add changelog and add missing s in authentik url
This commit is contained in:
parent
82b42d5b9c
commit
424214fd56
|
@ -0,0 +1,114 @@
|
|||
# Changelog
|
||||
|
||||
## v1.4.1 -
|
||||
- Fix sending local IPs to BunkerNet when DISABLE_DEFAULT_SERVER=yes
|
||||
- Fix certbot bug when AUTOCONF_MODE=yes
|
||||
- Fix certbot bug when MULTISITE=no
|
||||
- Add reverse proxy timeouts settings
|
||||
- Add auth_request settings
|
||||
- Add authentik and authelia examples
|
||||
- Prebuilt Docker images for arm64 and armv7
|
||||
- Improve documentation for Linux integration
|
||||
- Various fixes in the documentation
|
||||
|
||||
## v1.4.0 - 2022/06/06
|
||||
|
||||
- Project renamed to BunkerWeb
|
||||
- Internal architecture fully revised with a modular approach
|
||||
- Improved CI/CD with automatic tests for multiple integrations
|
||||
- Plugin improvement
|
||||
- Volume improvement for container-based integrations
|
||||
- Web UI improvement with various new features
|
||||
- Web tool to generate settings from a user-friendly UI
|
||||
- Linux packages
|
||||
- Various bug fixes
|
||||
|
||||
## v1.3.2 - 2021/10/24
|
||||
|
||||
- Use API instead of a shared folder for Swarm and Kubernetes integrations
|
||||
- Beta integration of distributed bad IPs database through a remote API
|
||||
- Improvement of the request limiting feature : hour/day rate and multiple URL support
|
||||
- Various bug fixes related to antibot feature
|
||||
- Init support of Arch Linux
|
||||
- Fix Moodle example
|
||||
- Fix ROOT_FOLDER bug in serve-files.conf when using the UI
|
||||
- Update default values for PERMISSIONS_POLICY and FEATURE_POLICY
|
||||
- Disable COUNTRY ban if IP is local
|
||||
|
||||
## v1.3.1 - 2021/09/02
|
||||
|
||||
- Use ModSecurity v3.0.4 instead of v3.0.5 to fix memory leak
|
||||
- Fix ignored variables to control jobs
|
||||
- Fix bug when LISTEN_HTTP=no and MULTISITE=yes
|
||||
- Add CUSTOM_HEADER variable
|
||||
- Add REVERSE_PROXY_BUFFERING variable
|
||||
- Add REVERSE_PROXY_KEEPALIVE variable
|
||||
- Fix documentation for modsec and modsec-crs special folders
|
||||
|
||||
## v1.3.0 - 2021/08/23
|
||||
|
||||
- Kubernetes integration in beta
|
||||
- Linux integration in beta
|
||||
- autoconf refactoring
|
||||
- jobs refactoring
|
||||
- UI refactoring
|
||||
- UI security : login/password authentication and CRSF protection
|
||||
- various dependencies updates
|
||||
- move CrowdSec as an external plugin
|
||||
- Authelia support
|
||||
- improve various regexes
|
||||
- add INJECT_BODY variable
|
||||
- add WORKER_PROCESSES variable
|
||||
- add USE_LETS_ENCRYPT_STAGING variable
|
||||
- add LOCAL_PHP and LOCAL_PHP_PATH variables
|
||||
- add REDIRECT_TO variable
|
||||
|
||||
## v1.2.8 - 2021/07/22
|
||||
|
||||
- Fix broken links in README
|
||||
- Fix regex for EMAIL_LETS_ENCRYPT
|
||||
- Fix regex for REMOTE_PHP and REMOTE_PHP_PATH
|
||||
- Fix regex for SELF_SIGNED_*
|
||||
- Fix various bugs related to web UI
|
||||
- Fix bug in autoconf (missing instances parameter to reload function)
|
||||
- Remove old .env files when generating a new configuration
|
||||
|
||||
## v1.2.7 - 2021/06/14
|
||||
|
||||
- Add custom robots.txt and sitemap to RTD
|
||||
- Fix missing GeoIP DB bug when using BLACKLIST/WHITELIST_COUNTRY
|
||||
- Add underscore "_" to allowed chars for CUSTOM_HTTPS_CERT/KEY
|
||||
- Fix bug when using automatic self-signed certificate
|
||||
- Build and push images from GitHub actions instead of Docker Hub autobuild
