9 docs tagged with "identity"

High level overview of the dual ZITADEL identity providers, why this pattern exists, and how to navigate the identity runbooks.

High-level architecture for the dual-IdP ZITADEL setup, showing how public and internal identity, GitOps repos, databases, trust and apps fit together, with links to the detailed identity runbooks.

Backup and restore strategy for the internal ZITADEL instance in the identity-internal namespace, including PostgreSQL dumps to NAS and disaster recovery.

Use the ZITADEL console for the internal IdP to complete initial admin setup, configure SMTP, connect NAS LDAP, and define Kubernetes-related projects, roles and applications.

Deploy the internal ZITADEL identity provider into the cluster with FluxCD (namespace, Postgres, HelmRelease, ingress) as the foundation for LDAP, OIDC, and SSO runbooks.

Configure the QNAP NAS LDAP server as an LDAPS identity provider for the internal ZITADEL instance, including schema assumptions, TLS trust via trust-manager and Gatekeeper, console settings, and troubleshooting.

Configure the Kubernetes API server, RBAC bindings, and all related ZITADEL console configuration so the internal instance acts as an OIDC identity provider for the cluster.

Secrets layout, wildcard TLS trust, and SMTP configuration approach for the internal ZITADEL instance at auth.reids.net.au.

Protect Kubernetes Dashboard with OAuth2 Proxy using the internal ZITADEL instance, with secrets stored in Git via SOPS and deployed by FluxCD.