renovate[bot]
95f940b53c
build(deps): update dependency traefik to v2.7.2 ( #3610 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-06-28 09:21:23 +10:00
renovate[bot]
97f63e3722
build(deps): update dependency haproxy to v2.6.1 ( #3574 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-06-23 11:27:21 +10:00
James Elliott
001589cd6d
feat(metrics): implement prometheus metrics ( #3234 )
...
Adds ability to record metrics and gather them for Prometheus.
2022-06-14 17:20:13 +10:00
renovate[bot]
bf1fcf59cc
build(deps): update dependency traefik to v2.7.1 ( #3510 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-06-14 07:38:28 +10:00
Amir Zarrinkafsh
9861467831
ci: add integration container for samba and refactor duo ( #3480 )
...
This change utilises a specific integration container for the ActiveDirectory suite and simplifies the DuoPush suite.
2022-06-05 03:51:33 +10:00
Amir Zarrinkafsh
74a7e96409
ci: add integration containers for duo and haproxy ( #3479 )
...
* ci: add integration containers for duo and haproxy
This change utilises specific integration containers for the DuoPush and HAProxy suites.
In the case of DuoPush suite specifically in dev mode the container will be built on suite startup.
* ci: factorize pre-command hook and unset async on trigger steps
2022-06-04 19:38:13 +10:00
renovate[bot]
f07f6b7dda
build(deps): update dependency haproxy to v2.6.0 ( #3465 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-06-03 09:07:08 +10:00
renovate[bot]
a683a3837b
build(deps): update dependency golang to v1.18.3 ( #3460 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-06-02 11:01:48 +10:00
renovate[bot]
d436b800bb
build(deps): update dependency mariadb to v10.8.3 ( #3419 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-25 10:23:40 +10:00
renovate[bot]
a2a0c99db3
build(deps): update dependency traefik to v2.7.0 ( #3427 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-05-25 08:44:44 +10:00
renovate[bot]
5b9a40d46a
build(deps): update dependency alpine to v3.16.0 ( #3420 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-24 12:04:54 +10:00
renovate[bot]
9cf9aae20b
build(deps): update dependency haproxy to v2.5.7 ( #3397 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-18 14:43:24 +10:00
renovate[bot]
1bd862a814
build(deps): update dependency golang to v1.18.2 ( #3345 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-11 10:23:48 +10:00
James Elliott
bda87db79c
test(suites): caddy ( #3305 )
2022-05-07 11:55:52 +10:00
renovate[bot]
f8bb51da4d
build(deps): update dependency traefik to v2.6.6 ( #3296 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-04 09:29:51 +10:00
renovate[bot]
e6ad8fe83e
build(deps): update dependency golang to v1.18.1 ( #3019 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-03 19:35:44 +10:00
Amir Zarrinkafsh
91c0c81818
refactor(suites): stop integration tests on first failure ( #3270 )
...
* refactor(suites): stop integration tests on first failure
* refactor(suites): remove additional nginx instance
* refactor(suites): log relevant containers
* refactor(suites): add traefik2 logs to stdout
* refactor(suites): explicitly enable traefik for tests
* refactor(suites): remove redis restart and duplicate pathprefix tests
* ci(buildkite): allow manual retry on integration tests
2022-05-02 14:50:37 +10:00
renovate[bot]
8ee92231ba
build(deps): update dependency haproxy to v2.5.6 ( #3255 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-27 16:12:44 +10:00
renovate[bot]
b18eea039c
build(deps): update node.js to v18 ( #3225 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-21 18:28:35 +10:00
Amir Zarrinkafsh
92e219b34b
fix(suites): add missing traefik routes ( #3217 )
...
This change includes missing routes for both the Traefik and Traefik2 suites, issues would have manifested running dev mode tests for these suites when attempting to load translations.
2022-04-19 13:36:49 +10:00
renovate[bot]
c5cb36c526
build(deps): update dependency golang to v1.17.9 ( #3198 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-15 15:53:15 +10:00
James Elliott
6e0853a81b
build(deps): update dependency golang ( #3180 )
2022-04-13 14:28:31 +10:00
James Elliott
cf93e66391
test(suites): fix backend endpoints ( #3158 )
2022-04-10 08:05:27 +10:00
Manuel Nuñez
086b97d21f
test(suites): revert por binding ( #3155 )
...
