Merge pull request 'argocd: add telegram-gateway application' (#6 ) from feat/homelab-gateway-app into main

Reviewed-on: #6
argocd: rename homelab-gateway → telegram-gateway
2026-05-09 12:41:49 +02:00 · 2026-05-09 12:35:37 +02:00 · 2026-05-09 12:25:30 +02:00 · 2026-05-06 15:03:33 +02:00 · 2026-05-06 14:48:05 +02:00
2 changed files with 11 additions and 0 deletions
--- a/ansible/arcodange/factory/playbooks/tools/roles/hashicorp_vault/tasks/gitea_oidc_auth.yml
+++ b/ansible/arcodange/factory/playbooks/tools/roles/hashicorp_vault/tasks/gitea_oidc_auth.yml
@@ -36,6 +36,11 @@
 # WARNING : this disables AND wipes ALL gitea_cicd_* per-app JWT roles
 # (created by tools/hashicorp-vault/iac/) every time it runs. Default is OFF
 # to preserve those roles across normal ansible runs ; opt-in only when you
 # really want to rebuild the OIDC backend from scratch (e.g. config drift on
 # bound_issuer or similar).
 - name: Delete existing Gitea OIDC backends if they exist
  include_tasks: vault_cmd.yml
  vars:
@@ -48,6 +53,7 @@
    - gitea_jwt
  loop_control:
    loop_var: backend_name
  when: vault_oidc_force_reset | default(false) | bool
 - name: use tofu to provision vault
  block:
--- a/argocd/values.yaml
+++ b/argocd/values.yaml
@@ -14,6 +14,11 @@ gitea_applications:
    annotations:
      argocd-image-updater.argoproj.io/image-list: webapp=gitea.arcodange.lab/arcodange-org/webapp:latest
      argocd-image-updater.argoproj.io/webapp.update-strategy: digest
  telegram-gateway:
    org: arcodange
    annotations:
      argocd-image-updater.argoproj.io/image-list: telegram-gateway=gitea.arcodange.lab/arcodange/telegram-gateway:latest
      argocd-image-updater.argoproj.io/telegram-gateway.update-strategy: digest
  erp:
    annotations: {}
  cms:
Author	SHA1	Message	Date
arcodange	4163b06659	Merge pull request 'argocd: add telegram-gateway application' (#6 ) from feat/homelab-gateway-app into main Reviewed-on: #6	2026-05-09 12:41:49 +02:00
Gabriel Radureau	3fb7544351	argocd: rename homelab-gateway → telegram-gateway Aligns with the upstream repo rename (arcodange/homelab-gateway → arcodange/telegram-gateway) so the name matches the public URL tg.arcodange.fr and Arcodange's naming conventions.	2026-05-09 12:35:37 +02:00
Gabriel Radureau	5038956332	argocd: add homelab-gateway application Adds the homelab-gateway Argo CD Application pointing at arcodange/homelab-gateway (user space, like dance-lessons-coach). Image Updater watches gitea.arcodange.lab/arcodange/homelab-gateway:latest with digest strategy. Phase 1 of the Telegram webhook gateway — a long-running pod that receives webhooks (no more polling) and routes per-bot to handler implementations. Initial bot: @arcodange_factory_bot, slug=factory, echo handler.	2026-05-09 12:25:30 +02:00
Gabriel Radureau	6ede249da9	🔒 fix(ansible): gate vault auth disable behind vault_oidc_force_reset (default off) (#5 ) Co-authored-by: Gabriel Radureau <arcodange@gmail.com> Co-committed-by: Gabriel Radureau <arcodange@gmail.com>	2026-05-06 15:03:33 +02:00
Gabriel Radureau	9e821e1626	♻️ refactor(ansible): move gitea secret user-propagation list to inventory (#4 ) Co-authored-by: Gabriel Radureau <arcodange@gmail.com> Co-committed-by: Gabriel Radureau <arcodange@gmail.com>	2026-05-06 14:48:05 +02:00