|
|
b8cb91d39a
|
fix: jenkins casc OIDC using explicit endpoints
|
2025-12-16 20:13:52 -03:00 |
|
|
|
94144591b2
|
fix: pin Jenkins OIDC realm via JCasC
|
2025-12-16 20:04:21 -03:00 |
|
|
|
8edf83711c
|
ci: seed harbor-arm-build pipeline in Jenkins
|
2025-12-16 19:26:46 -03:00 |
|
|
|
3870a8259d
|
chore: remove zot stack
|
2025-12-16 14:10:04 -03:00 |
|
|
|
41a39b20e6
|
harbor: bootstrap arm64 images on titan-05
|
2025-12-16 11:16:34 -03:00 |
|
|
|
f8b13bec7a
|
harbor: run arm64 images on rpi workers
|
2025-12-16 03:22:01 -03:00 |
|
|
|
6b1e145689
|
Add AC Infinity ingestion plan
|
2025-12-16 01:45:04 -03:00 |
|
|
|
5652fb4ccd
|
harbor: use project paths for crypto/pegasus images
|
2025-12-16 00:15:22 -03:00 |
|
|
|
a32ed7a2a6
|
registry: point workloads to harbor
|
2025-12-16 00:08:11 -03:00 |
|
|
|
a2bdbfdde2
|
harbor: set redis affinity to amd64 titan-22 first
|
2025-12-15 23:14:26 -03:00 |
|
|
|
c130822f71
|
harbor: pin to amd64, prefer titan-22
|
2025-12-15 23:02:58 -03:00 |
|
|
|
a164ee906e
|
harbor: prefer rpi nodes
|
2025-12-15 23:00:11 -03:00 |
|
|
|
be5da057be
|
harbor: increase helm timeout
|
2025-12-15 22:32:29 -03:00 |
|
|
|
0a96aaed11
|
harbor: use astreae storageclass for pvc
|
2025-12-15 22:22:48 -03:00 |
|
|
|
c85961e1fe
|
Regenerate dashboards after availability thresholds tweak
|
2025-12-15 22:14:26 -03:00 |
|
|
|
43305aa1c4
|
harbor: use existing secrets and correct admin key
|
2025-12-15 22:08:52 -03:00 |
|
|
|
669a7cc69a
|
harbor: deploy chart via flux
|
2025-12-15 22:05:40 -03:00 |
|
|
|
be0c321648
|
harbor: add helm repo and deploy via helmrelease
|
2025-12-15 22:05:32 -03:00 |
|
|
|
d8f4eaac46
|
zot: allow upstream basic auth from oauth2-proxy
|
2025-12-15 14:22:48 -03:00 |
|
|
|
38a1f38074
|
zot: forward authorization header to ui
|
2025-12-15 14:14:49 -03:00 |
|
|
|
6ed036511c
|
zot ui: send basic creds from oauth2-proxy, remove traefik header
|
2025-12-15 14:08:18 -03:00 |
|
|
|
cbbd95cc54
|
zot: restore UI basic header middleware
|
2025-12-15 14:01:18 -03:00 |
|
|
|
f6650c2c21
|
zot: move basic auth to oauth2-proxy upstream
|
2025-12-15 13:53:53 -03:00 |
|
|
|
c261aba74b
|
zot: fix htpasswd volume to avoid type conflict
|
2025-12-15 13:00:51 -03:00 |
|
|
|
bc0c85a9ca
|
zot: add oauth proxy and user sync scripts
|
2025-12-15 12:57:02 -03:00 |
|
|
|
43f5b4ae08
|
gitea: enable OIDC auto-registration
|
2025-12-14 23:08:38 -03:00 |
|
|
|
d76d04dbc1
|
gitea: add proxy/session headers for OIDC
|
2025-12-14 22:25:46 -03:00 |
|
|
|
6656f01d8f
|
gitea: reference secret via env; remove secret file
|
2025-12-14 22:16:49 -03:00 |
|
|
|
b9a20eac55
|
gitea: remove committed secret and env refs
|
2025-12-14 22:10:13 -03:00 |
|
|
|
0db9ad6f41
|
gitea: pin secret/internal token and include secret manifest
|
2025-12-14 22:06:25 -03:00 |
|
|
|
555878cf06
|
gitea: drop required claim constraint on keycloak auth
|
2025-12-14 21:58:36 -03:00 |
|
|
|
d44d9d2307
|
gitea: enforce keycloak auth source via init container
|
2025-12-14 21:54:18 -03:00 |
|
|
|
ba7fe0603d
|
gitea: remove bootstrap job (immutable error)
|
2025-12-14 21:49:07 -03:00 |
|
|
|
52c273efd6
|
gitea: fix bootstrap job immutability
|
2025-12-14 21:47:50 -03:00 |
|
|
|
d86ba7b412
|
gitea: set trace logging for oidc
|
2025-12-14 21:44:43 -03:00 |
|
|
|
d5b08479e7
|
gitea: relax required signin, set admin group+skip 2fa
|
2025-12-14 21:42:08 -03:00 |
|
|
|
ae3d9b2bf9
|
gitea: enable debug logging for oauth
|
2025-12-14 21:38:32 -03:00 |
|
|
|
5268fd1800
|
jenkins: fix OIDC retriever null
|
2025-12-14 21:23:15 -03:00 |
|
|
|
dcd38a1eff
|
ci: enable oidc for jenkins/gitops/gitea
|
2025-12-14 20:58:57 -03:00 |
|
|
|
d4ebadbb2e
|
jenkins: auto-configure OIDC via init script
|
2025-12-14 19:22:47 -03:00 |
|
|
|
dec257938b
|
jenkins: drop JCasC OIDC script to unblock startup
|
2025-12-14 18:10:49 -03:00 |
|
|
|
d88da7e18c
|
jenkins: restore plugin list without pinned versions
|
2025-12-14 17:59:48 -03:00 |
|
|
|
af645fb89d
|
jenkins: start without plugin installs to unblock bootstrap
|
2025-12-14 16:02:05 -03:00 |
|
|
|
b983d20d74
|
jenkins: use latest plugin versions to avoid 404
|
2025-12-14 16:00:45 -03:00 |
|
|
|
02956b18c9
|
jenkins: add helm release with ingress + astreae storage
|
2025-12-14 15:57:42 -03:00 |
|
|
|
7b0990e69a
|
cleanup: stop tracking extra md files; switch gitops cert to letsencrypt
|
2025-12-14 15:52:12 -03:00 |
|
|
|
11d72ce92a
|
chore: drop stray NOTES.md
|
2025-12-14 15:43:06 -03:00 |
|
|
|
0917613489
|
git: ignore fixed
|
2025-12-14 15:39:27 -03:00 |
|
|
|
614b2d7058
|
gitops-ui: open ingress for acme solver
|
2025-12-14 15:14:11 -03:00 |
|
|
|
cdd7510290
|
gitops-ui: allow acme solver from kube-system traefik
|
2025-12-14 15:12:38 -03:00 |
|
