kenpat/kitestacks-homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
963 commits 2 branches 0 tags 739 MiB
Commit graph

925 commits

Author SHA1 Message Date
kenpat
dbcf51993d ops: add HashiCorp Vault for secrets management 
Replaces .env files across all KiteStacks apps. Vault runs as a Docker
container bound to 127.0.0.1:8200 with file storage backend.

- apps/vault/: compose file + vault.hcl config (TLS disabled, localhost only)
- scripts/vault-env.sh: fetches secret from Vault KV and injects as env
  vars before running docker compose (drops the .env pattern entirely)
- scripts/vault-init.sh: one-time init — GPG-encrypts unseal keys to
  ~/.vault-keys.gpg, creates kitestacks policy + limited app token
- scripts/vault-unseal.sh: post-restart unseal via GPG-decrypted key
- docs/vault-setup.md: full setup guide including secret migration steps

Usage: vault-env.sh kitestacks/authentik -- docker compose up -d

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-19 03:01:12 -05:00
kenpat
e3cfa80d98 chore: clean up cloudflared token handling and add pending files 
- Remove hardcoded TUNNEL_TOKEN from cloudflared docker-compose.yml
  (now reads from .env via ${TUNNEL_TOKEN:?...})
- Delete backup file that contained raw token
- Add .env.example template for cloudflared
- Add scripts/rollout-cloudflared-token.sh for token rotation
- Add apps/kitestacks-portal/public/flux/index.html (FluxCD status page)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-19 00:34:48 -05:00
kenpat
bdec86b16f fix: downgrade kustomize apiVersion to v1beta1 2026-06-15 13:04:59 -05:00
kenpat
4545b5c5e0 chore: rename assassin cluster to T14s and add kavita gitops manifests 2026-06-15 11:56:59 -05:00
kenpat
24be0b06c8 phase 8: forgejo sync config, authentik-ldap SSO service, runbook update 2026-06-15 08:54:08 -05:00
KiteStacks AutoSync
4b8925ca7e security: complete IP, port, and password redaction across all docs 
Redact all remaining IPv4 addresses, port numbers, and credential values
from RUNBOOK.md, AUTHENTIK.md, and authentik-sso-setup.md. Replace with
descriptive placeholders (<IP_REDACTED>, <port>, <REDACTED>, etc.).
Docker image version tags (postgres:16, forgejo:11, etc.) preserved.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-11 16:16:23 -05:00
KiteStacks AutoSync
bdd4e43254 chore: stop tracking runtime database and container data 2026-06-10 04:09:06 -05:00
Kenpat7177
95b6a07453 Remove Shaarli; switch to Raindrop.io cloud for bookmark management (v1.3.921) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-09 10:44:25 -05:00
KiteStacks AutoSync
55594d4c87 Automated update: 2026-06-09 03:14:40 2026-06-09 03:14:40 -05:00
KiteStacks AutoSync
b2a6716d21 Automated update: 2026-06-09 02:54:20 2026-06-09 02:54:20 -05:00
KiteStacks AutoSync
fd5f035d16 Automated update: 2026-06-09 02:33:26 2026-06-09 02:33:26 -05:00
KiteStacks AutoSync
2ad3c7b6d2 Automated update: 2026-06-09 02:12:47 2026-06-09 02:12:47 -05:00
KiteStacks AutoSync
b8b96ff91d Automated update: 2026-06-09 01:51:45 2026-06-09 01:51:45 -05:00
KiteStacks AutoSync
7b06744704 Automated update: 2026-06-09 01:31:21 2026-06-09 01:31:21 -05:00
KiteStacks AutoSync
3cbb9248d8 Automated update: 2026-06-09 01:11:12 2026-06-09 01:11:12 -05:00
KiteStacks AutoSync
03c0729837 Automated update: 2026-06-09 00:50:48 2026-06-09 00:50:48 -05:00
KiteStacks AutoSync
1664c6a2a1 Automated update: 2026-06-09 00:30:13 2026-06-09 00:30:13 -05:00
KiteStacks AutoSync
0bad9d1109 Automated update: 2026-06-09 00:09:44 2026-06-09 00:09:44 -05:00
KiteStacks AutoSync
9a501cce3d Automated update: 2026-06-08 23:48:23 2026-06-08 23:48:23 -05:00
KiteStacks AutoSync
abbee480b5 Automated update: 2026-06-08 23:28:16 2026-06-08 23:28:16 -05:00
KiteStacks AutoSync
86cad9ae71 Automated update: 2026-06-08 23:08:11 2026-06-08 23:08:11 -05:00
KiteStacks AutoSync
318136e8a0 Automated update: 2026-06-08 22:47:39 2026-06-08 22:47:39 -05:00
KiteStacks AutoSync
272480bd80 Automated update: 2026-06-08 22:27:22 2026-06-08 22:27:22 -05:00
KiteStacks AutoSync
f98123b859 Automated update: 2026-06-08 22:06:43 2026-06-08 22:06:43 -05:00
KiteStacks AutoSync
90d7e82e10 Automated update: 2026-06-08 21:46:38 2026-06-08 21:46:38 -05:00
KiteStacks AutoSync
2c2faea3d8 Automated update: 2026-06-08 21:26:09 2026-06-08 21:26:09 -05:00
KiteStacks AutoSync
3e059ca69b Automated update: 2026-06-08 21:05:43 2026-06-08 21:05:43 -05:00
KiteStacks AutoSync
18dfd5d012 Automated update: 2026-06-08 20:45:10 2026-06-08 20:45:10 -05:00
Kenpat7177
34ae9423ef docs: complete Authentik SSO setup for all kitestacks.com services (v1.3.898) 
- All OAuth2/OIDC providers created in Authentik; secrets filled for Kavita and OpenProject
- Proxy Providers created for Shaarli, Uptime Kuma, LiteLLM; assigned to Embedded Outpost
- OpenProject upgraded v13→v15 with data preserved; compose volume path fixed
- Cloudflare tunnel updates for proxy services still pending

