hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions

Fix Zulip bootstrap user handling

Browse source
This commit is contained in:
Conrad Kramer 2026-04-19 00:56:35 -07:00
parent 824bbd9d67
commit b70b62dfef
3 changed files with 7 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Scripts/authentik-sync-linear-saml.sh
View file

@ -294,8 +294,8 @@ existing_application="$(
)" )"
if [[ -n "$existing_application" ]]; then if [[ -n "$existing_application" ]]; then
application_pk="$(printf '%s\n' "$existing_application" | jq -r '.pk')" application_pk="existing"
api PATCH "/api/v3/core/applications/${application_pk}/" "$application_payload" >/dev/null api PATCH "/api/v3/core/applications/${application_slug}/" "$application_payload" >/dev/null
else else
create_application_result="$( create_application_result="$(
api_with_status POST "/api/v3/core/applications/" "$application_payload" api_with_status POST "/api/v3/core/applications/" "$application_payload"

7
Scripts/authentik-sync-linear-scim.sh
View file

@ -278,12 +278,7 @@ application_payload="$(
policy_engine_mode: .policy_engine_mode policy_engine_mode: .policy_engine_mode
}' }'
)" )"
application_pk="$(printf '%s\n' "$application" | jq -r '.pk // empty')" api PATCH "/api/v3/core/applications/${application_slug}/" "$application_payload" >/dev/null
if [[ -z "$application_pk" ]]; then
echo "error: could not resolve Authentik application primary key for ${application_slug}" >&2
exit 1
fi
api PATCH "/api/v3/core/applications/${application_pk}/" "$application_payload" >/dev/null
group_pks_json="$(jq -cn --arg owner "$owner_group_pk" --arg admin "$admin_group_pk" --arg guest "$guest_group_pk" '[$owner, $admin, $guest]')" group_pks_json="$(jq -cn --arg owner "$owner_group_pk" --arg admin "$admin_group_pk" --arg guest "$guest_group_pk" '[$owner, $admin, $guest]')"
user_pks_json="$( user_pks_json="$(

8
nixos/modules/burrow-zulip.nix
View file

@ -385,8 +385,8 @@ EOF
bootstrap_realm_if_needed() { bootstrap_realm_if_needed() {
local realm_exists local realm_exists
realm_exists="$( realm_exists="$(
compose run --rm -T --entrypoint bash zulip -lc \ compose run --rm -T -u zulip --entrypoint bash zulip -lc \
"su zulip -c '/home/zulip/deployments/current/manage.py list_realms'" \ "/home/zulip/deployments/current/manage.py list_realms" \
| awk '$NF == "https://${cfg.domain}" { print "yes" }' | awk '$NF == "https://${cfg.domain}" { print "yes" }'
)" )"
@ -398,8 +398,8 @@ EOF
export ZULIP_ADMIN_EMAIL=${lib.escapeShellArg cfg.administratorEmail} export ZULIP_ADMIN_EMAIL=${lib.escapeShellArg cfg.administratorEmail}
export ZULIP_OWNER_NAME=${lib.escapeShellArg cfg.realmOwnerName} export ZULIP_OWNER_NAME=${lib.escapeShellArg cfg.realmOwnerName}
compose run --rm -T --entrypoint bash zulip -lc ' compose run --rm -T -u zulip --entrypoint bash zulip -lc '
su zulip -c "/home/zulip/deployments/current/manage.py create_realm --string-id= --password-file /data/secrets/bootstrap-owner-password --automated \"$ZULIP_REALM_NAME\" \"$ZULIP_ADMIN_EMAIL\" \"$ZULIP_OWNER_NAME\"" /home/zulip/deployments/current/manage.py create_realm --string-id= --password-file /data/secrets/bootstrap-owner-password --automated "$ZULIP_REALM_NAME" "$ZULIP_ADMIN_EMAIL" "$ZULIP_OWNER_NAME"
' '
} }