In 2.3 the priority of resolvers in realms was added.
You need to update the database models:
pi-manage.py db stamp 4f32a4e1bf33
pi-manage.py db upgrade
Warning
privacyIDEA 2.0 introduces many changes in database schema, so at least perform a database backup!
Be sure to stop your privacyIDEA server.
To upgrade the code enter your python virtualenv and run:
pip install --upgrade privacyidea
Read about the configuration in the The Config File.
You can use the old enckey, the old signing keys and the old database uri. The values can be found in your old ini-file as privacyideaSecretFile, privacyideaAudit.key.private, privacyideaAudit.key.public and sqlalchemy.url. Your new config file might look like this:
config_path = "/home/cornelius/tmp/pi20/etc/privacyidea/"
# This is your old database URI
# Note the three slashes!
SQLALCHEMY_DATABASE_URI = "sqlite:///" + config_path + "token.sqlite"
# This is new!
SECRET_KEY = 't0p s3cr3t'
# This is new
#This is used to encrypt the admin passwords
PI_PEPPER = "Never know..."
# This is used to encrypt the token data and token passwords
# This is your old encryption key!
PI_ENCFILE = config_path + 'enckey'
# THese are your old signing keys
# This is used to sign the audit log
PI_AUDIT_KEY_PRIVATE = config_path + 'private.pem'
PI_AUDIT_KEY_PUBLIC = config_path + 'public.pem'
To verify the new configuration run:
pi-manage.py create_enckey
It should say, that the enckey already exists!
You need to upgrade the database to the new database schema:
pi-manage.py db upgrade -d lib/privacyidea/migrations
Note
In the Ubuntu package the migrations folder is located at /usr/lib/privacyidea/migrations/.
With privacyIDEA 2.0 the administrators are stored in the database. The password of the administrator is salted and also peppered, to avoid having a database administrator slip in a rogue password.
You need to create new administrator accounts:
pi-manage.py addadmin <email-address> <admin-name>
Run the server:
pi-manage.py runserver
or add it to your Apache or Nginx configuration.