studio/sbbb - sbbb - Gitea: Git with a cup of tea

studio/sbbb

Fork 0

Commit Graph

Author	SHA1	Message	Date
Sienna Meridian Satterwhite	97628b0f6f	feat(ory): OIDC group-to-team mapping, social login, Gitea OIDC-only mode Identity permissions flow from Kratos metadata_admin.groups through Hydra ID token claims to Gitea's OIDC group-to-team mapping: - super-admin → site admin + Owners + Employees teams - employee → Owners + Employees teams - community → Contributors team (social sign-up users) Kratos: Discord + GitHub social login providers, community identity schema, OIDC method enabled with env-var credential injection via VSO. Gitea: OIDC-only login (no local registration, no password form), APP_NAME, favicon, auto-registration with account linking. Also: messages-mta-in recreate strategy + liveness probe for milter.	2026-03-27 17:46:11 +00:00
Sienna Meridian Satterwhite	b9d9ad72fe	fix(ory): enable MFA methods, fix font URL, clean up login-ui Enable TOTP, WebAuthn, and lookup secret MFA methods in Kratos config. Fix Monaspace Neon font CDN URL in Gitea theme ConfigMap. Remove redundant Google Fonts preconnect from people-frontend nginx config. Delete unused login-ui-deployment.yaml (login-ui is part of the Ory Helm chart, not a standalone deployment).	2026-03-18 18:36:15 +00:00
Sienna Meridian Satterwhite	d32d1435f9	feat(infra): data, storage, devtools, and ory layer updates - data: CNPG cluster tuning, OpenBao values, OpenSearch deployment fixes, OpenSearch PVC, barman vault secret for S3 backup credentials - storage: SeaweedFS filer updates (s3.json via secret subPath), PVC for filer persistent storage - devtools: Gitea values (SSH service, custom theme), gitea-theme-cm ConfigMap - ory: add kratos-selfservice-urls.yaml for self-service flow URLs - media: LiveKit values updated (TURN config, STUN, resource limits) - vso: kustomization cleanup	2026-03-06 12:07:28 +00:00

Author

SHA1

Message

Date

Sienna Meridian Satterwhite

97628b0f6f

feat(ory): OIDC group-to-team mapping, social login, Gitea OIDC-only mode

Identity permissions flow from Kratos metadata_admin.groups through
Hydra ID token claims to Gitea's OIDC group-to-team mapping:
- super-admin → site admin + Owners + Employees teams
- employee → Owners + Employees teams
- community → Contributors team (social sign-up users)

Kratos: Discord + GitHub social login providers, community identity
schema, OIDC method enabled with env-var credential injection via VSO.

Gitea: OIDC-only login (no local registration, no password form),
APP_NAME, favicon, auto-registration with account linking.

Also: messages-mta-in recreate strategy + liveness probe for milter.

2026-03-27 17:46:11 +00:00

Sienna Meridian Satterwhite

b9d9ad72fe

fix(ory): enable MFA methods, fix font URL, clean up login-ui

Enable TOTP, WebAuthn, and lookup secret MFA methods in Kratos config.
Fix Monaspace Neon font CDN URL in Gitea theme ConfigMap. Remove
redundant Google Fonts preconnect from people-frontend nginx config.
Delete unused login-ui-deployment.yaml (login-ui is part of the Ory
Helm chart, not a standalone deployment).

2026-03-18 18:36:15 +00:00

Sienna Meridian Satterwhite

d32d1435f9

feat(infra): data, storage, devtools, and ory layer updates

- data: CNPG cluster tuning, OpenBao values, OpenSearch deployment fixes,
  OpenSearch PVC, barman vault secret for S3 backup credentials
- storage: SeaweedFS filer updates (s3.json via secret subPath), PVC for
  filer persistent storage
- devtools: Gitea values (SSH service, custom theme), gitea-theme-cm ConfigMap
- ory: add kratos-selfservice-urls.yaml for self-service flow URLs
- media: LiveKit values updated (TURN config, STUN, resource limits)
- vso: kustomization cleanup

2026-03-06 12:07:28 +00:00

3 Commits