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-10 07:44:47 +10:00
James Elliott
0a970aef8a
feat(oidc): persistent storage ( #2965 )
...
This moves the OpenID Connect storage from memory into the SQL storage, making it persistent and allowing it to be used with clustered deployments like the rest of Authelia.
2022-04-07 15:33:53 +10:00
renovate[bot]
004490c7b1
build(deps): update dependency alpine to v3.15.4 ( #3114 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-05 11:15:43 +10:00
Manuel Nuñez
bfd5d66ed8
feat(notification): password reset notification custom templates ( #2828 )
...
Implemented a system to allow overriding email templates, including the remote IP, and sending email notifications when the password was reset successfully.
Closes #2755 , Closes #2756
Co-authored-by: Manuel Nuñez <@mind-ar>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 22:24:51 +10:00
James Elliott
0116506330
feat(oidc): implement amr claim ( #2969 )
...
This adds the amr claim which stores methods used to authenticate with Authelia by the users session.
2022-04-01 22:18:58 +11:00
renovate[bot]
df9492ca0e
build(deps): update dependency traefik to v2.6.3 ( #3075 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-31 17:00:08 +11:00
renovate[bot]
56048dd199
build(deps): update dependency alpine to v3.15.3 ( #3072 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-29 14:08:54 +11:00
renovate[bot]
b86c7b5284
build(deps): update dependency traefik to v2.6.2 ( #3059 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-26 20:53:04 +11:00
renovate[bot]
2d981f7916
build(deps): update dependency alpine to v3.15.2 ( #3051 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-26 19:46:15 +11:00
renovate[bot]
9eb23a301b
build(deps): update dependency alpine to v3.15.1 ( #3028 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-17 15:53:30 +11:00
renovate[bot]
99326c2688
build(deps): update dependency haproxy to v2.5.5 ( #3018 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-16 13:43:33 +11:00
renovate[bot]
f8d9c6eab7
build(deps): update dependency haproxy to v2.5.4 ( #2931 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 15:04:34 +11:00
renovate[bot]
e286741357
build(deps): update dependency mariadb to v10.8.2 ( #2917 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 10:12:17 +11:00
renovate[bot]
4b1bd01167
build(deps): update dependency traefik to v2.6.1 ( #2912 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-24 21:13:08 +11:00
renovate[bot]
eb76de6cdc
build(deps): update dependency haproxy to v2.5.3 ( #2897 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 03:12:26 +11:00
renovate[bot]
d8cf272757
build(deps): update traefik docker tag to v2.5.7 ( #2815 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-21 13:43:06 +11:00
renovate[bot]
535ad2a697
build(deps): update haproxy docker tag to v2.5.1 ( #2793 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-12 23:54:50 +11:00
renovate[bot]
2a1e7fc793
build(deps): update traefik docker tag to v2.5.6 ( #2738 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-23 10:44:39 +11:00
renovate[bot]
93352aa36b
build(deps): update traefik docker tag to v2.5.5 ( #2706 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-12 14:47:03 +11:00
renovate[bot]
f9586b99a9
build(deps): update traefik docker tag to v1.7.34 ( #2705 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-12-12 11:15:01 +11:00
Aram Akhavan
5b3fa1fffb
docs: consistent naming for configuration file ( #2626 )
...
* change all instances (file names and docs) of "config.template.yml" to "configuration.template.yml" so its consistent with the expectations of the Dockerfile
* Keep config.template.yml named as is
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
* Update index.html
* revert filename changes and add a note about docker
* refactor: apply suggestions from code review
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-12-02 15:50:05 +11:00
Philipp Staiger
01b77384f9
feat(duo): multi device selection ( #2137 )
...
Allow users to select and save the preferred duo device and method, depending on availability in the duo account. A default enrollment URL is provided and adjusted if returned by the duo API. This allows auto-enrollment if enabled by the administrator.
Closes #594 . Closes #1039 .
2021-12-01 14:32:58 +11:00
renovate[bot]
290e3f7aaa
build(deps): update alpine docker tag to v3.15.0 ( #2631 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-25 08:46:44 +11:00
renovate[bot]
c128359c74
build(deps): update haproxy docker tag to v2.5.0 ( #2624 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-24 11:36:46 +11:00
renovate[bot]
50f9dc6a4c
build(deps): update alpine docker tag to v3.14.3 ( #2599 )
2021-11-13 11:04:11 +11:00
renovate[bot]
6765b97342
build(deps): update mariadb docker tag to v10.7.1 ( #2585 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-10 15:57:48 +11:00
renovate[bot]
035d084ada
build(deps): update traefik docker tag to v2.5.4 ( #2575 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-09 08:20:38 +11:00
Amir Zarrinkafsh
83488d52a6
refactor(suites): replace selenium with go-rod ( #2534 )
...
