Closed patrick-GH closed 6 months ago
Could you provide the following from psql: \d
, \dn
, \l
(only the authentik line)
Didn't realize the rest of the data didn't get added
authentikdb=# \d
List of relations
Schema | Name | Type | Owner
--------+-----------------------------------------------------------------+----------+-----------
public | auth_group | table | authentik
public | auth_group_id_seq | sequence | authentik
public | auth_group_permissions | table | authentik
public | auth_group_permissions_id_seq | sequence | authentik
public | auth_permission | table | authentik
public | auth_permission_id_seq | sequence | authentik
public | authentik_blueprints_blueprintinstance | table | authentik
public | authentik_brands_brand | table | authentik
public | authentik_core_application | table | authentik
public | authentik_core_authenticatedsession | table | authentik
public | authentik_core_group | table | authentik
public | authentik_core_group_roles | table | authentik
public | authentik_core_group_roles_id_seq | sequence | authentik
public | authentik_core_propertymapping | table | authentik
public | authentik_core_provider | table | authentik
public | authentik_core_provider_id_seq | sequence | authentik
public | authentik_core_provider_property_mappings | table | authentik
public | authentik_core_provider_property_mappings_id_seq | sequence | authentik
public | authentik_core_source | table | authentik
public | authentik_core_source_property_mappings | table | authentik
public | authentik_core_source_property_mappings_id_seq | sequence | authentik
public | authentik_core_token | table | authentik
public | authentik_core_user | table | authentik
public | authentik_core_user_ak_groups | table | authentik
public | authentik_core_user_groups | table | authentik
public | authentik_core_user_groups_id_seq | sequence | authentik
public | authentik_core_user_id_seq | sequence | authentik
public | authentik_core_user_pb_groups_id_seq | sequence | authentik
public | authentik_core_user_user_permissions | table | authentik
public | authentik_core_user_user_permissions_id_seq | sequence | authentik
public | authentik_core_usersourceconnection | table | authentik
public | authentik_core_usersourceconnection_id_seq | sequence | authentik
public | authentik_crypto_certificatekeypair | table | authentik
public | authentik_enterprise_license | table | authentik
public | authentik_enterprise_licenseusage | table | authentik
public | authentik_events_event | table | authentik
public | authentik_events_notification | table | authentik
public | authentik_events_notificationrule | table | authentik
public | authentik_events_notificationrule_transports | table | authentik
public | authentik_events_notificationrule_transports_id_seq | sequence | authentik
public | authentik_events_notificationtransport | table | authentik
public | authentik_events_notificationwebhookmapping | table | authentik
public | authentik_events_systemtask | table | authentik
public | authentik_flows_flow | table | authentik
public | authentik_flows_flowstagebinding | table | authentik
public | authentik_flows_flowtoken | table | authentik
public | authentik_flows_stage | table | authentik
public | authentik_install_id | table | authentik
public | authentik_outposts_dockerserviceconnection | table | authentik
public | authentik_outposts_kubernetesserviceconnection | table | authentik
public | authentik_outposts_outpost | table | authentik
public | authentik_outposts_outpost_providers | table | authentik
public | authentik_outposts_outpost_providers_id_seq | sequence | authentik
public | authentik_outposts_outpostserviceconnection | table | authentik
public | authentik_policies_dummy_dummypolicy | table | authentik
public | authentik_policies_event_matcher_eventmatcherpolicy | table | authentik
public | authentik_policies_expiry_passwordexpirypolicy | table | authentik
public | authentik_policies_expression_expressionpolicy | table | authentik
public | authentik_policies_password_passwordpolicy | table | authentik
public | authentik_policies_policy | table | authentik
public | authentik_policies_policybinding | table | authentik
public | authentik_policies_policybindingmodel | table | authentik
public | authentik_policies_reputation_reputation | table | authentik
public | authentik_policies_reputation_reputationpolicy | table | authentik
public | authentik_providers_ldap_ldapprovider | table | authentik
public | authentik_providers_oauth2_accesstoken | table | authentik
public | authentik_providers_oauth2_accesstoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_authorizationcode | table | authentik
public | authentik_providers_oauth2_authorizationcode_id_seq | sequence | authentik
public | authentik_providers_oauth2_devicetoken | table | authentik
