website/docs: add new doc about extra steps for hardening authentik#9649
Merged
website/docs: add new doc about extra steps for hardening authentik#9649
Conversation
added 4 commits
May 7, 2024 13:05
✅ Deploy Preview for authentik-storybook canceled.
|
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #9649 +/- ##
==========================================
- Coverage 92.51% 92.44% -0.07%
==========================================
Files 669 688 +19
Lines 32899 33639 +740
==========================================
+ Hits 30435 31098 +663
- Misses 2464 2541 +77
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
kensternberg-authentik
approved these changes
May 8, 2024
Contributor
|
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-528118e6250287dc01894ae17cdc1b3d27ac21da
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sFor arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-528118e6250287dc01894ae17cdc1b3d27ac21da-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sAfterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-528118e6250287dc01894ae17cdc1b3d27ac21daFor arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-528118e6250287dc01894ae17cdc1b3d27ac21da-arm64Afterwards, run the upgrade commands from the latest release notes. |
kensternberg-authentik
added a commit
that referenced
this pull request
May 10, 2024
* main: website/docs: add hardening advice and link directly to Cure53 results (#9670) core: bump goauthentik.io/api/v3 from 3.2024042.2 to 3.2024042.4 (#9674) core: bump ruff from 0.4.3 to 0.4.4 (#9677) core: bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 (#9675) web: bump glob from 10.3.12 to 10.3.14 in /web (#9676) lib/providers/sync: multiple minor fixes (#9667) core: fix source flow_manager not always appending save stage (#9659) web: bump API Client version (#9660) web/admin: only show non-backchannel providers in application provider select (#9658) website/docs: add new doc about extra steps for hardening authentik (#9649)
kensternberg-authentik
added a commit
that referenced
this pull request
May 10, 2024
* dev: (74 commits) website/docs: add hardening advice and link directly to Cure53 results (#9670) core: bump goauthentik.io/api/v3 from 3.2024042.2 to 3.2024042.4 (#9674) core: bump ruff from 0.4.3 to 0.4.4 (#9677) core: bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 (#9675) web: bump glob from 10.3.12 to 10.3.14 in /web (#9676) lib/providers/sync: multiple minor fixes (#9667) core: fix source flow_manager not always appending save stage (#9659) web: bump API Client version (#9660) web/admin: only show non-backchannel providers in application provider select (#9658) website/docs: add new doc about extra steps for hardening authentik (#9649) web: bump API Client version (#9656) enterprise/providers/microsoft_entra: initial account sync to microsoft entra (#9632) web: bump chromedriver from 124.0.1 to 124.0.2 in /tests/wdio (#9652) web: bump @sentry/browser from 7.113.0 to 7.114.0 in /web in the sentry group (#9653) core, web: update translations (#9650) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9644) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9646) translate: Updates for file web/xliff/en.xlf in zh_CN (#9645) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9647) core, web: update translations (#9633) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added extra verbiage, from Jen's doc: https://www.notion.so/authentiksecurity/Hardening-docs-684229e00cdd49bbaa5c4ffd10c59ee2?v=684229e00cdd49bbaa5c4ffd10c59ee2
make website)