Sienna Meridian Satterwhite
e5741c4df6
- Add matrix to hydra-maester enabledNamespaces for OAuth2Client CRD - Update allowed_return_urls and selfservice URLs: chat→messages - Add Kratos verification flow, employee/external identity schemas - Extend session lifespan to 30 days with persistent cookies - Route messages.* to tuwunel via Pingora with WebSocket support - Replace login-ui with kratos-admin-ui as unified auth frontend - Update TLS certificate SANs: chat→messages, add monitoring subdomains - Add tuwunel + La Suite images to production overlay - Switch DDoS/scanner detection to compiled-in ensemble models (observe_only)
24 lines
946 B
YAML
24 lines
946 B
YAML
# Kratos selfservice UI URLs — patch over the Helm-rendered kratos-config ConfigMap.
|
|
# DOMAIN_SUFFIX is substituted by sunbeam apply.
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: kratos-config
|
|
namespace: ory
|
|
data:
|
|
selfservice.default_browser_return_url: "https://auth.DOMAIN_SUFFIX/"
|
|
selfservice.flows.login.ui_url: "https://auth.DOMAIN_SUFFIX/login"
|
|
selfservice.flows.registration.ui_url: "https://auth.DOMAIN_SUFFIX/registration"
|
|
selfservice.flows.recovery.ui_url: "https://auth.DOMAIN_SUFFIX/recovery"
|
|
selfservice.flows.settings.ui_url: "https://auth.DOMAIN_SUFFIX/settings"
|
|
selfservice.allowed_return_urls: |
|
|
- https://auth.DOMAIN_SUFFIX/
|
|
- https://docs.DOMAIN_SUFFIX/
|
|
- https://meet.DOMAIN_SUFFIX/
|
|
- https://drive.DOMAIN_SUFFIX/
|
|
- https://mail.DOMAIN_SUFFIX/
|
|
- https://messages.DOMAIN_SUFFIX/
|
|
- https://people.DOMAIN_SUFFIX/
|
|
- https://src.DOMAIN_SUFFIX/
|
|
- https://admin.DOMAIN_SUFFIX/
|