feat(ory): OIDC group-to-team mapping, social login, Gitea OIDC-only mode

Browse Source

Identity permissions flow from Kratos metadata_admin.groups through
Hydra ID token claims to Gitea's OIDC group-to-team mapping:
- super-admin → site admin + Owners + Employees teams
- employee → Owners + Employees teams
- community → Contributors team (social sign-up users)

Kratos: Discord + GitHub social login providers, community identity
schema, OIDC method enabled with env-var credential injection via VSO.

Gitea: OIDC-only login (no local registration, no password form),
APP_NAME, favicon, auto-registration with account linking.

Also: messages-mta-in recreate strategy + liveness probe for milter.

...

This commit is contained in:

Sienna Meridian Satterwhite

2026-03-27 17:46:11 +00:00

parent 33f0e44545

commit 97628b0f6f

5 changed files with 136 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

3

base/devtools/gitea-theme-cm.yaml

File diff suppressed because one or more lines are too long