* refactor(suites): replace selenium with go-rod
This change replaces [tebeka/selenium](https://github.com/tebeka/selenium ) with [go-rod](https://github.com/go-rod/rod ).
We no longer have a chromedriver/external driver dependency to utilise Selenium as we instead utilise the Chrome Dev Protocol to communicate with the browser.
Rod [documents](https://go-rod.github.io/#/why-rod ) benefits of choosing the library as opposed to the available alternatives.
2021-11-06 00:14:42 +11:00
renovate[bot]
ed0efb76b3
build(deps): update haproxy docker tag to v2.4.8 ( #2563 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-04 12:00:23 +11:00
renovate[bot]
4b904fc321
build(deps): update node.js to v17 ( #2523 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-21 09:43:54 +11:00
Amir Zarrinkafsh
a3e84769b5
feat(web): replace cra with vite ( #2457 )
...
* feat(web): replace cra with vite
* fix: add istanbul
* fix: add jest
* fix: inject env vars
* fix: replicate cra output directories
* fix: post-frontend build for go templating
* fix: dynamic publicpath
* fix(web): import resolution with aliases for .module.css files
* refactor(server): baseurl var
* refactor(web): drop babel-jest for esbuild-jest
* refactor(web): add inline sourcemap for coverage bundle
* build(deps): update web deps
* build(deps): downgrade vite-plugin-istanbul to 2.2.0
98bf77dbaa
is a breaking change that means production mode builds can no longer be instrumented.
* refactor(web): match frontend name and version
* refactor(web): drop cra readme
2021-10-08 15:00:06 +11:00
renovate[bot]
455499fa93
build(deps): update traefik docker tag to v1.7.33 ( #2466 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-08 12:51:30 +11:00
Amir Zarrinkafsh
23fdb8d1b9
fix(suites): enable cgo in dev workflow ( #2454 )
2021-10-07 11:14:15 +11:00
renovate[bot]
65dd2a1341
build(deps): update traefik docker tag to v1.7.32 ( #2458 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-07 09:05:05 +11:00
renovate[bot]
451f84f13f
build(deps): update haproxy docker tag to v2.4.7 ( #2455 )
2021-10-06 20:54:05 +11:00
renovate[bot]
6370c16c95
build(deps): update traefik docker tag to v1.7.31 ( #2450 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-06 08:38:29 +11:00
renovate[bot]
28e702f5c8
build(deps): update postgres docker tag to v14 ( #2430 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-01 11:03:06 +10:00
Amir Zarrinkafsh
e8a52f4794
refactor: replace sqlite library with the original cgo variant ( #2427 )
...
* refactor: replace sqlite library with the original cgo variant
This change reverts our SQLite library back to the original for compatibility and performance reasons now that we always package with CGO.
* fix: cgo and build flags
* fix: gcc requirement
* fix: gcc in dev workflow too
2021-10-01 09:58:33 +10:00
Amir Zarrinkafsh
3d312cf3b9
refactor: replace yarn with pnpm ( #2424 )
...
