user/authentik: drop due migration to ilot iports

user/authentik/APKBUILD

@@ -1,258 +0,0 @@
-# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
-# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
-pkgname=authentik
-pkgver=2024.4.3
-pkgrel=1
-pkgdesc="An open-source Identity Provider focused on flexibility and versatility"
-url="https://github.com/goauthentik/authentik"
-# s390x: missing py3-celery py3-flower and py3-kombu
-# armhf/armv7/x86: out of memory error when building goauthentik
-# ppc64le: not supported by Rollup build
-arch="aarch64 x86_64"
-license="MIT"
-depends="
-	libcap-setcap
-	nginx
-	postgresql
-	procps
-	pwgen
-	py3-aiohttp
-	py3-aiosignal
-	py3-amqp
-	py3-anyio
-	py3-asgiref
-	py3-asn1
-	py3-asn1crypto
-	py3-async-timeout
-	py3-attrs
-	py3-autobahn
-	py3-automat
-	py3-bcrypt
-	py3-billiard
-	py3-cachetools
-	py3-cbor2
-	py3-celery
-	py3-certifi
-	py3-cffi
-	py3-channels
-	py3-channels_redis
-	py3-charset-normalizer
-	py3-click
-	py3-click-didyoumean
-	py3-click-plugins
-	py3-click-repl
-	py3-codespell
-	py3-colorama
-	py3-constantly
-	py3-cparser
-	py3-cryptography
-	py3-dacite
-	py3-daphne
-	py3-dateutil
-	py3-deepmerge
-	py3-defusedxml
-	py3-deprecated
-	py3-dnspython
-	py3-django
-	py3-django-filter
-	py3-django-guardian
-	py3-django-model-utils
-	py3-django-otp
-	py3-django-prometheus
-	py3-django-redis
-	py3-django-rest-framework~=3.14.0
-	py3-django-rest-framework-guardian
-	py3-django-storages
-	py3-django-tenants
-	py3-docker-py
-	py3-dotenv
-	py3-dumb-init
-	py3-duo_client
-	py3-drf-spectacular
-	py3-email-validator
-	py3-facebook-sdk
-	py3-fido2
-	py3-flower
-	py3-frozenlist
-	py3-geoip2
-	py3-google-auth
-	py3-gunicorn
-	py3-h11
-	py3-httptools
-	py3-humanize
-	py3-hyperlink
-	py3-idna
-	py3-incremental
-	py3-inflection
-	py3-jsonschema
-	py3-jsonpatch
-	py3-jwt
-	py3-kombu
-	py3-kubernetes
-	py3-ldap3
-	py3-lxml
-	py3-maxminddb
-	py3-msgpack
-	py3-multidict
-	py3-oauthlib
-	py3-opencontainers
-	py3-openssl
-	py3-packaging
-	py3-paramiko
-	py3-parsing
-	py3-prometheus-client
-	py3-prompt_toolkit
-	py3-psycopg
-	py3-psycopg-c
-	py3-pydantic-scim
-	py3-pynacl
-	py3-pyrsistent
-	py3-python-jwt
-	py3-redis
-	py3-requests
-	py3-requests-oauthlib
-	py3-rsa
-	py3-scim2-filter-parser
-	py3-setproctitle
-	py3-sentry-sdk
-	py3-service_identity
-	py3-setuptools
-	py3-six
-	py3-sniffio
-	py3-sqlparse
-	py3-structlog
-	py3-swagger-spec-validator
-	py3-tornado
-	py3-twilio
-	py3-twisted
-	py3-txaio
-	py3-tenant-schemas-celery
-	py3-typing-extensions
-	py3-tz
-	py3-ua-parser
-	py3-uritemplate
-	py3-urllib3-secure-extra
-	py3-uvloop
-	py3-vine
-	py3-watchdog
-	py3-watchfiles
-	py3-wcwidth
