|
|
162fe3339f
|
fix: pin Jenkins OIDC realm via JCasC
|
2025-12-16 20:04:21 -03:00 |
|
|
|
fc858fc8df
|
ci: seed harbor-arm-build pipeline in Jenkins
|
2025-12-16 19:26:46 -03:00 |
|
|
|
8b9fc8ff1c
|
chore: remove zot stack
|
2025-12-16 14:10:04 -03:00 |
|
|
|
3066db793d
|
harbor: bootstrap arm64 images on titan-05
|
2025-12-16 11:16:34 -03:00 |
|
|
|
759a77c745
|
harbor: run arm64 images on rpi workers
|
2025-12-16 03:22:01 -03:00 |
|
|
|
144a860a88
|
harbor: use project paths for crypto/pegasus images
|
2025-12-16 00:15:22 -03:00 |
|
|
|
bd64a36165
|
registry: point workloads to harbor
|
2025-12-16 00:08:11 -03:00 |
|
|
|
22b611f8ea
|
harbor: set redis affinity to amd64 titan-22 first
|
2025-12-15 23:14:26 -03:00 |
|
|
|
a8bde2edc7
|
harbor: pin to amd64, prefer titan-22
|
2025-12-15 23:02:58 -03:00 |
|
|
|
d51a19cab9
|
harbor: prefer rpi nodes
|
2025-12-15 23:00:11 -03:00 |
|
|
|
3e3cab6845
|
harbor: increase helm timeout
|
2025-12-15 22:32:29 -03:00 |
|
|
|
9cda32c0bf
|
harbor: use astreae storageclass for pvc
|
2025-12-15 22:22:48 -03:00 |
|
|
|
0f49849761
|
Regenerate dashboards after availability thresholds tweak
|
2025-12-15 22:14:26 -03:00 |
|
|
|
252743e416
|
harbor: use existing secrets and correct admin key
|
2025-12-15 22:08:52 -03:00 |
|
|
|
dba7cf00a4
|
harbor: deploy chart via flux
|
2025-12-15 22:05:40 -03:00 |
|
|
|
aa2bb09873
|
zot: allow upstream basic auth from oauth2-proxy
|
2025-12-15 14:22:48 -03:00 |
|
|
|
54406661f2
|
zot: forward authorization header to ui
|
2025-12-15 14:14:49 -03:00 |
|
|
|
caef505677
|
zot ui: send basic creds from oauth2-proxy, remove traefik header
|
2025-12-15 14:08:18 -03:00 |
|
|
|
54eb9e1ac5
|
zot: restore UI basic header middleware
|
2025-12-15 14:01:18 -03:00 |
|
|
|
1899bb7677
|
zot: move basic auth to oauth2-proxy upstream
|
2025-12-15 13:53:53 -03:00 |
|
|
|
0416493f49
|
zot: fix htpasswd volume to avoid type conflict
|
2025-12-15 13:00:51 -03:00 |
|
|
|
b87f06f6ff
|
zot: add oauth proxy and user sync scripts
|
2025-12-15 12:57:02 -03:00 |
|
|
|
828f66d18c
|
gitea: enable OIDC auto-registration
|
2025-12-14 23:08:38 -03:00 |
|
|
|
7a1f3bfc3f
|
gitea: add proxy/session headers for OIDC
|
2025-12-14 22:25:46 -03:00 |
|
|
|
294542e718
|
gitea: reference secret via env; remove secret file
|
2025-12-14 22:16:49 -03:00 |
|
|
|
c3a8c7ddae
|
gitea: remove committed secret and env refs
|
2025-12-14 22:10:13 -03:00 |
|
|
|
29da4be557
|
gitea: pin secret/internal token and include secret manifest
|
2025-12-14 22:06:25 -03:00 |
|
|
|
fc5b0cccf8
|
gitea: drop required claim constraint on keycloak auth
|
2025-12-14 21:58:36 -03:00 |
|
|
|
c8b89c3120
|
gitea: enforce keycloak auth source via init container
|
2025-12-14 21:54:18 -03:00 |
|
|
|
9b994111cb
|
gitea: remove bootstrap job (immutable error)
|
2025-12-14 21:49:07 -03:00 |
|
|
|
a174e451d9
|
gitea: fix bootstrap job immutability
|
2025-12-14 21:47:50 -03:00 |
|
|
|
d8dab08cd8
|
gitea: set trace logging for oidc
|
2025-12-14 21:44:43 -03:00 |
|
|
|
0d93929e3d
|
gitea: relax required signin, set admin group+skip 2fa
|
2025-12-14 21:42:08 -03:00 |
|
|
|
2ffc906487
|
gitea: enable debug logging for oauth
|
2025-12-14 21:38:32 -03:00 |
|
|
|
37761fa118
|
jenkins: fix OIDC retriever null
|
2025-12-14 21:23:15 -03:00 |
|
|
|
a46226bb0a
|
ci: enable oidc for jenkins/gitops/gitea
|
2025-12-14 20:58:57 -03:00 |
|
|
|
04602a2914
|
jenkins: auto-configure OIDC via init script
|
2025-12-14 19:22:47 -03:00 |
|
|
|
fc0fa59981
|
jenkins: drop JCasC OIDC script to unblock startup
|
2025-12-14 18:10:49 -03:00 |
|
|
|
0286f4f317
|
jenkins: restore plugin list without pinned versions
|
2025-12-14 17:59:48 -03:00 |
|
|
|
90bf1f7d8e
|
jenkins: start without plugin installs to unblock bootstrap
|
2025-12-14 16:02:05 -03:00 |
|
|
|
6def1aa479
|
jenkins: use latest plugin versions to avoid 404
|
2025-12-14 16:00:45 -03:00 |
|
|
|
4eff9ebcc1
|
jenkins: add helm release with ingress + astreae storage
|
2025-12-14 15:57:42 -03:00 |
|
|
|
ccfc473521
|
cleanup: stop tracking extra md files; switch gitops cert to letsencrypt
|
2025-12-14 15:52:12 -03:00 |
|
|
|
b28e393524
|
gitops-ui: open ingress for acme solver
|
2025-12-14 15:14:11 -03:00 |
|
|
|
694bb4d12e
|
gitops-ui: allow acme solver from kube-system traefik
|
2025-12-14 15:12:38 -03:00 |
|
|
|
6993f51ef7
|
gitops-ui: allow acme solver ingress from traefik
|
2025-12-14 15:08:44 -03:00 |
|
|
|
85cea34fe8
|
gitops-ui: cert + switch flux to feature/ci-gitops
|
2025-12-14 15:04:13 -03:00 |
|
|
|
1a161b4d3c
|
monitoring: longer data history
|
2025-12-14 14:47:20 -03:00 |
|
|
|
63bf153c8b
|
flux: add weave gitops ui
|
2025-12-14 14:38:08 -03:00 |
|
|
|
8fceebd7a7
|
nextcloud: integration with mailu & gitops-ui: initial install
|
2025-12-14 14:21:40 -03:00 |
|