* Check for pnpm in authelia-scripts
* Improve husky hooks to check for required apps
* Use pnpm in coverage dockerfile
* Use pnpm in dev workflow
* Stop buildx log truncation
* Ignore pnpm lockfile in yamllint
* Update versions required for docker and docker-compose in contributing docs
2021-09-29 17:24:21 +10:00
renovate[bot]
6343f70f01
build(deps): update traefik docker tag to v2.5.3 ( #2401 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 10:40:22 +10:00
renovate[bot]
4da10f9cea
build(deps): update haproxy docker tag to v2.4.4 ( #2351 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-08 09:52:49 +10:00
Amir Zarrinkafsh
84f370aa68
fix(suites): prevent dev workflow overriding .healthcheck.env ( #2345 )
2021-09-06 20:51:58 +10:00
renovate[bot]
9de8aafadf
build(deps): update traefik docker tag to v2.5.2 ( #2337 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-03 11:59:46 +10:00
renovate[bot]
d2bf1eb4e2
build(deps): update alpine docker tag to v3.14.2 ( #2325 )
2021-08-28 09:13:07 +10:00
renovate[bot]
ad16f99e6d
build(deps): update traefik docker tag to v2.5.1 ( #2306 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-21 11:03:00 +10:00
renovate[bot]
8ac9ce9367
build(deps): update traefik docker tag to v2.5.0 ( #2296 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-19 09:28:05 +10:00
renovate[bot]
956db2dbaa
build(deps): update haproxy docker tag to v2.4.3 ( #2295 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-18 14:50:49 +10:00
renovate[bot]
0aba819899
build(deps): update golang docker tag ( #2293 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-17 13:46:47 +10:00
renovate[bot]
c768144c07
build(deps): update traefik docker tag to v2.4.14 ( #2292 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-17 07:30:27 +10:00
renovate[bot]
c593ebc573
build(deps): update mariadb docker tag to v10.6.4 ( #2274 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-10 07:30:29 +10:00
renovate[bot]
cc1ecafc1c
build(deps): update alpine docker tag to v3.14.1 ( #2262 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-07 06:48:15 +10:00
James Elliott
a3b14871ba
perf(authentication): improve ldap dynamic replacement performance ( #2239 )
...
This change means we only check the filters for the existence of placeholders that cannot be replaced at startup. We then utilized cached results of that lookup for subsequent replacements.
2021-08-05 14:17:07 +10:00
renovate[bot]
77a51d5c2f
build(deps): update traefik docker tag to v2.4.13 ( #2217 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-31 09:53:41 +10:00
renovate[bot]
c98b2a7d59
build(deps): update traefik docker tag to v2.4.12 ( #2203 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-27 10:29:31 +10:00
renovate[bot]
596346de1e
build(deps): update traefik docker tag to v2.4.11 ( #2187 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-16 06:42:05 +10:00
renovate[bot]
3537cce660
build(deps): update mariadb docker tag to v10.6.3 ( #2180 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-13 22:46:04 +02:00
renovate[bot]
d2422e9965
build(deps): update haproxy docker tag to v2.4.2 ( #2168 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-09 08:49:30 +10:00
Philipp Staiger
7ff0a39c02
fix(suites): disable cgo for delve during development ( #2129 )
...
#2101 introduced a minor regression when using the authelia scripts suite for developing.
The following issues occurred:
```
[00] # runtime/cgo
[00] cgo: exec gcc: exec: "gcc": executable file not found in $PATH
```
Adding the CGO_ENABLED=0 before the dlv build command in the run-backend-dev.sh fixed the issue.
2021-07-01 10:28:24 +10:00
renovate[bot]
9640b48b60
build(deps): update haproxy docker tag to v2.4.1 ( #2120 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-27 14:22:29 +10:00
renovate[bot]
5c78dfaa0d
build(deps): update traefik docker tag to v2.4.9 ( #2113 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-23 08:49:05 +10:00
Amir Zarrinkafsh
4cab3a4a4e
refactor: drop cgo requirement for sqlite ( #2101 )
...
* refactor: drop cgo requirement for sqlite
Replace github.com/mattn/go-sqlite3 with modernc.org/sqlite which drops our CGO requirement.
* refactor: newline for consistency with dockerfiles
2021-06-22 10:45:33 +10:00
renovate[bot]
986f88fd89
build(deps): update mariadb docker tag to v10.6.2 ( #2099 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-19 08:33:13 +10:00
renovate[bot]
923f7c7aec
build(deps): update alpine docker tag to v3.14.0 ( #2084 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-16 09:38:02 +10:00
renovate[bot]
d28d36b568
build(deps): update haproxy docker tag to v2.4.0 ( #2004 )
...
* build(deps): update haproxy docker tag to v2.4.0
* fix(suites): fix haproxy dockerfile user
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-26 14:13:53 +10:00
renovate[bot]
6a226ec122
build(deps): update mariadb docker tag to v10.6.1 ( #2028 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-26 08:28:16 +10:00
renovate[bot]
3ff50ae979
build(deps): update node.js to v16 ( #2005 )
2021-05-16 00:18:01 +10:00
renovate[bot]
f97c0df929
build(deps): update postgres docker tag to v13 ( #1987 )
2021-05-08 00:40:58 +10:00
James Elliott
ddea31193b
feature(oidc): add support for OpenID Connect
...
