add changelog and add missing s in authentik url

2022-06-15 14:06:39 +02:00 · 2022-06-15 14:06:39 +02:00 · 424214fd56
commit 424214fd56
parent 82b42d5b9c
3 changed files with 117 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -0,0 +1,114 @@
 # Changelog
 ## v1.4.1 - 
 - Fix sending local IPs to BunkerNet when DISABLE_DEFAULT_SERVER=yes
 - Fix certbot bug when AUTOCONF_MODE=yes
 - Fix certbot bug when MULTISITE=no
 - Add reverse proxy timeouts settings
 - Add auth_request settings
 - Add authentik and authelia examples
 - Prebuilt Docker images for arm64 and armv7
 - Improve documentation for Linux integration
 - Various fixes in the documentation
 ## v1.4.0 - 2022/06/06
 - Project renamed to BunkerWeb
 - Internal architecture fully revised with a modular approach
 - Improved CI/CD with automatic tests for multiple integrations
 - Plugin improvement
 - Volume improvement for container-based integrations
 - Web UI improvement with various new features
 - Web tool to generate settings from a user-friendly UI
 - Linux packages
 - Various bug fixes
 ## v1.3.2 - 2021/10/24
 - Use API instead of a shared folder for Swarm and Kubernetes integrations
 - Beta integration of distributed bad IPs database through a remote API
 - Improvement of the request limiting feature : hour/day rate and multiple URL support
 - Various bug fixes related to antibot feature
 - Init support of Arch Linux
 - Fix Moodle example
 - Fix ROOT_FOLDER bug in serve-files.conf when using the UI
 - Update default values for PERMISSIONS_POLICY and FEATURE_POLICY
 - Disable COUNTRY ban if IP is local
 ## v1.3.1 - 2021/09/02
 - Use ModSecurity v3.0.4 instead of v3.0.5 to fix memory leak
 - Fix ignored variables to control jobs
 - Fix bug when LISTEN_HTTP=no and MULTISITE=yes
 - Add CUSTOM_HEADER variable
 - Add REVERSE_PROXY_BUFFERING variable
 - Add REVERSE_PROXY_KEEPALIVE variable
 - Fix documentation for modsec and modsec-crs special folders
 ## v1.3.0 - 2021/08/23
 - Kubernetes integration in beta
 - Linux integration in beta
 - autoconf refactoring
 - jobs refactoring
 - UI refactoring
 - UI security : login/password authentication and CRSF protection
 - various dependencies updates
 - move CrowdSec as an external plugin
 - Authelia support
 - improve various regexes
 - add INJECT_BODY variable
 - add WORKER_PROCESSES variable
 - add USE_LETS_ENCRYPT_STAGING variable
 - add LOCAL_PHP and LOCAL_PHP_PATH variables
 - add REDIRECT_TO variable
 ## v1.2.8 - 2021/07/22
 - Fix broken links in README
 - Fix regex for EMAIL_LETS_ENCRYPT
 - Fix regex for REMOTE_PHP and REMOTE_PHP_PATH
 - Fix regex for SELF_SIGNED_*
 - Fix various bugs related to web UI
 - Fix bug in autoconf (missing instances parameter to reload function)
 - Remove old .env files when generating a new configuration
 ## v1.2.7 - 2021/06/14
 - Add custom robots.txt and sitemap to RTD
 - Fix missing GeoIP DB bug when using BLACKLIST/WHITELIST_COUNTRY
 - Add underscore "_" to allowed chars for CUSTOM_HTTPS_CERT/KEY
 - Fix bug when using automatic self-signed certificate
 - Build and push images from GitHub actions instead of Docker Hub autobuild
 - Display the reason when generator is ignoring a variable
 - Various bug fixes related to certbot and jobs
 - Split jobs into pre and post jobs
 - Add HEALTHCHECK to image
 - Fix race condition when using autoconf without Swarm by checking healthy state
 - Bump modsecurity-nginx to v1.0.2
 - Community chat with bridged platforms
 ## v1.2.6 - 2021/06/06
 - Move from "ghetto-style" shell scripts to generic jinja2 templating
 - Init work on a basic plugins system
 - Move ClamAV to external plugin
 - Reduce image size by removing unnecessary dependencies
 - Fix CrowdSec example
 - Change some global variables to multisite
 - Add LOG_LEVEL environment variable
 - Read-only container support
 - Improved antibot javascript with a basic proof of work
 - Update nginx to 1.20.1
 - Support of docker-socket-proxy with web UI
 - Add certbot-cloudflare example
 - Disable DNSBL checks when IP is local
 ## v1.2.5 - 2021/05/14
 - Performance improvement : move some nginx security checks to LUA and external blacklist parsing enhancement
 - Init work on official documentation on readthedocs
 - Fix default value for CONTENT_SECURITY_POLICY to allow file downloads
 - Add ROOT_SITE_SUBFOLDER environment variable
 ## TODO - retrospective changelog
--- a/examples/authentik/README.md
+++ b/examples/authentik/README.md
@ -0,0 +1 @@
 We assume that you are already familiar with [Authentik]().
--- a/examples/authentik/docker-compose.yml
+++ b/examples/authentik/docker-compose.yml
@ -43,14 +43,14 @@ services:
      - app1.example.com_REVERSE_PROXY_URL=/
      - app1.example.com_REVERSE_PROXY_HOST=http://app1:3000
      - app1.example.com_REVERSE_PROXY_AUTH_REQUEST=/outpost.goauthentik.io/auth/nginx
-      - app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=http://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
+      - app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
      - app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SET=$$auth_cookie $$upstream_http_set_cookie;$$authentik_username $$upstream_http_x_authentik_username;$$authentik_groups $$upstream_http_x_authentik_groups;$$authentik_email $$upstream_http_x_authentik_email;$$authentik_name $$upstream_http_x_authentik_name;$$authentik_uid $$upstream_http_x_authentik_uid
      - app1.example.com_REVERSE_PROXY_HEADERS_CLIENT=Set-Cookie $$auth_cookie
      - app1.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
      - app2.example.com_REVERSE_PROXY_URL=/
      - app2.example.com_REVERSE_PROXY_HOST=http://app2
      - app2.example.com_REVERSE_PROXY_AUTH_REQUEST=/outpost.goauthentik.io/auth/nginx
-      - app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=http://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
+      - app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
      - app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SET=$$auth_cookie $$upstream_http_set_cookie;$$authentik_username $$upstream_http_x_authentik_username;$$authentik_groups $$upstream_http_x_authentik_groups;$$authentik_email $$upstream_http_x_authentik_email;$$authentik_name $$upstream_http_x_authentik_name;$$authentik_uid $$upstream_http_x_authentik_uid
      - app2.example.com_REVERSE_PROXY_HEADERS_CLIENT=Set-Cookie $$auth_cookie
      - app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
		`@ -0,0 +1 @@`
							`We assume that you are already familiar with [Authentik]().`