site.Data.profiles.teams $key }}
{{- if $team }}
{{- $header := .Get "header" }}
{{- if not $header }}{{ $header = "####" }}{{ end }}
{{ $team.description }}
{{ $header }} Responsibilities
{{- range $team.responsibilities }}
- {{ . }}
{{- end }}
{{ $header }} Members
<div class="row row-cols-1 row-cols-md-2 row-cols-xl-3 g-4">
{{- range $team.people }}
<div class="col col-align-c">
{{ partial "content/profile-card.html" (dict "Site" $.Site "Profile" .) }}
</div>
{{- end }}
</div>
{{- end }}