renovate[bot]
451f84f13f
build(deps): update haproxy docker tag to v2.4.7 ( #2455 )
2021-10-06 20:54:05 +11:00
renovate[bot]
6370c16c95
build(deps): update traefik docker tag to v1.7.31 ( #2450 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-06 08:38:29 +11:00
renovate[bot]
28e702f5c8
build(deps): update postgres docker tag to v14 ( #2430 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-01 11:03:06 +10:00
Amir Zarrinkafsh
e8a52f4794
refactor: replace sqlite library with the original cgo variant ( #2427 )
...
* refactor: replace sqlite library with the original cgo variant
This change reverts our SQLite library back to the original for compatibility and performance reasons now that we always package with CGO.
* fix: cgo and build flags
* fix: gcc requirement
* fix: gcc in dev workflow too
2021-10-01 09:58:33 +10:00
Amir Zarrinkafsh
3d312cf3b9
refactor: replace yarn with pnpm ( #2424 )
...
* Check for pnpm in authelia-scripts
* Improve husky hooks to check for required apps
* Use pnpm in coverage dockerfile
* Use pnpm in dev workflow
* Stop buildx log truncation
* Ignore pnpm lockfile in yamllint
* Update versions required for docker and docker-compose in contributing docs
2021-09-29 17:24:21 +10:00
renovate[bot]
6343f70f01
build(deps): update traefik docker tag to v2.5.3 ( #2401 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 10:40:22 +10:00
renovate[bot]
4da10f9cea
build(deps): update haproxy docker tag to v2.4.4 ( #2351 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-08 09:52:49 +10:00
Amir Zarrinkafsh
84f370aa68
fix(suites): prevent dev workflow overriding .healthcheck.env ( #2345 )
2021-09-06 20:51:58 +10:00
renovate[bot]
9de8aafadf
build(deps): update traefik docker tag to v2.5.2 ( #2337 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-03 11:59:46 +10:00
renovate[bot]
d2bf1eb4e2
build(deps): update alpine docker tag to v3.14.2 ( #2325 )
2021-08-28 09:13:07 +10:00
renovate[bot]
ad16f99e6d
build(deps): update traefik docker tag to v2.5.1 ( #2306 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-21 11:03:00 +10:00
renovate[bot]
8ac9ce9367
build(deps): update traefik docker tag to v2.5.0 ( #2296 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-19 09:28:05 +10:00
renovate[bot]
956db2dbaa
build(deps): update haproxy docker tag to v2.4.3 ( #2295 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-18 14:50:49 +10:00
renovate[bot]
0aba819899
build(deps): update golang docker tag ( #2293 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-17 13:46:47 +10:00
renovate[bot]
c768144c07
build(deps): update traefik docker tag to v2.4.14 ( #2292 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-17 07:30:27 +10:00
renovate[bot]
c593ebc573
build(deps): update mariadb docker tag to v10.6.4 ( #2274 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-10 07:30:29 +10:00
renovate[bot]
cc1ecafc1c
build(deps): update alpine docker tag to v3.14.1 ( #2262 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-07 06:48:15 +10:00
James Elliott
a3b14871ba
perf(authentication): improve ldap dynamic replacement performance ( #2239 )
...
This change means we only check the filters for the existence of placeholders that cannot be replaced at startup. We then utilized cached results of that lookup for subsequent replacements.
2021-08-05 14:17:07 +10:00
renovate[bot]
77a51d5c2f
build(deps): update traefik docker tag to v2.4.13 ( #2217 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-31 09:53:41 +10:00
renovate[bot]
c98b2a7d59
build(deps): update traefik docker tag to v2.4.12 ( #2203 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-27 10:29:31 +10:00
renovate[bot]
596346de1e
build(deps): update traefik docker tag to v2.4.11 ( #2187 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-16 06:42:05 +10:00
renovate[bot]
3537cce660
build(deps): update mariadb docker tag to v10.6.3 ( #2180 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-13 22:46:04 +02:00
renovate[bot]
d2422e9965
build(deps): update haproxy docker tag to v2.4.2 ( #2168 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-09 08:49:30 +10:00
Philipp Staiger
7ff0a39c02
fix(suites): disable cgo for delve during development ( #2129 )
...
#2101 introduced a minor regression when using the authelia scripts suite for developing.