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.
This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.
We are still working on adding the remaining set of features before making it GA as soon as possible.
Related to #189
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
renovate[bot]
77c3058368
build(deps): update mariadb docker tag to v10.6.0 ( #1958 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-29 15:59:16 +10:00
renovate[bot]
b952e9e71d
build(deps): update haproxy docker tag to v2.3.10 ( #1942 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-24 10:43:48 +02:00
Amir Zarrinkafsh
db55325152
fix(suites): ensure k8s suite utilises the registry cache ( #1921 )
2021-04-15 12:07:19 +10:00
renovate[bot]
4318bb1e0c
build(deps): update alpine docker tag to v3.13.5 ( #1915 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 08:54:56 +10:00
James Elliott
d33d6c2f00
ci: add yamllint ( #1895 )
...
This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.
2021-04-11 06:51:00 +10:00
renovate[bot]
ad7808d430
build(deps): update traefik docker tag to v1.7.30 ( #1897 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-09 09:32:21 +10:00
renovate[bot]
771a0f362e
build(deps): update alpine docker tag to v3.13.4 ( #1877 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-01 12:47:51 +11:00
renovate[bot]
92da7a21de
build(deps): update haproxy docker tag to v2.3.9 ( #1873 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-31 13:52:05 +11:00
renovate[bot]
dbb819dfa5
build(deps): update traefik docker tag to v1.7.29 ( #1869 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-30 11:37:38 +11:00
renovate[bot]
5ab334dcdc
build(deps): update haproxy docker tag to v2.3.8 ( #1858 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 02:06:58 +11:00
renovate[bot]
e6929cdf3e
build(deps): update alpine docker tag to v3.13.3 ( #1853 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 11:30:30 +11:00
renovate[bot]
6d4d1d5e2f
build(deps): update traefik docker tag to v2.4.8 ( #1848 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-24 19:34:55 +01:00
renovate[bot]
e7c9d55c23
build(deps): update haproxy docker tag to v2.3.7 ( #1834 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-17 08:51:46 +11:00
James Elliott
e041143f87
feat(session): add redis sentinel provider ( #1768 )
...
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 10:03:05 +11:00
renovate[bot]
073c558296
build(deps): update traefik docker tag to v2.4.7 ( #1790 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 14:18:48 +11:00
James Elliott
4dce8f9496
perf(authorizer): preload access control lists ( #1640 )
...
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
2021-03-05 15:18:31 +11:00
renovate[bot]
455b859047
build(deps): update haproxy docker tag to v2.3.6 ( #1779 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-04 14:15:01 +11:00
renovate[bot]
92154a1193
build(deps): update traefik docker tag to v2.4.6 ( #1774 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 15:07:51 +11:00
renovate[bot]
64b01b2811
build(deps): update mariadb docker tag to v10.5.9 ( #1757 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-23 12:49:16 +11:00
renovate[bot]
17bf3f860b
build(deps): update osixia/openldap docker tag to v1.5.0 ( #1749 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 22:08:23 +11:00
renovate[bot]
36d02f9cf5
build(deps): update traefik docker tag to v2.4.5 ( #1742 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 16:21:43 +11:00
renovate[bot]
59b3c2cbd8
build(deps): update haproxy docker tag to v2.3.5 ( #1737 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 15:06:10 +11:00
Amir Zarrinkafsh
74721a9f41
feat: go:embed static assets ( #1733 )
...
* feat: go:embed static assets
Go 1.16 introduced the ability to embed files within a generated binary directly with the go tool chain. This simplifies our dependencies and the significantly improves the development workflow for future developers.
Key points to note:
Due to the inability to embed files that do not reside within the local package we need to duplicate our `config.template.yml` within `internal/configuration`.
To avoid issues with the development workflow empty mock files have been included within `internal/server/public_html`. These are substituted with the respective generated files during the CI/CD and build workflows.
* fix(suites): increase ldap suite test timeout
* fix(server): fix swagger asset CSP
2021-02-22 10:07:06 +11:00
renovate[bot]
79b2b742a8
build(deps): update alpine docker tag to v3.13.2 ( #1728 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-18 10:49:39 +11:00
renovate[bot]
23f8a059fe
build(deps): update traefik docker tag to v2.4.2 ( #1685 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-03 09:42:29 +11:00
renovate[bot]
3d6a9dfca4
build(deps): update traefik docker tag to v2.4.1 ( #1681 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-02 10:35:49 +11:00
Amir Zarrinkafsh
d17c7e7fc0
refactor(suites): simplify kubernetes suite ( #1680 )
...