|
||||
- Display the reason when generator is ignoring a variable
|
||||
- Various bug fixes related to certbot and jobs
|
||||
- Split jobs into pre and post jobs
|
||||
- Add HEALTHCHECK to image
|
||||
- Fix race condition when using autoconf without Swarm by checking healthy state
|
||||
- Bump modsecurity-nginx to v1.0.2
|
||||
- Community chat with bridged platforms
|
||||
|
||||
## v1.2.6 - 2021/06/06
|
||||
|
||||
- Move from "ghetto-style" shell scripts to generic jinja2 templating
|
||||
- Init work on a basic plugins system
|
||||
- Move ClamAV to external plugin
|
||||
- Reduce image size by removing unnecessary dependencies
|
||||
- Fix CrowdSec example
|
||||
- Change some global variables to multisite
|
||||
- Add LOG_LEVEL environment variable
|
||||
- Read-only container support
|
||||
- Improved antibot javascript with a basic proof of work
|
||||
- Update nginx to 1.20.1
|
||||
- Support of docker-socket-proxy with web UI
|
||||
- Add certbot-cloudflare example
|
||||
- Disable DNSBL checks when IP is local
|
||||
|
||||
## v1.2.5 - 2021/05/14
|
||||
|
||||
- Performance improvement : move some nginx security checks to LUA and external blacklist parsing enhancement
|
||||
- Init work on official documentation on readthedocs
|
||||
- Fix default value for CONTENT_SECURITY_POLICY to allow file downloads
|
||||
- Add ROOT_SITE_SUBFOLDER environment variable
|
||||
|
||||
## TODO - retrospective changelog
|
|
@ -0,0 +1 @@
|
|||
We assume that you are already familiar with [Authentik]().
|
|
@ -43,14 +43,14 @@ services:
|
|||
- app1.example.com_REVERSE_PROXY_URL=/
|
||||
- app1.example.com_REVERSE_PROXY_HOST=http://app1:3000
|
||||
- app1.example.com_REVERSE_PROXY_AUTH_REQUEST=/outpost.goauthentik.io/auth/nginx
|
||||
- app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=http://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
|
||||
- app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
|
||||
- app1.example.com_REVERSE_PROXY_AUTH_REQUEST_SET=$$auth_cookie $$upstream_http_set_cookie;$$authentik_username $$upstream_http_x_authentik_username;$$authentik_groups $$upstream_http_x_authentik_groups;$$authentik_email $$upstream_http_x_authentik_email;$$authentik_name $$upstream_http_x_authentik_name;$$authentik_uid $$upstream_http_x_authentik_uid
|
||||
- app1.example.com_REVERSE_PROXY_HEADERS_CLIENT=Set-Cookie $$auth_cookie
|
||||
- app1.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
|
||||
- app2.example.com_REVERSE_PROXY_URL=/
|
||||
- app2.example.com_REVERSE_PROXY_HOST=http://app2
|
||||
- app2.example.com_REVERSE_PROXY_AUTH_REQUEST=/outpost.goauthentik.io/auth/nginx
|
||||
- app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=http://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
|
||||
- app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/outpost.goauthentik.io/start?rd=$$scheme%3A%2F%2F$$host$$request_uri
|
||||
- app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SET=$$auth_cookie $$upstream_http_set_cookie;$$authentik_username $$upstream_http_x_authentik_username;$$authentik_groups $$upstream_http_x_authentik_groups;$$authentik_email $$upstream_http_x_authentik_email;$$authentik_name $$upstream_http_x_authentik_name;$$authentik_uid $$upstream_http_x_authentik_uid
|
||||
- app2.example.com_REVERSE_PROXY_HEADERS_CLIENT=Set-Cookie $$auth_cookie
|
||||
- app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
|
||||
|
|
Loading…
Reference in New Issue