Commit Graph

1283 Commits (fea58c52e033d9b6233e900dd9d9993fb3c7a001)

Author SHA1 Message Date
Amir Zarrinkafsh 6245dd68e9
[MISC] Change github action comment plugin (#609) 2020-02-01 18:12:58 +01:00
Amir Zarrinkafsh 006c9e20db
[FIX] Fix token associated with github actions (#607) 2020-02-02 00:47:23 +11:00
Clément Michaud 7f19078efb
[MISC] Document usage of env variables for setting secrets. (#606)
Closes #579.
2020-02-02 00:17:39 +11:00
Clément Michaud ea9b408b70
[FIX] Fix default redirection URL not taken into account (#600)
* Remove unused mongo docker-compose file.

* Default redirection URL was not taken into account.

* Fix possible storage options in config template.

* Remove useless checks in u2f registration endpoints.

* Add default redirection url in config of duo suite.

* Fix log line in response handler of 2FA methods.

* Fix integration tests.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-02-01 13:54:50 +01:00
Amir Zarrinkafsh 05592cbe2d
[MISC] Add github comment workflow for automated builds (#605) 2020-02-01 12:56:11 +01:00
Clément Michaud e303ae0083
[MISC] Remove unused mongo docker-compose file. (#599) 2020-02-01 22:19:26 +11:00
Clément Michaud 426b29c382
[MISC] Add a CONTRIBUTING.md to the project. (#604) 2020-02-01 22:05:43 +11:00
Amir Zarrinkafsh 1b478e8f3d
[Buildkite] Do not persist Docker secret in builds (#603) 2020-02-01 19:10:18 +11:00
Amir Zarrinkafsh 275af90137
[Buildkite] Re-order pipeline to improve security (#598) 2020-01-31 15:16:46 +11:00
Amir Zarrinkafsh 49e739d009
[Buildkite] Add automatic deployment and removal of Docker images for Branches and PRs (#592) 2020-01-30 08:37:11 +01:00
James Elliott 152b33e4fa [FIX] SMTP Notifier Unhandled Error Conditions (#585)
- Only attempt to close the connection once it's established.
- Defer the client Quit/Close so that it always executes at the end.
- Fixes #585
2020-01-28 15:19:54 +11:00
Amir Zarrinkafsh 722cbb63a0 [Buildkite] Remove redundant if clause in post-checkout hook 2020-01-28 10:06:03 +11:00
Amir Zarrinkafsh e646323555 [MISC] Fix AUR badge links in README.md 2020-01-28 10:06:03 +11:00
James Elliott 31ca4f891f [FIX] Disable regulation when max_retries set to 0 (#584)
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
2020-01-27 22:54:24 +11:00
Amir Zarrinkafsh 25c0b60540 [MISC] Update docs to include updated proxy configuration (#580)
Includes updated documentation for:
* nginx
* Traefik 1.x
* Traefik 2.x
2020-01-27 00:24:49 +01:00
Amir Zarrinkafsh 107126929b Update README.md with AUR references and remove CHANGELOG.md (#576)
* Update README.md
Provide badges and references to the AUR for Arch Linux Authelia packages.
Closes #571 #572.

* Add systemd unit file
Include the unit in future release artifacts.

* Remove CHANGELOG.md
As of future releases Changelog details will dynamically be generated.

* Update README.md
Add badge for authelia-git package.

* Update Changelog to only publish explicit Docker tag
Do not include Major and Minor versions, as these will change over time.
2020-01-24 10:21:17 +01:00
Clement Michaud aca8be40ac Release v4.2.0 2020-01-22 09:12:21 +01:00
Amir Zarrinkafsh 6f669ec8b7 Package config.template.yml in published artifacts 2020-01-22 08:43:06 +01:00
Amir Zarrinkafsh d36fbb73b7 Add example for v3 -> v4 migrations utilising Docker 2020-01-22 11:53:15 +11:00
Amir Zarrinkafsh 9a685fefad Update alpine to 3.11.3 2020-01-22 11:53:15 +11:00
Clement Michaud 2acf8bf21c Add hash-password and migrate commands to authelia binary.
This reduce the size of the docker image and avoid confusing users.

We keep the commands in authelia-scripts too in order to keep the
current workflow of developers.
2020-01-22 11:53:15 +11:00
Clement Michaud bb7781fd2b Use env variables to configure secrets in Standalone suite. 2020-01-22 10:15:25 +11:00
Clement Michaud cab97d5f2f Bind secret environment variable to allow unmarshalling. 2020-01-22 10:15:25 +11:00
Clement Michaud c95c7210d8 Put secrets in env variables of Kubernetes Deployment.
This is preliminary work to bootstrap the Helm chart and rely on
the Kubernetes vault.

WARNING: those variables should never be set in the configuration
in a production environment. They have been set here for ease of
deployment and because this is a showcase.
2020-01-22 10:15:25 +11:00
Clement Michaud e92d3ced3a Introduce viper in order to read secrets from env variables. 2020-01-22 10:15:25 +11:00
Clement Michaud ea86b62527 Add validation for notifier configuration. 2020-01-22 10:15:25 +11:00
Clement Michaud 9b5b091a44 Update CHANGELOG for v4.1.0. 2020-01-21 23:26:14 +01:00
Clément Michaud fffff82735
Create FUNDING.yml 2020-01-21 22:20:13 +01:00
James Elliott 736ed3f212 Misc Spelling Corrections
- Mostly changes to spelling of comments/docs/displayed text
- A few changes to test function names
2020-01-21 12:16:00 +11:00
Clement Michaud 47b34b4026 Escape special LDAP characters as suggested by OWASP.
https://owasp.org/www-project-cheat-sheets/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html
2020-01-21 09:46:17 +11:00
Amir Zarrinkafsh 1059551133
Optimise deploy artifacts step (#564)
* Optimise deploy artifacts step
authelia-scripts is not required to publish GitHub artifacts as we utilise [Hub](https://hub.github.com/), this should save ~10 seconds in this step.