This PR achieves the following goals:
* Utilise upstream version of kind instead of a patched version which allows binding to networks other than the default "kind"
* Utilises the registry cache which is setup one level above the kind cluster
The former point was required to successfully run our integration tests in a Kubernetes environment, however this is now possible without running a patched version of kind.
The second point is because DockerHub has introduced rate limiting for container downloads. If there are a large number of CI jobs nodes may occasionally be rejected due to the Kubernetes suite not pulling down from the registry cache.
2021-02-02 09:53:44 +11:00
renovate[bot]
006f1eb43b
build(deps): update mariadb docker tag to v10.5.8 ( #1660 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:22:12 +11:00
renovate[bot]
985aaaa76b
build(deps): update alpine docker tag to v3.13.1 ( #1659 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:06:09 +11:00
renovate[bot]
ea913d2992
build(deps): update traefik docker tag to v1.7.28 ( #1657 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 11:32:49 +11:00
renovate[bot]
ed5e9264f8
build(deps): update mariadb docker tag to v10.4.17 ( #1652 )
2021-01-31 09:28:43 +11:00
renovate[bot]
d4d781ae52
build(deps): update alpine docker tag to v3.13.1 ( #1649 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 01:04:46 +11:00
renovate[bot]
72ec9713b3
build(deps): update traefik docker tag ( #1674 )
...
* build(deps): update traefik docker tag
* fix(suites): fix traefik2 empty args for matcher PathPrefix
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-01-31 00:30:41 +11:00
renovate[bot]
14192e11ac
build(deps): update osixia/phpldapadmin docker tag to v0.9.0 ( #1673 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 22:52:54 +11:00
renovate[bot]
6627a54594
build(deps): update osixia/openldap docker tag to v1.4.0 ( #1672 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 22:28:05 +11:00
renovate[bot]
d8685418e8
build(deps): update alpine docker tag to v3.12.3 ( #1647 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 22:11:42 +11:00
dependabot-preview[bot]
353b65066c
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1620 )
...
Bumps golang from 1.15.6-alpine to 1.15.7-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2021-01-21 22:14:21 +11:00
dependabot-preview[bot]
7e13d465e9
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1611 )
...
Bumps alpine from 3.12.3 to 3.13.0.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2021-01-18 09:42:44 +11:00
Amir Zarrinkafsh
8bab8d47ef
[MISC] Add CLI suite ( #1597 )
...
This change adds a new integration testing suite "CLI".
The intent of this suite is to test, validate and capture coverage for Authelia's commands via the CLI.
2021-01-16 21:25:02 +11:00
dependabot-preview[bot]
8fa76499cb
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1601 )
...
Bumps haproxy from 2.3.3-alpine to 2.3.4-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-01-15 10:45:36 +11:00
dependabot-preview[bot]
6aa0e5fa7d
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1591 )
...
Bumps haproxy from 2.3.2-alpine to 2.3.3-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-01-11 10:01:26 +11:00
dependabot-preview[bot]
ee3ce69f9f
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1548 )
...
Bumps alpine from 3.12.2 to 3.12.3.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-19 14:11:31 +11:00
Amir Zarrinkafsh
7c6a86882f
[MISC] Catch OpenLDAP ppolicy error ( #1508 )
...
* [MISC] Catch OpenLDAP ppolicy error
Further to the discussion over at #361 , this change now ensures that OpenLDAP password complexity errors are caught and appropriately handled.
This change also includes the PasswordComplexity test suite in the LDAP integration suite. This is because a ppolicy has been setup and enforced.
* Remove password history for integration tests
* Adjust max failures due to regulation trigger
* Fix error handling for password resets
* Refactor and include code suggestions
2020-12-16 12:30:03 +11:00
dependabot-preview[bot]
c14af472dd
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1531 )
...
Bumps alpine from 3.12.1 to 3.12.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-14 09:12:55 +11:00
dependabot-preview[bot]
d7fea74177
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1512 )
...
Bumps golang from 1.15.5-alpine to 1.15.6-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-07 12:47:48 +11:00
dependabot-preview[bot]
c9837568b5
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1501 )
...
