sbbb/base/lasuite at f8e9d32a8bb023cda1b8ee886f2949dcf1b770cf - sbbb - Gitea: Git with a cup of tea

studio/sbbb

Files

History

Sienna Meridian Satterwhite 50a4abf94f

fix(ory): harden Kratos and Hydra production security configuration

Kratos: xchacha20-poly1305 cipher for at-rest encryption, 12-char min
password with HaveIBeenPwned + similarity check, recovery/verification
switched to code (not link), anti-enumeration on unknown recipients,
15m privileged session, 24h session extend throttle, JSON structured
logging, WebAuthn passwordless enabled, additionalProperties: false on
all identity schemas, memory limits bumped to 256Mi.

Hydra: expose_internal_errors disabled, PKCE enforced for public
clients, janitor CronJob every 6h, cookie domain set explicitly,
SSRF prevention via disallow_private_ip_ranges, JSON structured
logging, Maester enabledNamespaces includes monitoring.

Also: fixed selfservice URL patch divergence (settings path, missing
allowed_return_urls), removed invalid responseTypes on Hive client.

2026-03-24 19:40:58 +00:00

..

calendars-backend-deployment.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-backend-service.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-caldav-deployment.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-caldav-service.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-config.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-frontend-caddyfile.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-frontend-deployment.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-frontend-service.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-theme-configmap.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

calendars-worker-deployment.yaml

feat(lasuite): add calendars service deployment manifests

2026-03-18 18:36:05 +00:00

collabora-deployment.yaml

fix: WOPI registration on restart + Collabora readiness probes

2026-03-24 12:22:10 +00:00

collabora-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

docs-frontend-nginx-configmap.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

docs-values.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

drive-frontend-nginx-configmap.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

drive-values.yaml

fix: WOPI registration on restart + Collabora readiness probes

2026-03-24 12:22:10 +00:00

hive-config.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

hive-deployment.yaml

feat: bring up local dev stack — all services running

2026-02-28 22:08:38 +00:00

hive-service.yaml

chore: initial infrastructure scaffold

2026-02-28 13:42:27 +00:00

integration-deployment.yaml

feat(lasuite): add Projects (Planka Kanban) service

2026-03-20 13:41:54 +00:00

kustomization.yaml

fix: WOPI registration on restart + Collabora readiness probes

2026-03-24 12:22:10 +00:00

meet-backend-deployment.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

meet-backend-service.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

meet-celery-worker-deployment.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

meet-config.yaml

Fix meet: ALLOWED_HOSTS, OIDC callback, and LiveKit connectivity

2026-03-06 13:56:29 +00:00

meet-frontend-deployment.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

meet-frontend-nginx-configmap.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

meet-frontend-service.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

messages-backend-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-backend-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-config.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-frontend-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-frontend-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-frontend-theme-configmap.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mpa-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mpa-dkim-config.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mpa-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mta-in-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mta-in-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mta-out-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-mta-out-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-socks-proxy-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-socks-proxy-service.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

messages-worker-deployment.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

namespace.yaml

chore: initial infrastructure scaffold

2026-02-28 13:42:27 +00:00

oidc-clients.yaml

fix(ory): harden Kratos and Hydra production security configuration

2026-03-24 19:40:58 +00:00

patch-docs-frontend-nginx.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

patch-drive-frontend-nginx.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

patch-drive-wopi-init.yaml

fix: WOPI registration on restart + Collabora readiness probes

2026-03-24 12:22:10 +00:00

patch-people-frontend-nginx.yaml

feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes

2026-03-06 12:08:21 +00:00

people-frontend-nginx-configmap.yaml

fix(ory): enable MFA methods, fix font URL, clean up login-ui

2026-03-18 18:36:15 +00:00

people-values.yaml

fix(ory,lasuite): harden session security and fix logout + WebSocket routing

2026-03-03 18:07:08 +00:00

postfix-deployment.yaml

feat: replace nginx placeholder with custom Pingora proxy; add Postfix MTA

2026-03-01 16:25:11 +00:00

projects-config.yaml

fix: WOPI registration on restart + Collabora readiness probes

2026-03-24 12:22:10 +00:00

projects-deployment.yaml

feat(lasuite): add Projects (Planka Kanban) service

2026-03-20 13:41:54 +00:00

seaweedfs-buckets.yaml

feat: La Suite email/messages, buildkitd, monitoring, vault and storage updates

2026-03-10 19:00:57 +00:00

shared-config.yaml

fix(lasuite): use internal cluster URLs for OIDC backend endpoints

2026-03-03 14:31:21 +00:00

vault-secrets.yaml

feat(lasuite): add Projects (Planka Kanban) service

2026-03-20 13:41:54 +00:00