colin
/
ATLAS
forked from Nixius/authelia
1
0
Fork 0
Code Pull Requests Activity
186 Commits 1 Branch 4 Tags 729 KiB
Commit Graph

11 Commits

Author SHA1 Message Date
Leopere 8b3ba3ab5a
archive legacy auth stack 
Move Authelia and LLDAP artifacts out of the active deployment path so ATLAS ships against the Authentik-backed stack and ss-atlas image only.

Made-with: Cursor
 2026-04-25 15:12:47 -04:00
Leopere 897e1f6b17
bump 2026-03-05 15:36:59 -05:00
Leopere 630bd3d3f4
bump 2026-03-05 15:20:55 -05:00
Leopere e3b9511487
Fix reset URL: use raw .LinkURL, remove Traefik redirect hack 
The replace hacks in email templates were double-prepending
/reset-password/step2 since Authelia already generates the correct
URL. Removed the Traefik redirectregex middleware too since it's
no longer needed.

Made-with: Cursor
 2026-03-04 18:16:56 -05:00
Leopere c613dc0863
Redirect /login?token= -> /login/reset-password/step2?token= via Traefik 
Made-with: Cursor
 2026-03-04 17:59:15 -05:00
Leopere c3f8bd3830
Fix: Authelia priority 10 so /login/* goes to portal, not ss-atlas forward-auth 
Made-with: Cursor
 2026-03-04 17:55:37 -05:00
Leopere 4ac4de9df2
Path-based routing, tiered pricing, customer details, Stripe MCP 
- Path-based routing: bc.a250.ca/login, /dashboard, /activate, etc.
- Tiered pricing: first 10 free (3mo), next 40 $20/yr->$100/mo, 51+ $200/mo
- Success page: instructs to check inbox for password + 2FA setup
- Messaging: LANDING_TAGLINE, LANDING_FEATURES env vars
- Domain validation: required, must resolve via DNS
- Customer details: phone required, sanitized email/phone, stored in LLDAP
- Stripe MCP: .cursor/mcp.json, stripe-setup.sh for products/prices
- Invoice webhook: migrate $20/yr subs to $100/mo on renewal

Made-with: Cursor
 2026-03-04 17:05:42 -05:00
Leopere 7e40fea6f3
Archive customer volumes on expiry, restore on resubscribe 
When a subscription is deleted, all Docker volumes for the customer
stack are tarred to /data/archives/{stackName}/ before the stack is
removed and volumes pruned. On resubscribe or reactivation, volumes
are restored from the archive before deploying the stack.

Made-with: Cursor
 2026-03-03 18:43:14 -05:00
Leopere ab11e62c04
Fix security settings links and enable 2FA for customer stacks 
- Update dashboard buttons to use correct Authelia paths:
  /settings/two-factor-authentication and /settings/security
- Change customer stack ACL from one_factor to two_factor so Authelia
  enables the 2FA registration UI (passkeys, TOTP)

Made-with: Cursor
 2026-03-03 18:26:20 -05:00
Leopere 91c0411b90
Add /resend-reset endpoint so set-password button sends email directly 
The welcome page button was linking to Authelia's reset page which
requires an active login session. Now it POSTs to /resend-reset which
calls the Authelia API server-side and sends the email immediately.
Button text updated from "Reset Password" to "Set Password".

Made-with: Cursor
 2026-03-03 17:30:38 -05:00
Leopere b66dfa053e
Force auth on all customer stacks, migrate to swarm stack.yml 
- Remove public/private toggle — all customer stacks now always deploy
  behind authelia-auth middleware, no exceptions
- Remove ALLOW_CUSTOMER_STACK_AUTH_TOGGLE and CUSTOMER_STACK_REQUIRE_AUTH_DEFAULT
  config, env vars, routes, and UI
- Replace docker-compose.dev.yml + docker-compose.swarm-dev.yml with
  unified stack.yml for swarm deployment
- Various handler, ldap, stripe, swarm, and template additions from
  prior work sessions

Made-with: Cursor
 2026-03-03 15:51:25 -05:00