-	py3-webauthn
-	py3-websocket-client
-	py3-websockets
-	py3-wrapt
-	py3-wsproto
-	py3-xmlsec
-	py3-yaml
-	py3-yarl
-	py3-zope-interface
-	py3-zxcvbn
-	redis
-	uvicorn
-	"
-makedepends="go npm"
-# checkdepends scooped up by poetry due to number
-checkdepends="poetry py3-coverage"
-# tests disabled for now
-options="!check"
-install="$pkgname.post-install $pkgname.post-upgrade $pkgname.pre-install"
-source="
-	$pkgname-$pkgver.tar.gz::https://github.com/goauthentik/authentik/archive/refs/tags/version/$pkgver.tar.gz
-	authentik.openrc
-	authentik-worker.openrc
-	authentik-ldap.openrc
-	authentik-ldap.conf
-	authentik-manage.sh
-	fix-ak-bash.patch
-	root-settings-csrf_trusted_origins.patch
-	"
-builddir="$srcdir/"authentik-version-$pkgver
-subpackages="$pkgname-openrc $pkgname-doc"
-pkgusers="authentik"
-pkggroups="authentik"
-
-export GOPATH=$srcdir/go
-export GOCACHE=$srcdir/go-build
-export GOTMPDIR=$srcdir
-
-build() {
-	msg "Building authentik-ldap"
-	go build -o ldap cmd/ldap/main.go
-	msg "Building authentik-proxy"
-	go build -o proxy cmd/proxy/main.go
-	msg "Building authentik-radius"
-	go build -o radius cmd/proxy/main.go
-	msg "Building authentik-server"
-	go build -o server cmd/server/*.go
-
-	msg "Building authentik-web"
-	cd web
-	npm ci --no-audit
-	npm run build
-	cd ..
-
-	msg "Building website"
-	cd website
-	npm ci --no-audit
-	npm run build
-}
-
-package() {
-	msg "Packaging $pkgname"
-	mkdir -p "$pkgdir"/usr/share/webapps/authentik/web
-	mkdir -p "$pkgdir"/usr/share/webapps/authentik/website
-	mkdir -p "$pkgdir"/var/lib/authentik
-	mkdir -p "$pkgdir"/usr/share/doc
-	mkdir -p "$pkgdir"/usr/bin
-	cp -dr "$builddir"/authentik "$pkgdir"/usr/share/webapps/authentik
-	cp -dr "$builddir"/web/dist "$pkgdir"/usr/share/webapps/authentik/web/dist
-	cp -dr "$builddir"/web/authentik "$pkgdir"/usr/share/webapps/authentik/web/authentik
-	cp -dr "$builddir"/website/build "$pkgdir"/usr/share/doc/authentik
-	cp -dr "$builddir"/tests "$pkgdir"/usr/share/webapps/authentik/tests
-	cp -dr "$builddir"/lifecycle "$pkgdir"/usr/share/webapps/authentik/lifecycle
-	cp -dr "$builddir"/locale "$pkgdir"/usr/share/webapps/authentik/locale
-	cp -dr "$builddir"/blueprints "$pkgdir"/var/lib/authentik/blueprints
-	install -Dm755 "$builddir"/manage.py "$pkgdir"/usr/share/webapps/authentik/manage.py
-	install -Dm755 "$builddir"/server "$pkgdir"/usr/share/webapps/authentik/server
-	ln -s "/etc/authentik/config.yml" "$pkgdir"/usr/share/webapps/authentik/local.env.yml
-
-	install -Dm755 "$builddir"/proxy "$pkgdir"/usr/bin/authentik-proxy
-	install -Dm755 "$builddir"/ldap "$pkgdir"/usr/bin/authentik-ldap
-	install -Dm755 "$builddir"/radius "$pkgdir"/usr/bin/authentik-radius
