Can't log in from a fresh LXC deploy, and the service is LAN-only by
design. Rip out the whole bcrypt-password / signed-cookie session
layer: internal/auth, login templates, gen-admin-password binary +
Makefile targets, auth config block, login/logout routes and the
RequireSession middleware wrap. Agent bearer-token auth on
/api/v1/runs/{id}/* is untouched.
Operators who want a password can front the service with a reverse
proxy — noted in README and docs/operations.md.
This commit is contained in:
@@ -65,9 +65,9 @@ fi
|
||||
echo "==> installing templ ${TEMPL_VERSION}"
|
||||
GOBIN=/usr/local/bin go install "github.com/a-h/templ/cmd/templ@${TEMPL_VERSION}"
|
||||
|
||||
echo "==> building orchestrator + gen-admin-password"
|
||||
echo "==> building orchestrator (make orchestrator-linux)"
|
||||
cd "${SRC_DIR}"
|
||||
make orchestrator-linux gen-admin-password-linux
|
||||
make orchestrator-linux
|
||||
|
||||
echo "==> running deploy/install.sh"
|
||||
bash deploy/install.sh --binary "bin/vetting-linux-amd64"
|
||||
|
||||
Reference in New Issue
Block a user