viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/authentik/modules/authentik
History
Viktor Barzin 4bf3f504ea
All checks were successful
ci/woodpecker/push/default Pipeline was successful
Details
fix(authentik): SMTP host = mail.viktorbarzin.me (svc name fails wildcard-cert verify) 
The in-cluster svc name mailserver.mailserver.svc.cluster.local fails Authentik's strict STARTTLS hostname verification (CERTIFICATE_VERIFY_FAILED): the mailserver serves the *.viktorbarzin.me wildcard cert, which doesn't cover the svc DNS name. Use the public name mail.viktorbarzin.me, which resolves in-cluster (10.0.20.1) and matches the cert. Verified end-to-end from an authentik pod (verified TLS + SASL auth + send) before this change.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-17 07:13:53 +00:00
..
main.tf authentik: speed up first-time signin (single-screen login, live env tuning, asset caching, outpost+nginx hot path) 2026-06-10 21:58:10 +00:00
pgbouncer.ini authentik: incident hardening after the signin-speedup rollout storm 2026-06-11 00:26:52 +00:00
pgbouncer.tf authentik: ignore Keel-managed image_pull_policy on pgbouncer 2026-06-11 00:34:44 +00:00
userlist.txt fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
values.yaml fix(authentik): SMTP host = mail.viktorbarzin.me (svc name fails wildcard-cert verify) 2026-06-17 07:13:53 +00:00