titan-iac

Author	SHA1	Message	Date
Brad Stein	0ae534e387	vault: add default k8s audience	2026-02-02 17:15:35 -03:00
Brad Stein	4f2ae810a5	move atlasbot to ai namespace	2026-02-02 09:46:50 -03:00
Brad Stein	19d22abd0f	vault: fix k8s auth env indent	2026-02-01 12:20:04 -03:00
Brad Stein	fd8396730c	vault: set kubernetes issuer	2026-02-01 12:18:57 -03:00
Brad Stein	7c6a91d758	vault: set k8s auth audiences	2026-02-01 11:17:02 -03:00
Brad Stein	982b401a8c	maintenance: add soteria service	2026-01-31 03:35:39 -03:00
Brad Stein	91e6d5740d	vault: allow kubernetes auth login	2026-01-29 02:22:51 -03:00
Brad Stein	0ef14c67fd	comms: add synapse admin ensure job	2026-01-27 04:48:44 -03:00
Brad Stein	9ecdf054d3	vault: bootstrap k8s auth config with root token	2026-01-27 01:04:57 -03:00
Brad Stein	ec834b7e0f	vault: allow ariadne to use vault-admin role	2026-01-26 22:26:13 -03:00
Brad Stein	5e35b5f7a2	vault: unsuspend k8s auth config cronjob	2026-01-22 04:47:50 -03:00
Brad Stein	94953ab0fe	jenkins: sync harbor pull secret from vault	2026-01-22 04:45:24 -03:00
Brad Stein	ba2b9acbcc	jenkins: use shared harbor creds when present	2026-01-22 03:15:38 -03:00
Brad Stein	0efc1ed6c4	ariadne: split portal and ariadne db secrets	2026-01-21 03:39:17 -03:00
Brad Stein	439d824300	vault: allow ariadne to read needed secrets	2026-01-21 03:21:01 -03:00
Brad Stein	1fedb5ecbe	maintenance: wire ariadne db and dashboards	2026-01-20 23:03:39 -03:00
Brad Stein	e2e7e58f32	maintenance: extend Ariadne schedules and RBAC	2026-01-20 03:01:59 -03:00
Brad Stein	61619ddf77	fix: allow maintenance vault sync role	2026-01-19 19:07:00 -03:00
Brad Stein	ff3ed195ac	chore: centralize harbor pull credentials	2026-01-19 19:02:14 -03:00
Brad Stein	bb41c219f6	feat: add Ariadne service and glue scheduling	2026-01-19 16:58:02 -03:00
Brad Stein	35816115f8	vault: allow vaultwarden mailu secret	2026-01-19 02:23:16 -03:00
Brad Stein	fe9132e45e	portal: use mailu smtp secret	2026-01-19 00:56:07 -03:00
Brad Stein	343d41ecc7	monitoring: add glue dashboard and tag cronjobs	2026-01-18 02:50:07 -03:00
Brad Stein	7cd2f3c587	vault: allow portal to read postmark relay	2026-01-18 01:17:52 -03:00
Brad Stein	728f2cd2ee	vault: pin cronjobs to service IP	2026-01-17 03:17:36 -03:00
Brad Stein	ef5ac62544	vault: make retry helper resilient	2026-01-17 03:09:33 -03:00
Brad Stein	a9c2d3c5e8	vault: retry vault cli operations	2026-01-17 03:00:25 -03:00
Brad Stein	9a3c3a3d3e	vault: retry status checks in config jobs	2026-01-17 02:49:25 -03:00
Brad Stein	62fa6ef371	finance: seed vault secrets	2026-01-17 00:54:49 -03:00
Brad Stein	3e3061fe5b	finance: add actual budget and firefly	2026-01-16 23:52:56 -03:00
Brad Stein	401df4d68c	longhorn: use harbor mirrors and vault pull secret	2026-01-16 17:31:29 -03:00
Brad Stein	9f3d2db63d	platform: add cert-manager and align postgres vault path	2026-01-16 11:14:48 -03:00
Brad Stein	5cd196e043	vault/keycloak: restore kv access and wger sync rbac	2026-01-16 03:46:07 -03:00
Brad Stein	8ad9f0a664	vault: allow admin kv browse	2026-01-16 03:20:32 -03:00
Brad Stein	f5231d282b	vault: allow UI mount listing for admins	2026-01-16 02:06:31 -03:00
Brad Stein	bb1bf3c017	fix ingress tls routing	2026-01-16 01:40:50 -03:00
Brad Stein	5899c9acb3	vault: allow admin policy to update shared secrets	2026-01-15 04:17:14 -03:00
Brad Stein	c30f1fc587	vault: allow sso role to read portal admin secret	2026-01-15 03:46:58 -03:00
Brad Stein	feb9d6997c	vault: prepopulate oidc job	2026-01-15 02:22:52 -03:00
Brad Stein	9e6673d02e	vault: default oidc claims type	2026-01-15 02:20:53 -03:00
Brad Stein	d69545cdb5	vault: harden oidc claims type	2026-01-15 02:18:50 -03:00
Brad Stein	756a1af2e6	vault: allow oidc tuning	2026-01-15 02:16:55 -03:00
Brad Stein	74a2b3e28d	vault: use static token reviewer	2026-01-15 02:14:08 -03:00
Brad Stein	e885c7d6ce	vault: allow vault-admin token review	2026-01-15 02:09:34 -03:00
Brad Stein	86c9951cc4	vault: add admin role for config jobs	2026-01-15 02:06:28 -03:00
Brad Stein	85c3d9c2f7	vault: finalize sidecar migration	2026-01-15 01:52:24 -03:00
Brad Stein	82090c1953	vault: read oidc config from vault	2026-01-14 23:20:04 -03:00
Brad Stein	bb9a4e6d8b	longhorn: read oauth2-proxy secrets from vault	2026-01-14 17:48:12 -03:00
Brad Stein	fb671865e5	vault: inject remaining services with wrappers	2026-01-14 17:29:09 -03:00
Brad Stein	89f4b0dbdf	vault: stabilize injector templates and add health apps	2026-01-14 13:40:29 -03:00

1 2 3

102 Commits