admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(setup): hub mode triggers setup wizard with infra backup restore

Browse Source 
docker-setup.sh --hub-customer now generates a minimal controller.yaml
(no customer.id) instead of installing full hub config, triggering the
setup wizard on first run. Hub credentials are passed via env vars
(FELHOM_SETUP_CUSTOMER_ID, FELHOM_SETUP_PASSWORD) so the wizard
auto-fills and auto-processes Hub API calls.

Welcome page shows three options in hub mode: restore from Hub (primary),
restore from local drives, or fresh install. On error, falls back to
manual form with error displayed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
authentik Default Admin
2026-02-26 13:58:31 +01:00
parent 5f423b6510
commit 1e8a562bd3
6 changed files with 272 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/README.md
+24 -4
View File
@@ -94,16 +94,17 @@ The script supports three mutually exclusive TLS modes:
### Hub mode
When both `--hub-customer` and `--hub-password` are provided, the script downloads a
pre-configured `controller.yaml` from the Felhom Hub **before any infra setup begins**,
then extracts the stored values to auto-configure everything — no additional flags needed:
When both `--hub-customer` and `--hub-password` are provided, the script downloads the
customer's config from the Felhom Hub **before any infra setup begins** to extract
infrastructure variables (domain, email, CF tokens), then generates a **minimal**
`controller.yaml` without `customer.id` — triggering the setup wizard on first run.
```
GET https://hub.felhom.eu/api/v1/config/{customer_id}
Header: X-Retrieval-Password: {password}
```
The downloaded config is parsed early in the run and populates:
The downloaded config is parsed early and populates infrastructure variables:
| Extracted field | Used for |
|-----------------|----------|
@@ -114,6 +115,25 @@ The downloaded config is parsed early in the run and populates:
CLI flags always take precedence — passing `--domain` overrides the hub value.
The hub credentials are passed to the controller via environment variables
(`FELHOM_SETUP_CUSTOMER_ID`, `FELHOM_SETUP_PASSWORD`) so the setup wizard auto-fills
them. On first access, the wizard offers three choices:
1. **Restore from Hub** — downloads infra backup (settings, encryption keys, restic
passwords, disk layout) and restores everything. Credentials are auto-processed.
2. **Restore from local drive** — scans connected drives for `.felhom-infra-backup/`.
3. **Fresh install** — downloads config only, starts with clean settings.
```
docker-setup.sh --hub-customer demo-felhom --hub-password xxx
→ downloads config for infra vars (domain, CF tokens)
→ generates minimal controller.yaml (no customer.id)
→ passes hub credentials via env vars
→ controller starts in setup mode
→ user opens http://<ip>:8081
→ setup wizard: restore / local scan / fresh install
```
On failure (wrong credentials, network error):
- Script exits immediately with the HTTP status code and the failing URL
- Nothing is installed