added LFS ENV var

scripts/setup-authentik-test.sh

@@ -0,0 +1,180 @@
+#!/bin/bash
+
+# Setup script for testing Authentik SSO with Gitea Mirror
+# This script helps configure Authentik for testing SSO integration
+
+set -e
+
+echo "======================================"
+echo "Authentik SSO Test Environment Setup"
+echo "======================================"
+echo ""
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+# Check if docker and docker-compose are installed
+if ! command -v docker &> /dev/null; then
+    echo -e "${RED}Docker is not installed. Please install Docker first.${NC}"
+    exit 1
+fi
+
+if ! command -v docker-compose &> /dev/null && ! docker compose version &> /dev/null; then
+    echo -e "${RED}Docker Compose is not installed. Please install Docker Compose first.${NC}"
+    exit 1
+fi
+
+# Function to generate random secret
+generate_secret() {
+    openssl rand -base64 32 | tr -d '\n' | tr -d '=' | tr -d '/' | tr -d '+'
+}
+
+# Function to wait for service
+wait_for_service() {
+    local service=$1
+    local port=$2
+    local max_attempts=30
+    local attempt=1
+    
+    echo -n "Waiting for $service to be ready"
+    while ! nc -z localhost $port 2>/dev/null; do
+        if [ $attempt -eq $max_attempts ]; then
+            echo -e "\n${RED}Timeout waiting for $service${NC}"
+            return 1
+        fi
+        echo -n "."
+        sleep 2
+        ((attempt++))
+    done
+    echo -e " ${GREEN}Ready!${NC}"
+    return 0
+}
+
+# Parse command line arguments
+ACTION=${1:-start}
+
+case $ACTION in
+    start)
+        echo "Starting Authentik test environment..."
+        echo ""
+        
+        # Check if .env.authentik exists, if not create it
+        if [ ! -f .env.authentik ]; then
+            echo "Creating .env.authentik with secure defaults..."
+            cat > .env.authentik << EOF
+# Authentik Configuration
+AUTHENTIK_SECRET_KEY=$(generate_secret)
+AUTHENTIK_DB_PASSWORD=$(generate_secret)
+AUTHENTIK_BOOTSTRAP_PASSWORD=admin-password
+AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com
+
+# Gitea Mirror Configuration  
+BETTER_AUTH_SECRET=$(generate_secret)
+BETTER_AUTH_URL=http://localhost:4321
+BETTER_AUTH_TRUSTED_ORIGINS=http://localhost:4321,http://localhost:9000
+
+# URLs for testing
+AUTHENTIK_URL=http://localhost:9000
+GITEA_MIRROR_URL=http://localhost:4321
+EOF
+            echo -e "${GREEN}Created .env.authentik with secure secrets${NC}"
+            echo ""
+        fi
+        
+        # Load environment variables
+        source .env.authentik
+        
+        # Start Authentik services
+        echo "Starting Authentik services..."
+        docker-compose -f docker-compose.authentik.yml --env-file .env.authentik up -d
+        
+        # Wait for Authentik to be ready
+        echo ""
+        wait_for_service "Authentik" 9000
+        
+        # Wait a bit more for initialization
+        echo "Waiting for Authentik to initialize..."
+        sleep 10
+        
+        echo ""
+        echo -e "${GREEN}✓ Authentik is running!${NC}"
+        echo ""
+        echo "======================================"
+        echo "Authentik Access Information:"
+        echo "======================================"
+        echo "URL: http://localhost:9000"
+        echo "Admin Username: akadmin"
+        echo "Admin Password: admin-password"
+        echo ""
+        echo "======================================"
+        echo "Next Steps:"
+        echo "======================================"
+        echo "1. Access Authentik at http://localhost:9000"
+        echo "2. Login with akadmin / admin-password"
+        echo "3. Create OAuth2 Provider for Gitea Mirror:"
+        echo "   - Name: gitea-mirror"
+        echo "   - Redirect URIs:"
+        echo "     http://localhost:4321/api/auth/callback/sso-provider"
+        echo "   - Scopes: openid, profile, email"
+        echo ""
+        echo "4. Create Application:"
+        echo "   - Name: Gitea Mirror"
+        echo "   - Slug: gitea-mirror"
+        echo "   - Provider: gitea-mirror (created above)"
+        echo ""
+        echo "5. Start Gitea Mirror with:"
+        echo "   bun run dev"
+        echo ""
+        echo "6. Configure SSO in Gitea Mirror:"
+        echo "   - Go to Settings → Authentication & SSO"
+        echo "   - Add provider with:"
+        echo "     - Issuer URL: http://localhost:9000/application/o/gitea-mirror/"
+        echo "     - Client ID: (from Authentik provider)"
+        echo "     - Client Secret: (from Authentik provider)"
+        echo ""
+        ;;
+        
+    stop)
+        echo "Stopping Authentik test environment..."
+        docker-compose -f docker-compose.authentik.yml down
+        echo -e "${GREEN}✓ Authentik stopped${NC}"
+        ;;
+        
+    clean)
+        echo "Cleaning up Authentik test environment..."
+        docker-compose -f docker-compose.authentik.yml down -v
+        echo -e "${GREEN}✓ Authentik data cleaned${NC}"
+        
+        read -p "Remove .env.authentik file? (y/N) " -n 1 -r
+        echo
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            rm -f .env.authentik
+            echo -e "${GREEN}✓ Configuration file removed${NC}"
+        fi
+        ;;
+        
+    logs)
+        docker-compose -f docker-compose.authentik.yml logs -f
+        ;;
+        
+    status)
+        echo "Authentik Service Status:"
+        echo "========================="
+        docker-compose -f docker-compose.authentik.yml ps
+        ;;
+        
+    *)
+        echo "Usage: $0 {start|stop|clean|logs|status}"
+        echo ""
+        echo "Commands:"
+        echo "  start  - Start Authentik test environment"
+        echo "  stop   - Stop Authentik services"
+        echo "  clean  - Stop and remove all data"
+        echo "  logs   - Show Authentik logs"
+        echo "  status - Show service status"
+        exit 1
+        ;;
+esac