6ddf4e56b4
Add KeyCape login overlay gateway for OpenBao browser UI
...
Streamline bao.coulomb.social login as "Sign in with KeyCape" via a versioned
nginx gateway that injects overlay assets and proxies to OpenBao. Disable chart
ingress in favor of the overlay ingress, wire make openbao-deploy, and add
openbao-verify-login-overlay with upstream drift detection.
2026-06-19 20:28:16 +02:00
c24956fb5a
feat(openbao): add SSH engine automation for ops-warden signing
...
Declarative roles, warden-sign policy, apply/verify scripts, and Makefile
targets openbao-configure-ssh and openbao-verify-ssh. Document operator flow
in docs/openbao.md for NET-WP-0020 T5 / WP-0008 T2.
2026-06-18 01:06:43 +02:00
18c1b86498
Reject placeholder OpenBao drill evidence
2026-06-02 02:02:09 +02:00
606a5f3e1e
Add OpenBao emergency drill evidence validator
2026-06-02 00:08:17 +02:00
123b9aafce
Add OpenBao restore evidence validator
2026-06-01 23:57:00 +02:00
c0d4ec9037
Document audit-core mock sink handoff
2026-06-01 23:44:06 +02:00
5e4040d43d
Add OpenBao authenticated readiness verifier
2026-06-01 22:46:14 +02:00
087bb91b86
Configure OpenBao file audit declaratively
2026-06-01 22:12:23 +02:00
3a5f9f58e9
Clean up OpenBao config rerun output
2026-05-25 15:57:24 +02:00
b76e9101d8
Tolerate declarative OpenBao audit setup
2026-05-25 15:14:41 +02:00
3741294b05
Treat sealed OpenBao preflight as expected
2026-05-25 10:49:29 +02:00
8d4faaa408
openbao king credential bootstrapping
2026-05-24 09:25:18 +02:00
a7ffeb8b46
Platform secret setup
2026-05-23 13:59:58 +02:00
980947894e
Added openbao secrets management and phaseout of bitnami for CloudNative PG
2026-05-18 11:53:59 +02:00