-
-	install -Dm755 "$srcdir"/$pkgname.openrc \
-		"$pkgdir"/etc/init.d/$pkgname
-	install -Dm755 "$srcdir"/$pkgname-worker.openrc \
-		"$pkgdir"/etc/init.d/$pkgname-worker
-	install -Dm755 "$srcdir"/$pkgname-ldap.openrc \
-		"$pkgdir"/etc/init.d/$pkgname-ldap
-	install -Dm640 "$srcdir"/$pkgname-ldap.conf \
-		"$pkgdir"/etc/conf.d/$pkgname-ldap
-	install -Dm640 "$builddir"/authentik/lib/default.yml \
-		"$pkgdir"/etc/authentik/config.yml
-	chown root:www-data "$pkgdir"/etc/authentik/config.yml
-
-	mv "$pkgdir"/usr/share/webapps/authentik/web/dist/custom.css "$pkgdir"/etc/authentik/custom.css
-	ln -s "/etc/authentik/custom.css" "$pkgdir"/usr/share/webapps/authentik/web/dist/custom.css
-	chown root:www-data "$pkgdir"/etc/authentik/custom.css
-
-	sed -i 's|cert_discovery_dir.*|cert_discovery_dir: /var/lib/authentik/certs|' "$pkgdir"/etc/authentik/config.yml
-	sed -i 's|blueprints_dir.*|blueprints_dir: /var/lib/authentik/blueprints|' "$pkgdir"/etc/authentik/config.yml
-	sed -i 's|template_dir.*|template_dir: /var/lib/authentik/templates|' "$pkgdir"/etc/authentik/config.yml
-	printf "\ncsrf:\n  trusted_origins: ['auth.example.com']" >> "$pkgdir"/etc/authentik/config.yml
-	printf "\nsecret_key: '@@SECRET_KEY@@'" >> "$pkgdir"/etc/authentik/config.yml
-
-	# Install wrapper script to /usr/bin.
-	install -m755 -D "$srcdir"/authentik-manage.sh "$pkgdir"/usr/bin/authentik-manage
-}
-
-sha512sums="
-121ed925d81a5cb2a14fed8ec8b324352e40b1fcbba83573bfdc1d1f66a91d9670cd64d7ef752c8a2df6c34fc3e19e8aec5c6752d33e87b487a462a590212ab0  authentik-2024.4.3.tar.gz
-4defb4fe3a4230f4aa517fbecd5e5b8bcef2a64e1b40615660ae9eec33597310a09df5e126f4d39ce7764bd1716c0a7040637699135c103cbc1879593c6c06f1  authentik.openrc
-6cb03b9b69df39bb4539fe05c966536314d766b2e9307a92d87070ba5f5b7e7ab70f1b5ee1ab3c0c50c23454f9c5a4caec29e63fdf411bbb7a124ad687569b89  authentik-worker.openrc
-351e6920d987861f8bf0d7ab2f942db716a8dbdad1f690ac662a6ef29ac0fd46cf817cf557de08f1c024703503d36bc8b46f0d9eb1ecaeb399dce4c3bb527d17  authentik-ldap.openrc
-89ee5f0ffdade1c153f3a56ff75b25a7104aa81d8c7a97802a8f4b0eab34850cee39f874dabe0f3c6da3f71d6a0f938f5e8904169e8cdd34d407c8984adee6b0  authentik-ldap.conf
-f1a3cb215b6210fa7d857a452a9f2bc4dc0520e49b9fa7027547cff093d740a7e2548f1bf1f8831f7d5ccb80c8e523ee0c8bafcc4dc42d2788725f2137d21bee  authentik-manage.sh
-3e47db684a3f353dcecdb7bab8836b9d5198766735d77f676a51d952141a0cf9903fcb92e6306c48d2522d7a1f3028b37247fdc1dc74d4d6e043da7eb4f36d49  fix-ak-bash.patch
-5c60e54b6a7829d611af66f5cb8184a002b5ae927efbd024c054a7c176fcb9efcfbe5685279ffcf0390b0f0abb3bb03e02782c6867c2b38d1ad2d508aae83fa0  root-settings-csrf_trusted_origins.patch
-"