public | authentik_providers_oauth2_devicetoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_oauth2provider | table | authentik
public | authentik_providers_oauth2_oauth2provider_jwks_sources | table | authentik
public | authentik_providers_oauth2_oauth2provider_jwks_sources_id_seq | sequence | authentik
public | authentik_providers_oauth2_refreshtoken | table | authentik
public | authentik_providers_oauth2_refreshtoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_scopemapping | table | authentik
public | authentik_providers_proxy_proxyprovider | table | authentik
public | authentik_providers_rac_connectiontoken | table | authentik
public | authentik_providers_rac_endpoint | table | authentik
public | authentik_providers_rac_endpoint_property_mappings | table | authentik
public | authentik_providers_rac_endpoint_property_mappings_id_seq | sequence | authentik
public | authentik_providers_rac_racpropertymapping | table | authentik
public | authentik_providers_rac_racprovider | table | authentik
public | authentik_providers_radius_radiusprovider | table | authentik
public | authentik_providers_saml_samlpropertymapping | table | authentik
public | authentik_providers_saml_samlprovider | table | authentik
public | authentik_providers_scim_scimgroup | table | authentik
public | authentik_providers_scim_scimmapping | table | authentik
public | authentik_providers_scim_scimprovider | table | authentik
public | authentik_providers_scim_scimprovider_property_mappings__id_seq | sequence | authentik
public | authentik_providers_scim_scimprovider_property_mappings_group | table | authentik
public | authentik_providers_scim_scimuser | table | authentik
public | authentik_rbac_role | table | authentik
public | authentik_sources_ldap_ldappropertymapping | table | authentik
public | authentik_sources_ldap_ldapsource | table | authentik
public | authentik_sources_ldap_ldapsource_property_mappings_grou_id_seq | sequence | authentik
public | authentik_sources_ldap_ldapsource_property_mappings_group | table | authentik
public | authentik_sources_oauth_oauthsource | table | authentik
public | authentik_sources_oauth_useroauthsourceconnection | table | authentik
public | authentik_sources_plex_plexsource | table | authentik
public | authentik_sources_plex_plexsourceconnection | table | authentik
public | authentik_sources_saml_samlsource | table | authentik
public | authentik_sources_saml_usersamlsourceconnection | table | authentik
public | authentik_stages_authenticator_duo_authenticatorduostage | table | authentik
public | authentik_stages_authenticator_duo_duodevice | table | authentik
public | authentik_stages_authenticator_duo_duodevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_sms_authenticatorsmsstage | table | authentik
public | authentik_stages_authenticator_sms_smsdevice | table | authentik
public | authentik_stages_authenticator_sms_smsdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_static_authenticatorstaticstage | table | authentik
public | authentik_stages_authenticator_static_staticdevice | table | authentik
public | authentik_stages_authenticator_static_staticdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_static_statictoken | table | authentik
public | authentik_stages_authenticator_static_statictoken_id_seq | sequence | authentik
public | authentik_stages_authenticator_totp_authenticatortotpstage | table | authentik
public | authentik_stages_authenticator_totp_totpdevice | table | authentik
public | authentik_stages_authenticator_totp_totpdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_validate_authenticatorval_id_seq | sequence | authentik
public | authentik_stages_authenticator_validate_authenticatorvalida3e25 | table | authentik
public | authentik_stages_authenticator_validate_authenticatorvalida499c | table | authentik
public | authentik_stages_authenticator_webauthn_authenticatewebauth4bbe | table | authentik
public | authentik_stages_authenticator_webauthn_webauthndevice | table | authentik
public | authentik_stages_authenticator_webauthn_webauthndevice_id_seq | sequence | authentik
public | authentik_stages_captcha_captchastage | table | authentik
public | authentik_stages_consent_consentstage | table | authentik
public | authentik_stages_consent_userconsent | table | authentik
public | authentik_stages_consent_userconsent_id_seq | sequence | authentik
public | authentik_stages_deny_denystage | table | authentik
public | authentik_stages_dummy_dummystage | table | authentik
public | authentik_stages_email_emailstage | table | authentik
public | authentik_stages_identification_identificationstage | table | authentik
public | authentik_stages_identification_identificationstage_sour_id_seq | sequence | authentik
public | authentik_stages_identification_identificationstage_sources | table | authentik
