titan-iac

Author	SHA1	Message	Date
Brad Stein	7a9cf1df98	keycloak: fix logs oauth2 cookie secret	2026-01-09 08:57:13 -03:00
Brad Stein	cac71e4a41	logging: add opensearch dashboards ui	2026-01-09 08:54:07 -03:00
Brad Stein	0fc4b299da	keycloak: re-run mas secrets ensure	2026-01-08 05:43:33 -03:00
Brad Stein	d3c6ddeead	comms: re-run signing key and synapse oidc	2026-01-08 05:40:28 -03:00
Brad Stein	5a23514a30	sso: install kubectl in synapse oidc job	2026-01-08 03:57:35 -03:00
Brad Stein	220cc1f31a	sso: run synapse oidc job with kubectl	2026-01-08 03:56:18 -03:00
Brad Stein	76deb9a160	comms: ensure core secrets and synapse oidc	2026-01-08 03:53:49 -03:00
Brad Stein	d3c3db612d	sso: recheck mas encryption bytes	2026-01-08 03:44:54 -03:00
Brad Stein	8d1284412f	sso: validate mas encryption length	2026-01-08 03:43:06 -03:00
Brad Stein	04817691c6	sso: strip mas secret newlines	2026-01-08 03:38:51 -03:00
Brad Stein	072af083bc	sso: fix mas encryption secret	2026-01-08 03:35:40 -03:00
Brad Stein	6e0b3c43bd	keycloak: rerun MAS secrets bootstrap	2026-01-08 02:32:31 -03:00
Brad Stein	9d3b27e567	keycloak: rerun MAS secrets bootstrap	2026-01-08 02:25:55 -03:00
Brad Stein	6e7118c14d	keycloak: use create for MAS secrets	2026-01-08 02:23:40 -03:00
Brad Stein	6c99eb452e	keycloak: make MAS secret job idempotent	2026-01-08 02:21:37 -03:00
Brad Stein	e9fb11af40	keycloak: allow MAS secret apply read access	2026-01-08 02:19:21 -03:00
Brad Stein	afce04b9b2	keycloak: rerun MAS secrets bootstrap	2026-01-08 02:17:04 -03:00
Brad Stein	2aea7e3601	keycloak: retry MAS secret bootstrap	2026-01-08 02:12:40 -03:00
Brad Stein	05848223eb	comms: ensure MAS secrets via keycloak admin job	2026-01-08 02:09:23 -03:00
Brad Stein	55606e5b70	fix(portal): pin kubectl image digest	2026-01-04 03:40:13 -03:00
Brad Stein	17a9a7e245	test(portal): sync e2e client secret	2026-01-04 03:35:26 -03:00
Brad Stein	a7f68ddddb	test: ensure smtp probe user has email	2026-01-04 01:08:17 -03:00
Brad Stein	38b4935e1d	test: send execute-actions-email to existing mailbox	2026-01-04 01:06:05 -03:00
Brad Stein	7cbbb7e193	test: fix keycloak execute-actions-email probe	2026-01-04 00:59:24 -03:00
Brad Stein	eb11eaff4e	keycloak: allow e2e client execute-actions-email	2026-01-04 00:58:02 -03:00
Brad Stein	cadb0daba0	tests: add Keycloak email probe	2026-01-04 00:53:13 -03:00
Brad Stein	b63b724b52	keycloak: rerun realm settings job	2026-01-03 18:27:29 -03:00
Brad Stein	ab658fa064	keycloak: allow vaultwarden user attributes	2026-01-03 18:25:48 -03:00
Brad Stein	70980a2ca9	keycloak: add token exchange E2E smoke test	2026-01-03 15:58:44 -03:00
Brad Stein	e73baa6ecd	keycloak: robust policy lookup for token exchange job	2026-01-03 15:50:43 -03:00
Brad Stein	3f19d01d00	keycloak: make token exchange permissions job idempotent	2026-01-03 15:48:40 -03:00
Brad Stein	cb37756f5f	keycloak: fix token exchange permission patching	2026-01-03 15:46:26 -03:00
Brad Stein	1f2bddc7fe	keycloak: retry token exchange permissions job	2026-01-03 15:45:04 -03:00
Brad Stein	df959ee17d	keycloak: enable fine-grained token exchange authz	2026-01-03 15:43:07 -03:00
Brad Stein	b21a79dad7	keycloak: allow token exchange to portal	2026-01-03 14:48:28 -03:00
Brad Stein	e09589ec35	keycloak: add portal e2e client	2026-01-03 14:35:23 -03:00
Brad Stein	f1d1e1bd7d	keycloak: enable token exchange	2026-01-03 14:29:28 -03:00
Brad Stein	c8f9b59e4a	keycloak: allow nextcloud mail profile attrs	2026-01-03 12:36:23 -03:00
Brad Stein	747b6aacb6	keycloak: set bstein mailu_email	2026-01-03 06:15:16 -03:00
Brad Stein	0b211520cb	keycloak: allow mailu_email + groups	2026-01-03 03:32:38 -03:00
Brad Stein	10e322e853	keycloak(atlas): default TOTP required action	2026-01-03 01:09:14 -03:00
Brad Stein	5437cebb9e	sso: provision vaultwarden users	2026-01-02 21:04:12 -03:00
Brad Stein	0f26bd508e	keycloak(atlas): disable browser IdP redirector	2026-01-02 20:09:05 -03:00
Brad Stein	21d8fc3788	keycloak(atlas): retry realm settings job	2026-01-02 20:04:47 -03:00
Brad Stein	54d324f555	keycloak(atlas): harden realm settings job	2026-01-02 20:02:11 -03:00
Brad Stein	503a9264c5	keycloak: cleanup LDAP federation	2026-01-02 18:45:45 -03:00
Brad Stein	2254532642	keycloak: roll update with no surge	2026-01-02 17:15:37 -03:00
Brad Stein	22b7e7aa66	keycloak: clear rollingUpdate for recreate	2026-01-02 17:09:24 -03:00
Brad Stein	23a9e1ec30	keycloak: use recreate strategy with pvc	2026-01-02 17:02:59 -03:00
Brad Stein	e2e76592a0	keycloak: enable debug logging	2026-01-02 16:57:42 -03:00

1 2

77 Commits