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-06-08 20:32:51 -05:00
KiteStacks AutoSync
99696e3148 Automated update: 2026-06-08 20:24:38 2026-06-08 20:24:38 -05:00
KiteStacks AutoSync
102ec8b455 Automated update: 2026-06-08 20:04:19 2026-06-08 20:04:19 -05:00
KiteStacks AutoSync
29f493dbf7 Automated update: 2026-06-08 19:43:12 2026-06-08 19:43:12 -05:00
KiteStacks AutoSync
608f8de681 Automated update: 2026-06-08 19:22:54 2026-06-08 19:22:54 -05:00
KiteStacks AutoSync
a33ba8bde5 Automated update: 2026-06-08 19:02:24 2026-06-08 19:02:24 -05:00
KiteStacks AutoSync
7fc5696417 Automated update: 2026-06-08 18:41:39 2026-06-08 18:41:39 -05:00
KiteStacks AutoSync
61acb5731f Automated update: 2026-06-08 18:21:08 2026-06-08 18:21:08 -05:00
KiteStacks AutoSync
f267cf09f1 Automated update: 2026-06-08 18:00:38 2026-06-08 18:00:38 -05:00
KiteStacks AutoSync
e114ffa7ff Automated update: 2026-06-08 17:40:08 2026-06-08 17:40:08 -05:00
KiteStacks AutoSync
ef44f9c333 Automated update: 2026-06-08 17:19:37 2026-06-08 17:19:37 -05:00
KiteStacks AutoSync
6461c0266c Automated update: 2026-06-08 16:57:37 2026-06-08 16:57:37 -05:00
KiteStacks AutoSync
c0c9068458 Automated update: 2026-06-08 16:37:21 2026-06-08 16:37:21 -05:00
KiteStacks AutoSync
d9ac3f05c7 Automated update: 2026-06-08 16:16:45 2026-06-08 16:16:45 -05:00
KiteStacks AutoSync
dd0ea28d85 Automated update: 2026-06-08 15:56:38 2026-06-08 15:56:38 -05:00
KiteStacks AutoSync
f6a432f972 Automated update: 2026-06-08 15:36:18 2026-06-08 15:36:18 -05:00
kenpat
8d39ca4150 docs: add Authentik SSO status and service inventory 2026-06-08 20:20:32 +00:00
KiteStacks AutoSync
6d302a66e9 Automated update: 2026-06-08 15:16:08 2026-06-08 15:16:08 -05:00
KiteStacks AutoSync
65f66362ec Automated update: 2026-06-08 14:55:46 2026-06-08 14:55:46 -05:00
KiteStacks AutoSync
49f76daaaa Automated update: 2026-06-08 14:35:08 2026-06-08 14:35:08 -05:00
KiteStacks AutoSync
3dcdd35c0d Automated update: 2026-06-08 14:14:38 2026-06-08 14:14:38 -05:00
KiteStacks AutoSync
fd19ff7bca Automated update: 2026-06-08 13:54:23 2026-06-08 13:54:23 -05:00