The following issues occurred:
```
[00] # runtime/cgo
[00] cgo: exec gcc: exec: "gcc": executable file not found in $PATH
```
Adding the CGO_ENABLED=0 before the dlv build command in the run-backend-dev.sh fixed the issue.
2021-07-01 10:28:24 +10:00
renovate[bot]
9640b48b60
build(deps): update haproxy docker tag to v2.4.1 ( #2120 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-27 14:22:29 +10:00
renovate[bot]
5c78dfaa0d
build(deps): update traefik docker tag to v2.4.9 ( #2113 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-23 08:49:05 +10:00
Amir Zarrinkafsh
4cab3a4a4e
refactor: drop cgo requirement for sqlite ( #2101 )
...
* refactor: drop cgo requirement for sqlite
Replace github.com/mattn/go-sqlite3 with modernc.org/sqlite which drops our CGO requirement.
* refactor: newline for consistency with dockerfiles
2021-06-22 10:45:33 +10:00
renovate[bot]
986f88fd89
build(deps): update mariadb docker tag to v10.6.2 ( #2099 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-19 08:33:13 +10:00
renovate[bot]
923f7c7aec
build(deps): update alpine docker tag to v3.14.0 ( #2084 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-16 09:38:02 +10:00
renovate[bot]
d28d36b568
build(deps): update haproxy docker tag to v2.4.0 ( #2004 )
...
* build(deps): update haproxy docker tag to v2.4.0
* fix(suites): fix haproxy dockerfile user
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-26 14:13:53 +10:00
renovate[bot]
6a226ec122
build(deps): update mariadb docker tag to v10.6.1 ( #2028 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-26 08:28:16 +10:00
renovate[bot]
3ff50ae979
build(deps): update node.js to v16 ( #2005 )
2021-05-16 00:18:01 +10:00
renovate[bot]
f97c0df929
build(deps): update postgres docker tag to v13 ( #1987 )
2021-05-08 00:40:58 +10:00
James Elliott
ddea31193b
feature(oidc): add support for OpenID Connect
...
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.
This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.
We are still working on adding the remaining set of features before making it GA as soon as possible.
Related to #189
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
renovate[bot]
77c3058368
build(deps): update mariadb docker tag to v10.6.0 ( #1958 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-29 15:59:16 +10:00
renovate[bot]
b952e9e71d
build(deps): update haproxy docker tag to v2.3.10 ( #1942 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-24 10:43:48 +02:00
Amir Zarrinkafsh
db55325152
fix(suites): ensure k8s suite utilises the registry cache ( #1921 )
2021-04-15 12:07:19 +10:00
renovate[bot]
4318bb1e0c
build(deps): update alpine docker tag to v3.13.5 ( #1915 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 08:54:56 +10:00
James Elliott
d33d6c2f00
ci: add yamllint ( #1895 )
...
This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.
2021-04-11 06:51:00 +10:00
renovate[bot]
ad7808d430
build(deps): update traefik docker tag to v1.7.30 ( #1897 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-09 09:32:21 +10:00
renovate[bot]
771a0f362e
build(deps): update alpine docker tag to v3.13.4 ( #1877 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-01 12:47:51 +11:00
renovate[bot]
92da7a21de
build(deps): update haproxy docker tag to v2.3.9 ( #1873 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-31 13:52:05 +11:00
renovate[bot]
dbb819dfa5
build(deps): update traefik docker tag to v1.7.29 ( #1869 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-30 11:37:38 +11:00
renovate[bot]
5ab334dcdc
build(deps): update haproxy docker tag to v2.3.8 ( #1858 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 02:06:58 +11:00
renovate[bot]
e6929cdf3e
build(deps): update alpine docker tag to v3.13.3 ( #1853 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 11:30:30 +11:00
renovate[bot]
6d4d1d5e2f
build(deps): update traefik docker tag to v2.4.8 ( #1848 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-24 19:34:55 +01:00
renovate[bot]
e7c9d55c23
build(deps): update haproxy docker tag to v2.3.7 ( #1834 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-17 08:51:46 +11:00
James Elliott
e041143f87
feat(session): add redis sentinel provider ( #1768 )
...
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 10:03:05 +11:00
renovate[bot]
073c558296
build(deps): update traefik docker tag to v2.4.7 ( #1790 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 14:18:48 +11:00
James Elliott
4dce8f9496
perf(authorizer): preload access control lists ( #1640 )
...
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
2021-03-05 15:18:31 +11:00