unkinben
|
1b4b22cad8
|
fix(kanidm): remove invalid automatic_refresh from replication config
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
|
2026-05-30 23:15:41 +10:00 |
|
unkinben
|
4d594fbde7
|
feat(kanidm): vault-managed replication certs with auto-restart (#176)
- Store per-pod replication certs in Vault (kv/kubernetes/namespace/kanidm/default/repl-certs)
- VaultAuth + VaultStaticSecret sync certs to kanidm-repl-certs Secret
- busybox config-init init container injects peer certs from Secret into server.toml at startup
- Remove hardcoded partner_cert entries from per-pod server.toml templates
- Add automatic_refresh = true to all replication configs
- Add reloader.stakater.com/auto annotation to trigger rolling restart on ConfigMap/Secret changes
- Document domain UUID mismatch resolution and cert rotation in README
Reviewed-on: #176
|
2026-05-30 23:00:46 +10:00 |
|
unkinben
|
d358098fff
|
chore: update replication certs (#170)
- add replication certs for kanidm-0, kanidm-1 and kanidm-2
Reviewed-on: #170
|
2026-05-25 23:52:06 +10:00 |
|
unkinben
|
201e601737
|
feat: update kanidm replicaiton (#169)
- split to per-server configs
- remove init containers that attempted to automate the replication config
- add README.md
Reviewed-on: #169
|
2026-05-25 23:25:48 +10:00 |
|