Block a user
7df12e3396
Update compose.yaml to change Jellyseerr configuration path to Seerr, ensuring consistency in service setup.
02f6ab03bc
Update cert-manager configurations for Let's Encrypt to include DNS-01 challenge support for both pcenicni.dev and nikflix.ca. Clarify Cloudflare API token requirements in comments and remove HTTP-01 fallback references for cleaner configuration.
6e76a400b6
Update .env.sample and Ansible configurations to enhance Pangolin Integration API setup. Add detailed comments for environment variables and clarify usage in README. Implement HTTP-01 challenge support in cert-manager configurations for Let's Encrypt, ensuring proper resource management for domain validation.
2fb86f5930
Enhance Authentik and Newt configurations to support Open WebUI integration. Add necessary environment variables and secrets management for Open WebUI in .env.sample and Ansible tasks. Update README to clarify setup steps for automating HTTP resources with Pangolin, ensuring consistency with new branding and deployment practices.
97da42b15c
Add open-webui resource to Kustomization configuration for Noble cluster, enhancing application deployment structure.
73ff9fd022
Revise Authentik configuration to reflect the transition from public to Nikflix branding, updating directory group settings and invitation flows accordingly. Adjust README to clarify group merging and user invitation processes, ensuring consistency with the new branding. Enhance blueprint templates to support the updated structure for directory groups.
f37768b789
Update Authentik configuration to default public invitation user type to internal, enhancing clarity on user isolation. Revise README to reflect changes in user type settings and provide guidance for managing existing external users. Improve validation in Ansible tasks to ensure correct user type configuration.
7fed8820ce
Enhance Authentik configuration by introducing dedicated authentication flows for public and lab brands, including stricter password policies and MFA requirements. Update README to clarify flow distinctions and invitation enrollment processes. Improve validation in Ansible tasks to ensure all necessary blueprint variables are set, enhancing deployment robustness.
7b337f7128
Refactor Authentik blueprint configuration to merge public, extra, and Nikflix directory groups into a single YAML template. Update README to clarify group entry requirements and enhance validation in Ansible tasks for blueprint entries. This improves the structure and usability of directory groups in Authentik deployments.
93d602de9d
Enhance Authentik deployment by adding verification for the presence of noble blueprints volume mounts in the authentik-worker deployment. Update README to clarify blueprint confirmation steps and troubleshooting for mounted files. This ensures proper configuration when blueprints are enabled.
fbcd2416e6
Add optional SMTP configuration for Authentik, including email host, port, and credentials. Update README and .env.sample to clarify usage for outbound email settings. Introduce blueprint support for enhanced deployment flexibility, with assertions in Ansible tasks to ensure required variables are set when enabled.
e48b19b64c
Implement S3 media storage for Authentik by adding configuration options for dedicated S3 bucket and credentials. Update README and default values to clarify usage and requirements for S3 integration, ensuring compatibility with Velero settings. Enhance Ansible tasks to load S3 configurations from the environment.
57a149b3d2
Update Authentik values.yaml to clarify PVC usage for media uploads. Specify that authentik-data is mounted on the server only to avoid Multi-Attach errors, and recommend using S3 or an RWX StorageClass for shared media access from workers.
032ffee866
Enable Authentik installation and add support for extra public hostnames in the configuration. Updated README and values files to reflect changes for improved deployment flexibility and documentation clarity.
b90ee2d531
Disable infra assessment in Trivy configuration for Talos to prevent node-collector job failures due to read-only file system issues. Updated comments for clarity and removed unnecessary volume mounts to align with Talos constraints.
b994e2d6d0
Refine Trivy configuration for Talos by removing systemd mounts from nodeCollector to prevent read-only file system errors. Updated comments for clarity and aligned with upstream changes regarding volume management.
c3bdda1dd7
Enhance Trivy configuration for Talos by adding nodeCollector settings with emptyDir for systemd paths to address read-only file system issues. Updated volume mounts and volumes for improved compliance and functionality.
7c9fd1fde6
Enhance Headlamp's metrics access by updating the ClusterRoleBinding to include permissions for metrics.k8s.io, nodes, and CustomResourceDefinitions. Update README and RBAC documentation to clarify OIDC user permissions and troubleshooting steps for metrics visibility issues.
bb0bd4ca90
Update OIDC configuration in Headlamp documentation and Talos config to use preferred_username claim instead of email. Added troubleshooting steps for "Unauthorized" errors related to OIDC token validation.