mikkel/pvm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pvm/docs
History
Mikkel Georgsen a22ba48709 Add Zitadel OIDC setup, SMTP config, and security fixes 
- Add setup-zitadel.sh: idempotent script that creates PVM project
  and OIDC app via Zitadel Management API using machine user PAT
- Add machine user + PAT auto-generation to docker-compose via
  FIRSTINSTANCE env vars with bind-mounted machinekey directory
- Add SMTP configuration for email sending (verification, password reset)
- Fix JWT algorithm confusion attack: restrict to RS256/384/512 only
- Add docs/TODO_SECURITY.md tracking review findings
- Update .env.example files with correct local dev URLs
- Add docker/machinekey/ to .gitignore

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 12:34:44 +01:00
..
AUTH_RESEARCH.md Add auth framework research document 2026-02-08 03:24:51 +01:00
TECH_STACK_RESEARCH.md Update tech stack research with finalized decisions 2026-02-08 03:06:53 +01:00
TODO_SECURITY.md Add Zitadel OIDC setup, SMTP config, and security fixes 2026-02-08 12:34:44 +01:00
VISION.md Update README and VISION with finalized tech stack decisions 2026-02-08 03:12:56 +01:00