public | authentik_stages_invitation_invitation | table | authentik
public | authentik_stages_invitation_invitationstage | table | authentik
public | authentik_stages_password_passwordstage | table | authentik
public | authentik_stages_prompt_prompt | table | authentik
public | authentik_stages_prompt_promptstage | table | authentik
public | authentik_stages_prompt_promptstage_fields | table | authentik
public | authentik_stages_prompt_promptstage_fields_id_seq | sequence | authentik
public | authentik_stages_prompt_promptstage_validation_policies | table | authentik
public | authentik_stages_prompt_promptstage_validation_policies_id_seq | sequence | authentik
public | authentik_stages_user_delete_userdeletestage | table | authentik
public | authentik_stages_user_login_userloginstage | table | authentik
public | authentik_stages_user_logout_userlogoutstage | table | authentik
public | authentik_stages_user_write_userwritestage | table | authentik
public | django_content_type | table | authentik
public | django_content_type_id_seq | sequence | authentik
public | django_migrations | table | authentik
public | django_migrations_id_seq | sequence | authentik
public | django_session | table | authentik
public | guardian_groupobjectpermission | table | authentik
public | guardian_groupobjectpermission_id_seq | sequence | authentik
public | guardian_userobjectpermission | table | authentik
public | guardian_userobjectpermission_id_seq | sequence | authentik
(156 rows)
authentikdb=# \dn
List of schemas
Name | Owner
--------+-------
public | admin
(1 row)
Name | Owner | Encoding | Collate | Ctype | Access privileges
-------------+-------+----------+------------+------------+-------------------
authentikdb | admin | UTF8 | en_US.utf8 | en_US.utf8 | =Tc/admin +
| | | | | admin=CTc/admin +
| | | | | authentik=c/admin
Experiencing the same problem on my unraid after updating to 2024.2.1 PostgreSQL v15.6
It looks to be related to the breaking change of renaming tenants to brands.
authentik=# \d
List of relations
Schema | Name | Type | Owner
--------+-----------------------------------------------------------------+----------+-----------
public | auth_group | table | authentik
public | auth_group_id_seq | sequence | authentik
public | auth_group_permissions | table | authentik
public | auth_group_permissions_id_seq | sequence | authentik
public | auth_permission | table | authentik
public | auth_permission_id_seq | sequence | authentik
public | authentik_blueprints_blueprintinstance | table | authentik
public | authentik_brands_brand | table | authentik
public | authentik_core_application | table | authentik
public | authentik_core_authenticatedsession | table | authentik
public | authentik_core_group | table | authentik
public | authentik_core_group_roles | table | authentik
public | authentik_core_group_roles_id_seq | sequence | authentik
public | authentik_core_propertymapping | table | authentik
public | authentik_core_provider | table | authentik
public | authentik_core_provider_id_seq | sequence | authentik
public | authentik_core_provider_property_mappings | table | authentik
public | authentik_core_provider_property_mappings_id_seq | sequence | authentik
public | authentik_core_source | table | authentik
public | authentik_core_source_property_mappings | table | authentik
public | authentik_core_source_property_mappings_id_seq | sequence | authentik
public | authentik_core_token | table | authentik
public | authentik_core_user | table | authentik
public | authentik_core_user_ak_groups | table | authentik
public | authentik_core_user_groups | table | authentik
public | authentik_core_user_groups_id_seq | sequence | authentik
public | authentik_core_user_id_seq | sequence | authentik
public | authentik_core_user_pb_groups_id_seq | sequence | authentik
public | authentik_core_user_user_permissions | table | authentik
public | authentik_core_user_user_permissions_id_seq | sequence | authentik
public | authentik_core_usersourceconnection | table | authentik
public | authentik_core_usersourceconnection_id_seq | sequence | authentik
public | authentik_crypto_certificatekeypair | table | authentik
public | authentik_enterprise_license | table | authentik
public | authentik_enterprise_licenseusage | table | authentik
public | authentik_events_event | table | authentik
public | authentik_events_notification | table | authentik
public | authentik_events_notificationrule | table | authentik
public | authentik_events_notificationrule_transports | table | authentik
public | authentik_events_notificationrule_transports_id_seq | sequence | authentik
public | authentik_events_notificationtransport | table | authentik
public | authentik_events_notificationwebhookmapping | table | authentik
public | authentik_events_systemtask | table | authentik
