viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/url
History
Viktor Barzin 5dc5cd53c0
Some checks failed
ci/woodpecker/push/build-cli Pipeline was successful
Details
ci/woodpecker/push/default Pipeline was canceled
Details
url/shlink: ingress url.viktorbarzin.me auth required -> none 
Authentik forward-auth on the shlink REST API + short-link domain
(url.viktorbarzin.me) 302s shlink-web's cross-origin API XHR (CORS
preflight) and SSO-bounces every public short link. Result: the admin
UI showed "Something went wrong while loading short URLs" and short
links never resolved for logged-out clients.

The shlink REST API is self-gated by its X-Api-Key and short links are
public by design, so Authentik must not front this domain. CrowdSec +
rate-limit + anti-AI bot-block still apply. The admin web UI
(shlink.viktorbarzin.me) stays auth=required via module.ingress-web.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-02 20:37:33 +00:00
..
.terraform.lock.hcl kms: revert files accidentally bundled into the docs commit 2026-06-01 10:36:49 +00:00
backend.tf nfs-mirror: append transferred files to offsite-sync manifest 2026-05-24 15:32:22 +00:00
main.tf url/shlink: ingress url.viktorbarzin.me auth required -> none 2026-06-02 20:37:33 +00:00
providers.tf Woodpecker CI deploy [CI SKIP] 2026-05-26 08:29:09 +00:00
secrets [ci skip] Move Terraform modules into stack directories 2026-02-22 14:38:14 +00:00
terragrunt.hcl migrate all secrets from SOPS to Vault KV 2026-03-14 17:15:48 +00:00
versions.tf [ci skip] Flatten module wrappers into stack roots 2026-02-22 15:13:55 +00:00