Commit Graph

22 Commits (841de2b75dacf12ffa0d0b8907d069e004657f30)

Author SHA1 Message Date
James Elliott 242386e279 Force TLS and valid x509 certs in SMTP Notifier by default
- Adjust AUTH LOGIN functionality to be closer to AUTH PLAIN
- Removed: secure (notifier smtp conf) boolean string
- Added: disable_verify_cert (notifier smtp conf) boolean
    - disables X509 validation of certificates
- Added: disable_require_tls (notifier smtp conf) boolean
    - allows emails to be sent over plain text (for non-authenticated only)
- Added: trusted_cert (notifier smtp conf) string (path)
    - allows specifying the path of a PEM format cert to add to trusted cert pool
- Make SMTP notifier return errors on connection over plain text
- Make SMTP notifier return errors on TLS connection with invalid certs
- Implemented various debug logging for the SMTP notifier
- Implemented explicit SMTP closes on errors (previously left con open)
- Split SMTPNotifier Send func to seperate funcs for:
    - writing future test suites and startup checks more easily
    - organization and readability
- Add details of changes to docs/security.yml
- Adjust config.yml's (template and test) for the changes
2020-01-10 17:37:16 +01:00
James Elliott a39245a8e8 Fixed duplicate key in kube example
- rules key was duplicated in the ingress.yml
2020-01-10 17:37:16 +01:00
Silver Bullet eeefec2fac Update references to remove hash router
* Update references to remove hash router

In commit 9ae2096, the redirection parameter is changed in the example `nginx.conf`, and also in other places like `internal/middlewares/identity_verification.go`:

```
- link := fmt.Sprintf("%s://%s/#%s?token=%s", ctx.XForwardedProto(),
+ link := fmt.Sprintf("%s://%s%s?token=%s", ctx.XForwardedProto(),
```
2020-01-10 11:33:18 +01:00
Amir Zarrinkafsh fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud d077ad10da Update expiration timeouts from milliseconds to seconds. 2019-12-07 14:36:24 +01:00
Clement Michaud e21da43fd6 Add support for LDAP over TLS. 2019-12-06 21:33:47 +01:00
Clement Michaud b89f63e9c1 Fix and parallelize integration tests. 2019-12-05 11:05:24 +01:00
Clement Michaud 6303485fd2 Add support for PostgreSQL. 2019-11-16 23:39:26 +01:00
Clement Michaud b2ced06402 Fix Kubernetes suite tests.
Also deploy kubernetes dashboard prior to authelia services to ease
debugging of the suite.
2019-11-16 23:39:26 +01:00
Clement Michaud 5b836fc4cf Cleanup documentation.
Remove mention of Mongo and basic suites. Also adapt some part
to changes made to authelia-scripts.
2019-11-16 23:39:26 +01:00
Clement Michaud bd19ee48fd Deprecate mongo and add mariadb as storage backend option. 2019-11-16 23:39:26 +01:00
Clement Michaud a991379a74 Declare suites as Go structs and bootstrap e2e test framework in Go.
Some tests are not fully rewritten in Go, a typescript wrapper is called
instead until we remove the remaining TS tests and dependencies.

Also, dockerize every components (mainly Authelia backend, frontend and kind)
so that the project does not interfere with user host anymore (open ports for instance).
The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts.
It will soon be avoided using authelia.com domain that I own.
2019-11-15 20:23:06 +01:00
Clement Michaud 828f565290 Bootstrap Go implementation of Authelia.
This is going to be the v4.

Expected improvements:
- More reliable due to static typing.
- Bump of performance.
- Improvement of logging.
- Authelia can be shipped as a single binary.
- Will likely work on ARM architecture.
2019-10-28 23:28:59 +01:00
Clement Michaud 76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
ViViDboarder 264a94d4e7 Add ability to search for groups using {uid}
On some LDAP servers, the `uid` attribute is more like a guid, while the
username exists instead in a dedicated field, like `username`. This
means the `uid` is not necessarily equal to `username`.

This is allows referencing using the `uid` to search for groups in the same
way as `dn` so that one can explicitly match the `memberuid` to the `uid` for
the user without the assumptions that come with using `{0}`.
2019-02-27 21:34:18 -08:00
BankaiNoJutsu 3d1448d3cc fix permissions 2018-12-18 16:34:56 +01:00
BankaiNoJutsu 48c204fc68 added all themes, clean and backup of dist, --theme value check 2018-12-18 16:30:23 +01:00
Clement Michaud cf89aa909c Fix kubernetes configuration. 2018-08-26 14:32:19 +02:00
Clement Michaud 4be299d6eb Adapt kube example to work without custom nginx template 2018-04-24 23:59:15 +02:00
Clement Michaud 48d6107b0b Rename redirect query parameter into rd for compatibility with nginx-ingress 2018-04-24 23:03:09 +02:00
Clement Michaud a9a14f8586 Add original nginx-ingress template to compare with the new one 2018-04-24 22:32:56 +02:00
Clement Michaud 7acb097040 Add the configuration files to deploy Authelia in a Kube cluster 2018-04-24 22:32:56 +02:00