K3S-HOME/storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
170 Commits 1 Branch 0 Tags
main
Commit Graph

5 Commits

Author SHA1 Message Date
Mayne0213
38cf6abc0b refactor: update Vault secret paths to new categorized structure 
- minio: minio → storage/minio, minio-s3-credentials → storage/minio-s3-credentials
- pgweb: pgweb → storage/pgweb
- postgresql: postgresql → storage/postgresql
- velero: minio → storage/minio, velero → storage/velero
- zot: zot → storage/zot

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-11 22:36:38 +09:00
Mayne0213
1fa6ff5edd FIX: Use sessionKeysFile for Zot OIDC session encryption 
- Change from hashKeyFile/blockKeyFile inside sessionDriver to
  sessionKeysFile at auth config level
- Update ExternalSecret to generate session-keys.json with both
  hashKey and encryptKey in correct JSON format
- Fix securecookie validation error during OIDC callback
 2026-01-10 03:09:28 +09:00
Mayne0213
b7eb527782 FIX(zot): add session keys for consistent cookie handling 
- Add ExternalSecret for session hashKey and blockKey
- Mount session keys from Vault
- Configure sessionDriver with key files
- Fix securecookie validation error in multi-replica setup
 2026-01-10 03:00:53 +09:00
Mayne0213
c6a51cfaf5 FEAT(zot): add Authelia OIDC authentication 
- Add OpenID provider configuration for Authelia
- Create ExternalSecret for OIDC credentials
- Mount credentials file at /etc/zot/oidc-credentials.json
 2026-01-10 01:20:17 +09:00
Mayne0213
03f17000e9 FEAT(zot): add Zot container registry 
- ARM64 image (ghcr.io/project-zot/zot-linux-arm64:v2.1.13)
- htpasswd authentication via Vault ExternalSecret
- Ingress at zot0213.kro.kr with Let's Encrypt TLS
- local-path storage (50Gi)
- Prometheus metrics enabled
 2026-01-07 14:31:04 +09:00