public | authentik_flows_flow | table | authentik
public | authentik_flows_flowstagebinding | table | authentik
public | authentik_flows_flowtoken | table | authentik
public | authentik_flows_stage | table | authentik
public | authentik_install_id | table | authentik
public | authentik_outposts_dockerserviceconnection | table | authentik
public | authentik_outposts_kubernetesserviceconnection | table | authentik
public | authentik_outposts_outpost | table | authentik
public | authentik_outposts_outpost_providers | table | authentik
public | authentik_outposts_outpost_providers_id_seq | sequence | authentik
public | authentik_outposts_outpostserviceconnection | table | authentik
public | authentik_policies_dummy_dummypolicy | table | authentik
public | authentik_policies_event_matcher_eventmatcherpolicy | table | authentik
public | authentik_policies_expiry_passwordexpirypolicy | table | authentik
public | authentik_policies_expression_expressionpolicy | table | authentik
public | authentik_policies_password_passwordpolicy | table | authentik
public | authentik_policies_policy | table | authentik
public | authentik_policies_policybinding | table | authentik
public | authentik_policies_policybindingmodel | table | authentik
public | authentik_policies_reputation_reputation | table | authentik
public | authentik_policies_reputation_reputationpolicy | table | authentik
public | authentik_providers_ldap_ldapprovider | table | authentik
public | authentik_providers_oauth2_accesstoken | table | authentik
public | authentik_providers_oauth2_accesstoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_authorizationcode | table | authentik
public | authentik_providers_oauth2_authorizationcode_id_seq | sequence | authentik
public | authentik_providers_oauth2_devicetoken | table | authentik
public | authentik_providers_oauth2_devicetoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_oauth2provider | table | authentik
public | authentik_providers_oauth2_oauth2provider_jwks_sources | table | authentik
public | authentik_providers_oauth2_oauth2provider_jwks_sources_id_seq | sequence | authentik
public | authentik_providers_oauth2_refreshtoken | table | authentik
public | authentik_providers_oauth2_refreshtoken_id_seq | sequence | authentik
public | authentik_providers_oauth2_scopemapping | table | authentik
public | authentik_providers_proxy_proxyprovider | table | authentik
public | authentik_providers_rac_connectiontoken | table | authentik
public | authentik_providers_rac_endpoint | table | authentik
public | authentik_providers_rac_endpoint_property_mappings | table | authentik
public | authentik_providers_rac_endpoint_property_mappings_id_seq | sequence | authentik
public | authentik_providers_rac_racpropertymapping | table | authentik
public | authentik_providers_rac_racprovider | table | authentik
public | authentik_providers_radius_radiusprovider | table | authentik
public | authentik_providers_saml_samlpropertymapping | table | authentik
public | authentik_providers_saml_samlprovider | table | authentik
public | authentik_providers_scim_scimgroup | table | authentik
public | authentik_providers_scim_scimmapping | table | authentik
public | authentik_providers_scim_scimprovider | table | authentik
public | authentik_providers_scim_scimprovider_property_mappings__id_seq | sequence | authentik
public | authentik_providers_scim_scimprovider_property_mappings_group | table | authentik
public | authentik_providers_scim_scimuser | table | authentik
public | authentik_rbac_role | table | authentik
public | authentik_sources_ldap_ldappropertymapping | table | authentik
public | authentik_sources_ldap_ldapsource | table | authentik
public | authentik_sources_ldap_ldapsource_property_mappings_grou_id_seq | sequence | authentik
public | authentik_sources_ldap_ldapsource_property_mappings_group | table | authentik
public | authentik_sources_oauth_oauthsource | table | authentik
public | authentik_sources_oauth_useroauthsourceconnection | table | authentik
public | authentik_sources_plex_plexsource | table | authentik
public | authentik_sources_plex_plexsourceconnection | table | authentik
public | authentik_sources_saml_samlsource | table | authentik
public | authentik_sources_saml_usersamlsourceconnection | table | authentik
public | authentik_stages_authenticator_duo_authenticatorduostage | table | authentik
public | authentik_stages_authenticator_duo_duodevice | table | authentik
public | authentik_stages_authenticator_duo_duodevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_sms_authenticatorsmsstage | table | authentik
public | authentik_stages_authenticator_sms_smsdevice | table | authentik
public | authentik_stages_authenticator_sms_smsdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_static_authenticatorstaticstage | table | authentik