user/authentik/authentik-ldap.conf

@@ -1,3 +0,0 @@
-AUTHENTIK_HOST=https://example.com
-AUTHENTIK_TOKEN=your-authentik-token
-AUTHENTIK_INSECURE=true

user/authentik/authentik-ldap.openrc

@@ -1,24 +0,0 @@
-#!/sbin/openrc-run
-  
-name="$RC_SVCNAME"
-cfgfile="/etc/conf.d/$RC_SVCNAME"
-pidfile="/run/$RC_SVCNAME.pid"
-working_directory="/usr/share/webapps/authentik"
-command="/usr/bin/authentik-ldap"
-command_user="authentik"
-command_group="authentik"
-start_stop_daemon_args=""
-command_background="yes"
-output_log="/var/log/authentik/$RC_SVCNAME.log"
-error_log="/var/log/authentik/$RC_SVCNAME.err"
-
-depend() {
-        need authentik
-}
-
-start_pre() {
-	cd "$working_directory"
-        checkpath --directory --owner $command_user:$command_group --mode 0775 \
-                /var/log/authentik
-	export AUTHENTIK_HOST AUTHENTIK_TOKEN AUTHENTIK_INSECURE AUTHENTIK_DEBUG
-}

user/authentik/authentik-manage.sh

@@ -1,11 +0,0 @@
-#!/bin/sh
-
-BUNDLE_DIR='/usr/share/webapps/authentik'
-
-cd $BUNDLE_DIR
-
-if [ "$(id -un)" != 'authentik' ]; then
-	exec su authentik -c '"$0" "$@"' -- ./manage.py "$@"
-else
-	exec ./manage.py "$@"
-fi

user/authentik/authentik-worker.openrc

@@ -1,32 +0,0 @@
-#!/sbin/openrc-run
-  
-name="$RC_SVCNAME"
-cfgfile="/etc/conf.d/$RC_SVCNAME.conf"
-pidfile="/run/$RC_SVCNAME.pid"
-working_directory="/usr/share/webapps/authentik"
-command="/usr/bin/authentik-manage"
-command_args="worker"
-command_user="authentik"
-command_group="authentik"
-start_stop_daemon_args=""
-command_background="yes"
-output_log="/var/log/authentik/$RC_SVCNAME.log"
-error_log="/var/log/authentik/$RC_SVCNAME.err"
-
-depend() {
-        need redis
-        need postgresql
-}
-
-start_pre() {
-	cd "$working_directory"
-        checkpath --directory --owner $command_user:$command_group --mode 0775 \
-                /var/log/authentik \
-                /var/lib/authentik/certs \
-                /var/lib/authentik/blueprints
-}
-
-stop_pre() {
-	ebegin "Killing child processes"
-	kill $(ps -o pid= --ppid $(cat $pidfile)) || true
-}

user/authentik/authentik.openrc

@@ -1,30 +0,0 @@
-#!/sbin/openrc-run
-  
-name="$RC_SVCNAME"
-cfgfile="/etc/conf.d/$RC_SVCNAME.conf"
-pidfile="/run/$RC_SVCNAME.pid"
-working_directory="/usr/share/webapps/authentik"
-command="/usr/share/webapps/authentik/server"
-command_user="authentik"
-command_group="authentik"
-start_stop_daemon_args=""
-command_background="yes"
-output_log="/var/log/authentik/$RC_SVCNAME.log"
-error_log="/var/log/authentik/$RC_SVCNAME.err"
-
-depend() {
-        need redis
-        need postgresql
-}
-
-start_pre() {
-	cd "$working_directory"
-        checkpath --directory --owner $command_user:$command_group --mode 0775 \
-                /var/log/authentik \
-                /var/lib/authentik/certs
-}
-
-stop_pre() {
-	ebegin "Killing child processes"
-	kill $(ps -o pid= --ppid $(cat $pidfile)) || true
-}

