|
|
8a358832f3
|
vault: fix oidc scopes parsing
|
2026-01-14 02:52:51 -03:00 |
|
|
|
c3541b72c3
|
vault: run oidc config with sh
|
2026-01-14 02:28:38 -03:00 |
|
|
|
55234f8536
|
vault: align oidc roles with keycloak
|
2026-01-14 02:24:32 -03:00 |
|
|
|
50aec198a4
|
fix: detect vault initialized state correctly
|
2026-01-14 01:42:28 -03:00 |
|
|
|
cb5796cb71
|
fix: make vault k8s auth script posix
|
2026-01-14 01:38:27 -03:00 |
|
|
|
5a9ceeab24
|
fix: run vault k8s auth config with sh
|
2026-01-14 01:35:06 -03:00 |
|
|
|
b82195f2d7
|
feat: start vault consumption for outline and planka
|
2026-01-14 01:30:41 -03:00 |
|
|
|
4a1c4766b8
|
feat: add harbor/vault oidc automation
|
2026-01-14 01:07:47 -03:00 |
|
|
|
77ecf3229e
|
vault: use dedicated service account for k8s auth
|
2025-12-25 03:43:17 -03:00 |
|
|
|
4d47e2c693
|
vault: revert ui default auth block (not supported)
|
2025-12-24 20:16:33 -03:00 |
|
|
|
cf2e4c8bb2
|
jitsi: require auth to start rooms; vault ui default oidc
|
2025-12-24 20:11:29 -03:00 |
|
|
|
dba8364c74
|
vault: probes use http VAULT_ADDR for http listener
|
2025-12-20 00:09:44 -03:00 |
|
|
|
e354f8bc3f
|
vault: keep probes HTTPS, drop ingress backend tweaks
|
2025-12-20 00:03:11 -03:00 |
|
|
|
fa977a69f4
|
vault: run http inside cluster (tls terminated at ingress)
|
2025-12-19 23:54:28 -03:00 |
|
|
|
d3ca57eabf
|
vault: backend over https with serversTransport
|
2025-12-19 23:52:19 -03:00 |
|
|
|
c2dfba67c2
|
vault: remove serversTransport, speak http to service
|
2025-12-19 23:51:32 -03:00 |
|
|
|
f243be21e6
|
vault: drop unused redirect middleware
|
2025-12-19 23:50:44 -03:00 |
|
|
|
75b62e5ae2
|
vault: add traefik redirect middleware
|
2025-12-19 23:49:34 -03:00 |
|
|
|
af3d453e86
|
vault: let traefik speak http to service
|
2025-12-19 23:48:40 -03:00 |
|
|
|
65f8b7c893
|
vault: correct serversTransport reference
|
2025-12-19 23:16:20 -03:00 |
|
|
|
303e7e770f
|
vault: traefik serversTransport must include namespace
|
2025-12-19 21:08:10 -03:00 |
|
|
|
0071f13063
|
vault: pin to worker arm64 nodes
|
2025-12-19 21:02:49 -03:00 |
|
|
|
3db523335d
|
vault: fix traefik serversTransport name
|
2025-12-19 20:58:29 -03:00 |
|
|
|
524868b05d
|
vault: fix manifest and disable mlock
|
2025-12-19 20:32:10 -03:00 |
|
|
|
7533cec0ee
|
vault: drop helm, add raw statefulset
|
2025-12-19 19:30:09 -03:00 |
|
|
|
38ab8e3364
|
standardize cert issuers to letsencrypt
|
2025-12-12 15:18:40 -03:00 |
|
|
|
20cd185c0b
|
vault: drop traefik basicauth
|
2025-12-11 17:09:05 -03:00 |
|
|
|
2f368f6975
|
zot,vault: remove oauth2-proxy sso
|
2025-12-11 17:04:19 -03:00 |
|
|
|
6c62d42f7a
|
longhorn/vault: gate via oauth2-proxy
|
2025-12-07 19:44:02 -03:00 |
|
|
|
a7e9f1f7d8
|
auth: remove error middleware to allow redirect
|
2025-12-07 13:19:45 -03:00 |
|
|
|
24fbaad040
|
auth: forward-auth via external auth host (svc traffic flaky)
|
2025-12-07 13:03:29 -03:00 |
|
|
|
4a089876ba
|
auth: use internal oauth2-proxy svc for forward-auth
|
2025-12-07 11:25:29 -03:00 |
|
|
|
20bb776625
|
auth: add 401 redirect middleware to oauth2-proxy
|
2025-12-07 11:14:25 -03:00 |
|
|
|
5e59f20bc3
|
auth: point forward-auth to external auth host
|
2025-12-07 11:09:09 -03:00 |
|
|
|
27e5c9391c
|
auth: add namespace-local forward-auth middlewares
|
2025-12-07 10:25:44 -03:00 |
|
|
|
8d5e6c267c
|
auth: wire oauth2-proxy and enable grafana oidc
|
2025-12-07 02:01:21 -03:00 |
|
|
|
7107558e41
|
restore external longhorn-ui
|
2025-09-05 02:12:45 -05:00 |
|
|
|
0268cc1377
|
added vault auth
|
2025-08-21 08:02:43 -05:00 |
|
|
|
9070c2653f
|
added vault auth
|
2025-08-21 07:41:55 -05:00 |
|
|
|
24542a6092
|
need certs
|
2025-08-19 22:15:57 -05:00 |
|
|
|
d3751ad150
|
added cred req for vault
|
2025-08-19 21:01:54 -05:00 |
|
|
|
4b372126dd
|
added vault
|
2025-08-19 09:12:35 -05:00 |
|
|
|
7d6fb8dc26
|
added helm sources
|
2025-08-19 08:45:29 -05:00 |
|
|
|
7f10d31b0a
|
added vault
|
2025-08-19 03:16:28 -05:00 |
|
|
|
016cbab0f9
|
added vault
|
2025-08-19 01:06:45 -05:00 |
|
