viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/authentik
History
Viktor Barzin 7e7e41cbef
All checks were successful
ci/woodpecker/push/default Pipeline was successful
Details
fix(authentik): derive username from email in tripit-enrollment (user_write needs it) 
The passwordless enrollment prompt collects only email+name, so user_write aborted with 'Aborting write to empty username' (ak-stage-access-denied). Add an expression policy on the user_write binding (evaluate_on_plan=false + re_evaluate_policies=true, like guest.tf) that sets prompt_data['username'] = the entered email before the write. Verified the failure live via the flow executor API.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-17 07:35:23 +00:00
..
modules/authentik fix(authentik): SMTP host = mail.viktorbarzin.me (svc name fails wildcard-cert verify) 2026-06-17 07:13:53 +00:00
admin-services-restriction.tf feat(authentik): TripIt external self-signup group + forward-auth fence (ADR-0020) 2026-06-15 21:48:04 +00:00
authentik_provider.tf authentik: incident hardening after the signin-speedup rollout storm 2026-06-11 00:26:52 +00:00
email-secret.tf feat(authentik): wire SMTP (noreply@) for TripIt signup verification + recovery email (ADR-0020) 2026-06-17 07:04:52 +00:00
guest.tf fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
main.tf fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
secrets fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
t3-users.tf fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
terragrunt.hcl fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
tripit-email-blueprint.tf fix(authentik): deliver tripit email-verify stages via blueprint (provider token_expiry too old) 2026-06-17 07:30:05 +00:00
tripit-email-stages.yaml fix(authentik): deliver tripit email-verify stages via blueprint (provider token_expiry too old) 2026-06-17 07:30:05 +00:00
tripit-external.tf feat(authentik): tripit-enrollment + tripit-recovery flows (passwordless signup, ADR-0020) 2026-06-17 07:20:11 +00:00
tripit-flows.tf fix(authentik): derive username from email in tripit-enrollment (user_write needs it) 2026-06-17 07:35:23 +00:00
vault-authz-binding.tf fix(authentik): pin Vault binding UUIDs as literals (provider has no authentik_application data source) 2026-06-15 22:01:29 +00:00