K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
170 Commits 1 Branch 0 Tags
e5ca2a3f36527040271e6c3bccebb3c6974c0304
Commit Graph

10 Commits

Author SHA1 Message Date
Mayne0213
2cfcc586be refactor: update Vault secret paths to new categorized structure 
- authelia: postgresql → storage/postgresql, authelia → security/authelia
- external-secrets: zot → storage/zot (ClusterExternalSecret)
- vault: secret/data/vault/config → security/vault, authelia → security/authelia

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-11 22:36:33 +09:00
Mayne0213
c78dec54d7 FEAT(authelia): add Zot OIDC client 
- Add Zot client to OIDC providers
- Add ZOT_CLIENT_SECRET to ExternalSecret
- Add volume mount for Zot client secret
 2026-01-10 01:16:58 +09:00
Mayne0213
876708ccdf REFACTOR(authelia): simplify to single user 
- Change user from admin to bluemayne
- Remove other users from ClusterRoleBinding
 2026-01-10 01:16:57 +09:00
Mayne0213
8ccf5c5187 FIX(authelia): add users to OIDC ClusterRoleBinding 
- Add admin and bluemayne users
- Support multiple username formats for OIDC auth
 2026-01-10 01:16:57 +09:00
Mayne0213
061489756a CHORE(authelia): update admin password hash 
- Update password hash for admin user
- Ensure secure authentication
 2026-01-10 01:16:48 +09:00
Mayne0213
8f449666b5 CHORE(authelia): Remove immich OIDC client 
- Remove IMMICH_CLIENT_SECRET from extraVolumes/extraVolumeMounts
- Remove immich OIDC client configuration
- Immich application removed

CHORE(authelia): Remove IMMICH_CLIENT_SECRET from ExternalSecret
 2026-01-09 21:45:16 +09:00
Mayne0213
384d73d1fa REFACTOR(secrets): flatten Vault paths 
- Change secret paths from <category>/<app> to <app>
- databases/postgresql → postgresql
- cluster-infrastructure/authelia → authelia
 2026-01-06 16:53:10 +09:00
Mayne0213
677214b848 REFACTOR(repo): move vault/ to manifests/ 
- Move ExternalSecret file from vault/ to manifests/secret.yaml
- Update kustomization.yaml references
- Remove vault/ folder

Apps: authelia
 2026-01-06 16:43:38 +09:00
Mayne0213
3c51bb3b5e FIX(authelia): keep ingress in manifests 
- Keep ingress in manifests/ due to chart schema complexity
- Authelia chart has complex ingress schema
 2026-01-06 15:27:17 +09:00
Mayne0213
875dbbc42c REFACTOR(authelia): integrate ingress in values 
- Move config.yaml, middleware.yaml, rbac.yaml to manifests/
- Add ingress configuration to helm-values.yaml
- Remove separate ingress.yaml
 2026-01-06 15:12:22 +09:00