titan-iac

Author	SHA1	Message	Date
Brad Stein	eb11eaff4e	keycloak: allow e2e client execute-actions-email	2026-01-04 00:58:02 -03:00
Brad Stein	cadb0daba0	tests: add Keycloak email probe	2026-01-04 00:53:13 -03:00
Brad Stein	b63b724b52	keycloak: rerun realm settings job	2026-01-03 18:27:29 -03:00
Brad Stein	ab658fa064	keycloak: allow vaultwarden user attributes	2026-01-03 18:25:48 -03:00
Brad Stein	70980a2ca9	keycloak: add token exchange E2E smoke test	2026-01-03 15:58:44 -03:00
Brad Stein	e73baa6ecd	keycloak: robust policy lookup for token exchange job	2026-01-03 15:50:43 -03:00
Brad Stein	3f19d01d00	keycloak: make token exchange permissions job idempotent	2026-01-03 15:48:40 -03:00
Brad Stein	cb37756f5f	keycloak: fix token exchange permission patching	2026-01-03 15:46:26 -03:00
Brad Stein	1f2bddc7fe	keycloak: retry token exchange permissions job	2026-01-03 15:45:04 -03:00
Brad Stein	df959ee17d	keycloak: enable fine-grained token exchange authz	2026-01-03 15:43:07 -03:00
Brad Stein	b21a79dad7	keycloak: allow token exchange to portal	2026-01-03 14:48:28 -03:00
Brad Stein	e09589ec35	keycloak: add portal e2e client	2026-01-03 14:35:23 -03:00
Brad Stein	f1d1e1bd7d	keycloak: enable token exchange	2026-01-03 14:29:28 -03:00
Brad Stein	c8f9b59e4a	keycloak: allow nextcloud mail profile attrs	2026-01-03 12:36:23 -03:00
Brad Stein	747b6aacb6	keycloak: set bstein mailu_email	2026-01-03 06:15:16 -03:00
Brad Stein	0b211520cb	keycloak: allow mailu_email + groups	2026-01-03 03:32:38 -03:00
Brad Stein	10e322e853	keycloak(atlas): default TOTP required action	2026-01-03 01:09:14 -03:00
Brad Stein	5437cebb9e	sso: provision vaultwarden users	2026-01-02 21:04:12 -03:00
Brad Stein	0f26bd508e	keycloak(atlas): disable browser IdP redirector	2026-01-02 20:09:05 -03:00
Brad Stein	21d8fc3788	keycloak(atlas): retry realm settings job	2026-01-02 20:04:47 -03:00
Brad Stein	54d324f555	keycloak(atlas): harden realm settings job	2026-01-02 20:02:11 -03:00
Brad Stein	503a9264c5	keycloak: cleanup LDAP federation	2026-01-02 18:45:45 -03:00
Brad Stein	2254532642	keycloak: roll update with no surge	2026-01-02 17:15:37 -03:00
Brad Stein	22b7e7aa66	keycloak: clear rollingUpdate for recreate	2026-01-02 17:09:24 -03:00
Brad Stein	23a9e1ec30	keycloak: use recreate strategy with pvc	2026-01-02 17:02:59 -03:00
Brad Stein	e2e76592a0	keycloak: enable debug logging	2026-01-02 16:57:42 -03:00
Brad Stein	1346ccd31b	keycloak: repair ldap federation parentId	2026-01-02 14:12:20 -03:00
Brad Stein	8a2f3c733e	sso: fix keycloak ldap provider parentId	2026-01-02 14:02:05 -03:00
Brad Stein	de14d68fc9	sso: codify openldap bootstrap and keycloak federation	2026-01-02 13:18:32 -03:00
Brad Stein	46d4ab6dc8	keycloak: apply realm smtp via api	2026-01-02 04:03:27 -03:00
Brad Stein	9fa081ca36	keycloak: set realm smtp server	2026-01-02 03:58:37 -03:00
Brad Stein	77beacec53	keycloak: switch realm job to kcadm	2026-01-02 03:55:28 -03:00
Brad Stein	816abca2df	keycloak: fix realm job service URL	2026-01-02 03:49:19 -03:00
Brad Stein	2ef3b7d45c	keycloak: pin realm job to rpi nodes	2026-01-02 03:45:44 -03:00
Brad Stein	7e464d3ec8	keycloak: enable reset password	2026-01-02 03:39:08 -03:00
Brad Stein	1f554e583a	keycloak: read POSTGRES_* db secret keys	2026-01-01 12:32:57 -03:00
Brad Stein	bd64a36165	registry: point workloads to harbor	2025-12-16 00:08:11 -03:00
Brad Stein	b87f06f6ff	zot: add oauth proxy and user sync scripts	2025-12-15 12:57:02 -03:00
Brad Stein	ccfc473521	cleanup: stop tracking extra md files; switch gitops cert to letsencrypt	2025-12-14 15:52:12 -03:00
Brad Stein	8fceebd7a7	nextcloud: integration with mailu & gitops-ui: initial install	2025-12-14 14:21:40 -03:00
Brad Stein	aae09c5074	Normalize doc layout and README guidance	2025-12-14 13:47:59 -03:00
Brad Stein	d274738e9e	restore readmes removed in last commit	2025-12-13 03:57:44 -03:00
Brad Stein	f0265d6b94	atlas pods: add namespace plurality by node table	2025-12-13 03:57:20 -03:00
Brad Stein	6c77b8e7f8	restore docs after gitignore change	2025-12-12 00:50:02 -03:00
Brad Stein	78195c4685	mailu: fix admin dns and tame vip	2025-12-12 00:49:45 -03:00
Brad Stein	598bdfc727	keycloak: restrict to worker rpis with titan-24 fallback	2025-12-06 01:44:23 -03:00
Brad Stein	88c7a1c2aa	keycloak: require rpi nodes with titan-24 fallback	2025-12-06 01:40:24 -03:00
Brad Stein	f4da27271e	keycloak: prefer rpi nodes, avoid titan-24	2025-12-06 01:36:33 -03:00
Brad Stein	141c05b08f	keycloak: honor xforwarded headers and hostname url	2025-12-06 01:23:07 -03:00
Brad Stein	f0a8f6d35e	keycloak: enable health/metrics management port	2025-12-06 00:51:47 -03:00

1 2

53 Commits