fix(privacyidea): rename realm netkingdom → coulomb in bootstrap-realm.sh

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

sso-mfa/k8s/privacyidea/bootstrap-realm.sh

@@ -1,12 +1,12 @@
 #!/usr/bin/env bash
-# bootstrap-realm.sh — configure the "netkingdom" realm in privacyIDEA
+# bootstrap-realm.sh — configure the "coulomb" realm in privacyIDEA
 #
 # Run AFTER bootstrap-admin.sh (pi-admin must exist and have MFA enrolled).
 #
 # What it does:
 #   1. Authenticates as pi-admin to get a short-lived JWT.
-#   2. Creates the LDAP resolver "lldap-netkingdom" pointing to the in-cluster LLDAP.
-#   3. Creates (or updates) the "netkingdom" realm using that resolver.
+#   2. Creates the LDAP resolver "lldap-coulomb" pointing to the in-cluster LLDAP.
+#   3. Creates (or updates) the "coulomb" realm using that resolver.
 #   4. Creates a self-enrollment policy: any authenticated user may enroll TOTP.
 #   5. Prints a checklist of manual steps to complete via the WebUI.
 #
@@ -30,8 +30,8 @@ PI_URL="${2:-https://pink.coulomb.social}"
 PI_ENV="$SECRETS_DIR/privacyidea/secrets.env"
 LLDAP_ENV="$SECRETS_DIR/lldap/secrets.env"
 
-RESOLVER_NAME="lldap-netkingdom"
-REALM_NAME="netkingdom"
+RESOLVER_NAME="lldap-coulomb"
+REALM_NAME="coulomb"
 LLDAP_URL="ldap://lldap.sso.svc.cluster.local:3890"
 LLDAP_BASE_DN="dc=netkingdom,dc=local"
 LLDAP_BIND_DN="uid=admin,ou=people,dc=netkingdom,dc=local"
@@ -217,7 +217,7 @@ check_result "Default realm set to '$REALM_NAME'" "$RESP" || true
 # ── 6. Create self-enrollment policy ─────────────────────────────────────────
 echo ""
 echo "Step 6: Creating self-enrollment policy ..."
-# Allows users in the netkingdom realm to self-enroll TOTP tokens.
+# Allows users in the coulomb realm to self-enroll TOTP tokens.
 # The WebUI self-service portal is at pink-account.coulomb.social.
 ENROLL_POLICY=$(python3 -c "
 import json