authentik/internal/outpost/ak/global.go

91 lines
2.5 KiB
Go

package ak
import (
"fmt"
"net/http"
"os"
"strings"
"github.com/getsentry/sentry-go"
httptransport "github.com/go-openapi/runtime/client"
log "github.com/sirupsen/logrus"
"goauthentik.io/api/v3"
"goauthentik.io/internal/constants"
sentryutils "goauthentik.io/internal/utils/sentry"
webutils "goauthentik.io/internal/utils/web"
)
var initialSetup = false
var tlsTransport *http.RoundTripper = nil
func doGlobalSetup(outpost api.Outpost, globalConfig *api.Config) {
l := log.WithField("logger", "authentik.outpost")
m := outpost.Managed.Get()
level, ok := outpost.Config[ConfigLogLevel]
if !ok {
level = "info"
}
if m == nil || *m == "" {
switch level.(string) {
case "trace":
log.SetLevel(log.TraceLevel)
case "debug":
log.SetLevel(log.DebugLevel)
case "info":
log.SetLevel(log.InfoLevel)
case "warning":
log.SetLevel(log.WarnLevel)
case "error":
log.SetLevel(log.ErrorLevel)
default:
log.SetLevel(log.DebugLevel)
}
} else {
l.Debug("Managed outpost, not setting global log level")
}
if globalConfig.ErrorReporting.Enabled {
if !initialSetup {
l.WithField("env", globalConfig.ErrorReporting.Environment).Debug("Error reporting enabled")
}
err := sentry.Init(sentry.ClientOptions{
Dsn: globalConfig.ErrorReporting.SentryDsn,
Environment: globalConfig.ErrorReporting.Environment,
EnableTracing: true,
TracesSampler: sentryutils.SamplerFunc(float64(globalConfig.ErrorReporting.TracesSampleRate)),
Release: fmt.Sprintf("authentik@%s", constants.VERSION),
HTTPTransport: webutils.NewUserAgentTransport(constants.OutpostUserAgent(), http.DefaultTransport),
IgnoreErrors: []string{
http.ErrAbortHandler.Error(),
},
})
if err != nil {
l.WithField("env", globalConfig.ErrorReporting.Environment).WithError(err).Warning("Failed to initialise sentry")
}
}
if !initialSetup {
l.WithField("hash", constants.BUILD("tagged")).WithField("version", constants.VERSION).Info("Starting authentik outpost")
initialSetup = true
}
}
// GetTLSTransport Get a TLS transport instance, that skips verification if configured via environment variables.
func GetTLSTransport() http.RoundTripper {
if tlsTransport != nil {
return *tlsTransport
}
value, set := os.LookupEnv("AUTHENTIK_INSECURE")
if !set {
value = "false"
}
tmp, err := httptransport.TLSTransport(httptransport.TLSClientOptions{
InsecureSkipVerify: strings.ToLower(value) == "true",
})
if err != nil {
panic(err)
}
tlsTransport = &tmp
return *tlsTransport
}