Kenpat7177 34ae9423ef docs: complete Authentik SSO setup for all kitestacks.com services (v1.3.898)

- All OAuth2/OIDC providers created in Authentik; secrets filled for Kavita and OpenProject
- Proxy Providers created for Shaarli, Uptime Kuma, LiteLLM; assigned to Embedded Outpost
- OpenProject upgraded v13→v15 with data preserved; compose volume path fixed
- Cloudflare tunnel updates for proxy services still pending

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-08 20:32:51 -05:00

2.1 KiB

Raw Blame History

KiteStacks Homelab Documentation v1.3.898

Version: 1.3.898 Updated: 2026-06-08 Previous: v1.3.897 docs

Change Summary

Completed Authentik SSO provider/application setup for all kitestacks.com services
Filled OIDC client secrets for Kavita and OpenProject
Upgraded OpenProject from v13 → v15 (data preserved via bind mount migration)
Created Authentik Proxy Providers for Shaarli, Uptime Kuma, LiteLLM; assigned to Embedded Outpost
Fixed OpenProject docker-compose.yml volume path to preserve existing data
Updated apps/authentik/AUTHENTIK.md and docs/authentik-sso-setup.md to reflect current status

SSO Status (as of 2026-06-08)

Service	Method	Status
Grafana	OAuth2	✅ Configured
Kite AI (OpenWebUI)	OIDC	✅ Configured
Forgejo	OAuth2	✅ Configured
Kavita	OIDC	✅ Configured, secret filled
OpenProject	OIDC	✅ Configured, upgraded to v15
Shaarli	Proxy	⚠️ Provider ready, CF tunnel update pending
Uptime Kuma	Proxy	⚠️ Provider ready, CF tunnel update pending
LiteLLM	Proxy	⚠️ Provider ready, CF tunnel update pending

Pending

Update Cloudflare tunnel routes:
- links.kitestacks.com → http://authentik:9000
- status.kitestacks.com → http://authentik:9000
- llm.kitestacks.com → http://authentik:9000 (new)
- tasks.kitestacks.com → http://openproject:80
Test SSO end-to-end for all services
Phase 2: add guest Authentik account with auto-provisioning across all apps

Files Changed This Session

File	Change
`apps/kavita/config/appsettings.json`	Filled OIDC client secret
`apps/openproject/.env`	Filled OIDC client secret
`apps/openproject/docker-compose.yml`	Fixed volume path to preserve data; image already at v15
`apps/authentik/AUTHENTIK.md`	Updated configured apps, pending steps, excluded services
`docs/authentik-sso-setup.md`	Updated SSO status table to reflect completed steps

2.1 KiB Raw Blame History

KiteStacks Homelab Documentation v1.3.898

Change Summary

SSO Status (as of 2026-06-08)

Pending

Files Changed This Session

2.1 KiB

Raw Blame History