* Specify release number in pipeline

* Change buildkite and github published artifacts back to gzip

* Update README.md
2020-01-20 10:53:55 +11:00
Clement Michaud aafd8fdbd8 Add a sponsorship badge and section to README. 2020-01-19 22:55:37 +01:00
Clement Michaud 99830d95f6 Add a section on vulnerability reporting under security in README. 2020-01-19 22:55:37 +01:00
Amir Zarrinkafsh a02fb1438e Add Traefik2 suite and refactor Traefik suite (#562)
* Update Traefik 1.x to v1.7.20 for integration tests

* Add suite for Traefik 2.x

* Refactor Traefik2 suite to utilise Docker labels

* Move Traefik2 middleware definition to a file based provider

* Expose Traefik2 dashboard
The API/Dashboard can be reached at https://traefik.example.com:8080/

* Move Traefik frontend/backend definitions to Docker labels

* Move Traefik2 router/service definitions to Docker labels

* Normalise all Traefik configuration via labels and commands
When the the middleware issue with Traefik 2.x (#476) is resolved this means all Traefik related configuration can be self-contained within the respective docker-compose.yml files.

* Define ports for Authelia frontend/backend services

* Adjust Traefik2 suite to new dev workflow

* Normalise all Traefik2 middlewares via labels

* Fix typo in middleware and comment labels specifying Traefik version
2020-01-19 11:06:37 +01:00
Clément Michaud 6054addfcc
Update README.md 2020-01-19 00:31:08 +01:00
Amir Zarrinkafsh 68919a3b4e Update README.md
Remove Gitter badge and add Matrix badge, a Matrix <-> Gitter bridge exists to allow communication across the two channels.
2020-01-19 10:28:29 +11:00
Clément Michaud 2e86f270cd Encode URL set to rd parameter. (#559)
* Encode URL set to rd parameter.

URL encoding that parameter solves PR #476.

Some URL parameters set during redirection were magically disappearing
after the redirection due to the authentication process. By using URL encoding,
those parameters should not be stripped anymore.

* Fix integration tests.
2020-01-19 01:57:42 +11:00
Amir Zarrinkafsh a0b79c61d2 Group docker deployment steps to prevent race conditions/conflicts 2020-01-18 11:17:25 +11:00
Amir Zarrinkafsh 1f684dbc75 Update README.md 2020-01-18 11:17:25 +11:00
Clément Michaud bb24cf16f7
Update README.md 2020-01-18 00:41:29 +01:00
James Elliott e6ddedf23d Fixes Remember Me functionality
- Adjust the remember me duration to 1 year
- Fixes #552
2020-01-18 00:27:01 +01:00
Clement Michaud ece4423d33 Add back wait block in buildkite pipeline. 2020-01-18 00:12:36 +01:00
Clement Michaud 841de2b75d Disable inactivity timeout when user checked remember me.
Instead of checking the value of the cookie expiration we rely
on the boolean stored in the user session to check whether inactivity
timeout should be disabled.
2020-01-18 00:12:36 +01:00
Clement Michaud 6792fd5bc3 Add --ignore-certificate-errors flag to chromium-browser command in integration tests.
This flag fix error messages when running the tests for the first time.
2020-01-18 00:12:36 +01:00
Clément Michaud 9f2cca1ebf
Update Authelia logo in README and the icon of the webapp. (#556) 2020-01-17 21:30:50 +01:00
Clément Michaud ce7b6b8167
Build docker image upfront in CI and use it in integration tests. (#555)
* Build docker image upfront in CI and use it in integration tests.

Previously, the development workflow was broken because the container
generated from Dockerfile.CI was used in dev environments but the binary
was not pre-built as it is on buildkite. I propose to just remove that
image and use the "to be published" image instead in integration tests.

This will have several advantages:
- Fix the dev workflow.
- Remove CI arch from authelia-scripts build command
- Optimize CI time in buildkite since we'll cache a way small artifact
- We don't build authelia more than once for earch arch.

* Fix suites and only build ARM images on master or tagged commits

* Optimise pipeline dependencies and Kubernetes suite to utilise cache

* Run unit tests and docker image build in parallel.

* Fix suite trying to write on read only fs.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-01-17 20:46:51 +01:00
Clément Michaud da22227563
Add trimpath build flag and fix go version to guarantee reproducible build. (#553) 2020-01-16 22:17:03 +01:00
Amir Zarrinkafsh 9b8be0fef0 Remove Travis and promote Buildkite (#545)
* Remove Travis and promote Buildkite

* Add Docker Size badge to README.md

* Call MicroBadger webhook to update metadata for shields

Add updateMicroBadger function and refactor publishDockerReadme to be called explicitly instead of on every deployManifest call.
2020-01-16 21:57:44 +01:00
Amir Zarrinkafsh 5914f96de4
Add git tag back to binary artifact. 2020-01-13 11:30:05 +11:00
Clement Michaud a823b6368a Remove build time and git tag from binary artifact.
That way it's easy to build a given commit and check whether
it's the same binary than the one published on Github.
2020-01-12 20:17:11 +01:00