This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/upgrading/to-0.10.md
Jens L 7be680cbe5
Migrate to Docusaurus (#329)
* docs: initial migration to docusaurus

* website: add custom font, update blurbs and icons

* website: update splash

* root: update links to docs

* flows: use .pbflow extension so docusaurus doesn't mangle the files

* e2e: workaround prospector

* Squashed commit of the following:

commit 1248585dca
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:46:53 2020 +0100

    e2e: attempt to fix prospector error again

commit 1319c480c4
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:41:35 2020 +0100

    ci: install previous python version for upgrade testing

* web: update accent colours and format

* website: format markdown files

* website: fix colours for text

* website: switch to temporary accent colour to improve readability

* flows: fix path for TestTransferDocs

* flows: fix formatting of tests
2020-11-15 22:42:02 +01:00

2.9 KiB

title
Upgrading to 0.10

This update brings a lot of big features, such as:

  • New OAuth2/OpenID Provider

    This new provider merges both OAuth2 and OpenID. It is based on the codebase of the old provider, which has been simplified and cleaned from the ground up. Support for Property Mappings has also been added. Because of this change, OpenID and OAuth2 Providers will have to be re-created.

  • Proxy Provider

    Due to this new OAuth2 Provider, the Application Gateway Provider, now simply called "Proxy Provider" has been revamped as well. The new passbook Proxy integrates more tightly with passbook via the new Outposts system. The new proxy also supports multiple applications per proxy instance, can configure TLS based on passbook Keypairs, and more.

    See Proxy

  • Outpost System

    This is a new Object type, currently used only by the Proxy Provider. It manages the creation and permissions of service accounts, which are used by the outposts to communicate with passbook.

    See Outposts

  • Flow Import/Export

    Flows can now be imported and exported. This feature can be used as a backup system, or to share complex flows with other people. Example flows have also been added to the documentation to help you get going with passbook.

Under the hood

  • passbook now runs on Django 3.1 and Channels with complete ASGI enabled
  • uwsgi has been replaced with Gunicorn and uvicorn
  • Elastic APM has been replaced with Sentry Performance metrics
  • Flow title is now configurable separately from the name
  • All logging output is now json

Upgrading

docker-compose

The docker-compose file has been updated, please download the latest from https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml. By default, the new compose file uses a fixed version to prevent unintended updates.

Before updating the file, stop all containers. Then download the file, pull the new containers and start the database.

docker-compose down
docker-compose pull
docker-compose up --no-start
docker-compose start redis postgrseql
docker-compose run --rm server migrate
docker-compose up -d

Helm

A few options have changed:

  • error_reporting was changed from a simple boolean to a dictionary:
error_reporting:
    enabled: false
    environment: customer
    send_pii: false
  • The apm and monitoring blocks have been removed.
  • serverReplicas and workerReplicas have been added

Upgrading

This upgrade only applies if you are upgrading from a running 0.9 instance. Passbook detects this on startup, and automatically executes this upgrade.

Because this upgrade brings the new OAuth2 Provider, the old providers will be lost in the process. Make sure to take note of the providers you want to bring over.

Another side-effect of this upgrade is the change of OAuth2 URLs, see here.