|
|
0ef14c67fd
|
comms: add synapse admin ensure job
|
2026-01-27 04:48:44 -03:00 |
|
|
|
9ecdf054d3
|
vault: bootstrap k8s auth config with root token
|
2026-01-27 01:04:57 -03:00 |
|
|
|
ec834b7e0f
|
vault: allow ariadne to use vault-admin role
|
2026-01-26 22:26:13 -03:00 |
|
|
|
5e35b5f7a2
|
vault: unsuspend k8s auth config cronjob
|
2026-01-22 04:47:50 -03:00 |
|
|
|
94953ab0fe
|
jenkins: sync harbor pull secret from vault
|
2026-01-22 04:45:24 -03:00 |
|
|
|
ba2b9acbcc
|
jenkins: use shared harbor creds when present
|
2026-01-22 03:15:38 -03:00 |
|
|
|
0efc1ed6c4
|
ariadne: split portal and ariadne db secrets
|
2026-01-21 03:39:17 -03:00 |
|
|
|
439d824300
|
vault: allow ariadne to read needed secrets
|
2026-01-21 03:21:01 -03:00 |
|
|
|
1fedb5ecbe
|
maintenance: wire ariadne db and dashboards
|
2026-01-20 23:03:39 -03:00 |
|
|
|
e2e7e58f32
|
maintenance: extend Ariadne schedules and RBAC
|
2026-01-20 03:01:59 -03:00 |
|
|
|
61619ddf77
|
fix: allow maintenance vault sync role
|
2026-01-19 19:07:00 -03:00 |
|
|
|
ff3ed195ac
|
chore: centralize harbor pull credentials
|
2026-01-19 19:02:14 -03:00 |
|
|
|
bb41c219f6
|
feat: add Ariadne service and glue scheduling
|
2026-01-19 16:58:02 -03:00 |
|
|
|
35816115f8
|
vault: allow vaultwarden mailu secret
|
2026-01-19 02:23:16 -03:00 |
|
|
|
fe9132e45e
|
portal: use mailu smtp secret
|
2026-01-19 00:56:07 -03:00 |
|
|
|
343d41ecc7
|
monitoring: add glue dashboard and tag cronjobs
|
2026-01-18 02:50:07 -03:00 |
|
|
|
7cd2f3c587
|
vault: allow portal to read postmark relay
|
2026-01-18 01:17:52 -03:00 |
|
|
|
728f2cd2ee
|
vault: pin cronjobs to service IP
|
2026-01-17 03:17:36 -03:00 |
|
|
|
ef5ac62544
|
vault: make retry helper resilient
|
2026-01-17 03:09:33 -03:00 |
|
|
|
a9c2d3c5e8
|
vault: retry vault cli operations
|
2026-01-17 03:00:25 -03:00 |
|
|
|
9a3c3a3d3e
|
vault: retry status checks in config jobs
|
2026-01-17 02:49:25 -03:00 |
|
|
|
62fa6ef371
|
finance: seed vault secrets
|
2026-01-17 00:54:49 -03:00 |
|
|
|
3e3061fe5b
|
finance: add actual budget and firefly
|
2026-01-16 23:52:56 -03:00 |
|
|
|
401df4d68c
|
longhorn: use harbor mirrors and vault pull secret
|
2026-01-16 17:31:29 -03:00 |
|
|
|
9f3d2db63d
|
platform: add cert-manager and align postgres vault path
|
2026-01-16 11:14:48 -03:00 |
|
|
|
5cd196e043
|
vault/keycloak: restore kv access and wger sync rbac
|
2026-01-16 03:46:07 -03:00 |
|
|
|
8ad9f0a664
|
vault: allow admin kv browse
|
2026-01-16 03:20:32 -03:00 |
|
|
|
f5231d282b
|
vault: allow UI mount listing for admins
|
2026-01-16 02:06:31 -03:00 |
|
|
|
bb1bf3c017
|
fix ingress tls routing
|
2026-01-16 01:40:50 -03:00 |
|
|
|
5899c9acb3
|
vault: allow admin policy to update shared secrets
|
2026-01-15 04:17:14 -03:00 |
|
|
|
c30f1fc587
|
vault: allow sso role to read portal admin secret
|
2026-01-15 03:46:58 -03:00 |
|
|
|
feb9d6997c
|
vault: prepopulate oidc job
|
2026-01-15 02:22:52 -03:00 |
|
|
|
9e6673d02e
|
vault: default oidc claims type
|
2026-01-15 02:20:53 -03:00 |
|
|
|
d69545cdb5
|
vault: harden oidc claims type
|
2026-01-15 02:18:50 -03:00 |
|
|
|
756a1af2e6
|
vault: allow oidc tuning
|
2026-01-15 02:16:55 -03:00 |
|
|
|
74a2b3e28d
|
vault: use static token reviewer
|
2026-01-15 02:14:08 -03:00 |
|
|
|
e885c7d6ce
|
vault: allow vault-admin token review
|
2026-01-15 02:09:34 -03:00 |
|
|
|
86c9951cc4
|
vault: add admin role for config jobs
|
2026-01-15 02:06:28 -03:00 |
|
|
|
85c3d9c2f7
|
vault: finalize sidecar migration
|
2026-01-15 01:52:24 -03:00 |
|
|
|
82090c1953
|
vault: read oidc config from vault
|
2026-01-14 23:20:04 -03:00 |
|
|
|
bb9a4e6d8b
|
longhorn: read oauth2-proxy secrets from vault
|
2026-01-14 17:48:12 -03:00 |
|
|
|
fb671865e5
|
vault: inject remaining services with wrappers
|
2026-01-14 17:29:09 -03:00 |
|
|
|
89f4b0dbdf
|
vault: stabilize injector templates and add health apps
|
2026-01-14 13:40:29 -03:00 |
|
|
|
b1f9df4d83
|
vault: sync harbor pulls
|
2026-01-14 10:07:31 -03:00 |
|
|
|
b8e50bb0a6
|
monitoring: move grafana smtp to vault
|
2026-01-14 06:41:34 -03:00 |
|
|
|
37302664c2
|
vault: add remaining secret syncs
|
2026-01-14 06:16:42 -03:00 |
|
|
|
de3db3133b
|
vault(consumption): sync secrets via CSI
|
2026-01-14 05:07:23 -03:00 |
|
|
|
8d526e383f
|
vault: send oidc role payload as json
|
2026-01-14 03:45:03 -03:00 |
|
|
|
4111fb079f
|
vault: write bound_claims as file
|
2026-01-14 02:56:29 -03:00 |
|
|
|
fd2ae6bdd5
|
vault: wire more services to CSI
|
2026-01-14 02:54:59 -03:00 |
|