public | authentik_stages_authenticator_static_staticdevice | table | authentik
public | authentik_stages_authenticator_static_staticdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_static_statictoken | table | authentik
public | authentik_stages_authenticator_static_statictoken_id_seq | sequence | authentik
public | authentik_stages_authenticator_totp_authenticatortotpstage | table | authentik
public | authentik_stages_authenticator_totp_totpdevice | table | authentik
public | authentik_stages_authenticator_totp_totpdevice_id_seq | sequence | authentik
public | authentik_stages_authenticator_validate_authenticatorval_id_seq | sequence | authentik
public | authentik_stages_authenticator_validate_authenticatorvalida3e25 | table | authentik
public | authentik_stages_authenticator_validate_authenticatorvalida499c | table | authentik
public | authentik_stages_authenticator_webauthn_authenticatewebauth4bbe | table | authentik
public | authentik_stages_authenticator_webauthn_webauthndevice | table | authentik
public | authentik_stages_authenticator_webauthn_webauthndevice_id_seq | sequence | authentik
public | authentik_stages_captcha_captchastage | table | authentik
public | authentik_stages_consent_consentstage | table | authentik
public | authentik_stages_consent_userconsent | table | authentik
public | authentik_stages_consent_userconsent_id_seq | sequence | authentik
public | authentik_stages_deny_denystage | table | authentik
public | authentik_stages_dummy_dummystage | table | authentik
public | authentik_stages_email_emailstage | table | authentik
public | authentik_stages_identification_identificationstage | table | authentik
public | authentik_stages_identification_identificationstage_sour_id_seq | sequence | authentik
public | authentik_stages_identification_identificationstage_sources | table | authentik
public | authentik_stages_invitation_invitation | table | authentik
public | authentik_stages_invitation_invitationstage | table | authentik
public | authentik_stages_password_passwordstage | table | authentik
public | authentik_stages_prompt_prompt | table | authentik
public | authentik_stages_prompt_promptstage | table | authentik
public | authentik_stages_prompt_promptstage_fields | table | authentik
public | authentik_stages_prompt_promptstage_fields_id_seq | sequence | authentik
public | authentik_stages_prompt_promptstage_validation_policies | table | authentik
public | authentik_stages_prompt_promptstage_validation_policies_id_seq | sequence | authentik
public | authentik_stages_user_delete_userdeletestage | table | authentik
public | authentik_stages_user_login_userloginstage | table | authentik
public | authentik_stages_user_logout_userlogoutstage | table | authentik
public | authentik_stages_user_write_userwritestage | table | authentik
public | django_content_type | table | authentik
public | django_content_type_id_seq | sequence | authentik
public | django_migrations | table | authentik
public | django_migrations_id_seq | sequence | authentik
public | django_session | table | authentik
public | guardian_groupobjectpermission | table | authentik
public | guardian_groupobjectpermission_id_seq | sequence | authentik
public | guardian_userobjectpermission | table | authentik
public | guardian_userobjectpermission_id_seq | sequence | authentik
(156 rows)
authentik=# \dn
List of schemas
Name | Owner
--------+-------------------
public | pg_database_owner
(1 row)
authentik=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | ICU Locale | Locale Provider | Access privileges
-----------+-----------+----------+------------+------------+------------+-----------------+-------------------------
authentik | matic_dba | UTF8 | en_US.utf8 | en_US.utf8 | | libc |
It seems that the user authentik is using to connect to Postgres does not have permissions to create/update schemas. I recommend you make it owner of the database.
@rissson Thank you, it seems that fixed it.
ALTER DATABASE authentik OWNER TO authentik;
Describe your question/ trying to upgrade authentik to the current version, however during the db migration I get
django.db.utils.ProgrammingError: permission denied for database authentikdb
I tried adding the following permissions found in another thread:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO authentik_test_user;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO authentik_test_user;
GRANT CREATE ON SCHEMA public TO authentik_test_user;
I've verified the login for my db user works, however after getting the permission denied the authentik container just stops.
Relevant info authentik: 2024.2.1 postgresql: 12.18
Logs Not sure if this is the start of it:
Version and Deployment (please complete the following information):
Additional context Add any other context about the problem here.