user/authentik/authentik.post-install

@@ -1,39 +0,0 @@
-#!/bin/sh
-set -eu
-
-group=authentik
-config_file='/etc/authentik/config.yml'
-
-setcap 'cap_net_bind_service=+ep' /usr/share/webapps/authentik/server
-
-if [ $(grep '@@SECRET_KEY@@' "$config_file") ]; then
-	echo "* Generating random secret in $config_file" >&2
-
-	secret_key="$(pwgen -s 50 1)"
-	sed -i "s|@@SECRET_KEY@@|$secret_key|" "$config_file"
-	chown root:$group "$config_file"
-fi
-
-if [ "${0##*.}" = 'post-upgrade' ]; then
-	cat >&2 <<-EOF
-	*
-	* To finish Authentik upgrade run:
-	*
-	*     authentik-manage migrate
-	*
-	EOF
-else
-	cat >&2 <<-EOF
-	*
-	* 1. Adjust settings in /etc/authentik/config.yml.
-	*
-	* 2. Create database for Authentik:
-	*
-	*     psql -c "CREATE ROLE authentik PASSWORD 'top-secret' INHERIT LOGIN;"
-	*     psql -c "CREATE DATABASE authentik OWNER authentik ENCODING 'UTF-8';"
-	*
-	* 3. Run "authentik-manage migrate"
-	* 4. Setup admin user at https://<your server>/if/flow/initial-setup/
-	*
-	EOF
-fi

user/authentik/authentik.post-upgrade

@@ -1 +0,0 @@
-authentik.post-install

user/authentik/authentik.pre-install

@@ -1,26 +0,0 @@
-#!/bin/sh
-# It's very important to set user/group correctly.
-
-authentik_dir='/var/lib/authentik'
-
-if ! getent group authentik 1>/dev/null; then
-	echo '* Creating group authentik' 1>&2
-
-	addgroup -S authentik
-fi
-
-if ! id authentik 2>/dev/null 1>&2; then
-	echo '* Creating user authentik' 1>&2
-
-	adduser -DHS -G authentik -h "$authentik_dir" -s /bin/sh  \
-		-g "added by apk for authentik" authentik
-	passwd -u authentik 1>/dev/null  # unlock
-fi
-
-if ! id -Gn authentik | grep -Fq redis; then
-	echo '* Adding user authentik to group redis' 1>&2
-
-	addgroup authentik redis
-fi
-
-exit 0

user/authentik/fix-ak-bash.patch

@@ -1,10 +0,0 @@
-diff --git a/lifecycle/ak.orig b/lifecycle/ak
-index 615bfe9..1646274 100755
---- a/lifecycle/ak.orig
-+++ b/lifecycle/ak
-@@ -1,4 +1,4 @@
--#!/usr/bin/env -S bash -e
-+#!/usr/bin/env bash
- MODE_FILE="${TMPDIR}/authentik-mode"
- 
- function log {

user/authentik/root-settings-csrf_trusted_origins.patch

@@ -1,12 +0,0 @@
-diff --git a/authentik/root/settings.py b/authentik/root/settings.py
-index 15e689b06..8b0c1d744 100644
---- a/authentik/root/settings.py
-+++ b/authentik/root/settings.py
-@@ -33,6 +33,7 @@ AUTH_USER_MODEL = "authentik_core.User"
- 
- CSRF_COOKIE_NAME = "authentik_csrf"
- CSRF_HEADER_NAME = "HTTP_X_AUTHENTIK_CSRF"
-+CSRF_TRUSTED_ORIGINS = CONFIG.get("csrf.trusted_origins")
- LANGUAGE_COOKIE_NAME = "authentik_language"
- SESSION_COOKIE_NAME = "authentik_session"
- SESSION_COOKIE_DOMAIN = CONFIG.get("cookie_domain", None)