studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: integrate tuwunel with Ory SSO, rename chat to messages subdomain

Browse Source 
- Add matrix to hydra-maester enabledNamespaces for OAuth2Client CRD
- Update allowed_return_urls and selfservice URLs: chat→messages
- Add Kratos verification flow, employee/external identity schemas
- Extend session lifespan to 30 days with persistent cookies
- Route messages.* to tuwunel via Pingora with WebSocket support
- Replace login-ui with kratos-admin-ui as unified auth frontend
- Update TLS certificate SANs: chat→messages, add monitoring subdomains
- Add tuwunel + La Suite images to production overlay
- Switch DDoS/scanner detection to compiled-in ensemble models (observe_only)
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-10 18:52:47 +00:00
parent 584e98316b
commit e5741c4df6
10 changed files with 101 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
base/ory/kustomization.yaml
View File

@@ -9,7 +9,6 @@ kind: Kustomization
resources:
- namespace.yaml
- login-ui-deployment.yaml
- kratos-admin-deployment.yaml
# Hydra chart CRDs are not rendered by helm template; apply manually.
- hydra-oauth2client-crd.yaml