Bumps haproxy from 2.3.1-alpine to 2.3.2-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-03 09:54:21 +11:00
Amir Zarrinkafsh
aa64d0c4e5
[FEATURE] Support MSAD password reset via unicodePwd attribute ( #1460 )
...
* Added `ActiveDirectory` suite for integration tests with Samba AD
* Updated documentation
* Minor styling refactor to suites
* Clean up LDAP user provisioning
* Fix Authelia home splash to reference correct link for webmail
* Add notification message for password complexity errors
* Add password complexity integration test
* Rename implementation default from rfc to custom
* add specific defaults for LDAP (activedirectory implementation)
* add docs to show the new defaults
* add docs explaining the importance of users filter
* add tests
* update instances of LDAP implementation names to use the new consts where applicable
* made the 'custom' case in the UpdatePassword method for the implementation switch the default case instead
* update config examples due to the new defaults
* apply changes from code review
* replace schema default name from MSAD to ActiveDirectory for consistency
* fix missing default for username_attribute
* replace test raising on empty username attribute with not raising on empty
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-11-27 20:59:22 +11:00
Timo
495e57b46c
[DOCS] Make HAProxy regex case insensitive ( #1478 )
2020-11-24 12:35:38 +11:00
dependabot-preview[bot]
f42b1ea229
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1463 )
...
Bumps haproxy from 2.3.0-alpine to 2.3.1-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-11-16 11:49:52 +11:00
dependabot-preview[bot]
6e5b930f64
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1464 )
...
Bumps golang from 1.15.4-alpine to 1.15.5-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-11-16 11:07:44 +11:00
Amir Zarrinkafsh
f392f51df6
[MISC] Append log file instead of overwriting ( #1450 )
...
* [MISC] Append log file instead of overwriting
If Authelia is restarted when a `log_file_path` is defined upon restart the log file is overwritten as opposed to appending the existing file.
This change ensures that the log file will be appended to, users will need to ensure that they rotate/truncate this over time especially if running in `debug` or `trace`.
* Amend documentation for log_file_path
2020-11-13 10:14:45 +11:00
dependabot-preview[bot]
a5f07d7ade
[MISC] (deps): Bump haproxy from 2.2.4-alpine to 2.3.0-alpine in /internal/suites/example/compose/haproxy ( #1431 )
...
* [MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy
Bumps haproxy from 2.2.4-alpine to 2.3.0-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix HAProxy suite
Looks like the new version of HAProxy has config validation which expects a newline at the bottom of `haproxy.cfg`.
CI was failing with the following error:
[NOTICE] 313/021816 (1) : haproxy version is 2.3.0-1c0a722
[ALERT] 313/021816 (1) : parsing [/usr/local/etc/haproxy/haproxy.cfg:80]: Missing LF on last line, file might have been truncated at position 42.
[ALERT] 313/021816 (1) : Error(s) found in configuration file : /usr/local/etc/haproxy/haproxy.cfg
[ALERT] 313/021816 (1) : Fatal errors found in configuration.
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-11-09 13:35:18 +11:00
dependabot-preview[bot]
ee0b37c796
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1432 )
...
Bumps golang from 1.15.3-alpine to 1.15.4-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-11-09 09:04:06 +11:00
Amir Zarrinkafsh
a83ccd7188
[FEATURE] Add Remote-Name and Remote-Email headers ( #1402 )
2020-10-26 22:38:08 +11:00
dependabot-preview[bot]
662da9523b
[MISC] (deps): Bump node in /internal/suites/example/compose/duo-api ( #1407 )
...
Bumps node from 14-alpine to 15-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-26 11:11:37 +11:00
dependabot-preview[bot]
4f50818667
[MISC] (deps): Bump node in /internal/suites/example/compose/authelia ( #1406 )
...
Bumps node from 14-alpine to 15-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-26 09:39:06 +11:00
dependabot-preview[bot]
19ba79cfa1
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1400 )
...
Bumps alpine from 3.12.0 to 3.12.1.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-23 17:59:48 +11:00
dependabot-preview[bot]
607e6711f5
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1377 )
...
Bumps golang from 1.15.2-alpine to 1.15.3-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-16 14:02:33 +11:00
dependabot-preview[bot]
4a9ed76f32
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1359 )
...
Bumps haproxy from 2.2.3-alpine to 2.2.4-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-08 10:46:43 +11:00