full ingestion -> OCR -> extraction flow is now working correctly.

2025-11-26 15:46:59 +00:00
parent fdba81809f
commit db61b05c80
17 changed files with 170 additions and 553 deletions
--- a/infra/authentik/bootstrap.yaml
+++ b/infra/authentik/bootstrap.yaml
@@ -50,6 +50,20 @@ entries:
      groups:
        - !Find [authentik_core.group, [name, "Administrators"]]

+  # --- E2E Test User ---------------------------------------------------------
+  - model: authentik_core.user
+    state: present
+    identifiers:
+      username: e2e_tester
+    attrs:
+      name: "E2E Tester"
+      email: e2e@example.com
+      is_active: true
+      password: "password123"
+      groups:
+        - !Find [authentik_core.group, [name, "Tax Reviewers"]]
+        - !Find [authentik_core.group, [name, "Administrators"]]
+
  # Helper finders

  # ========= OIDC Providers + Applications ==================================
@@ -317,6 +331,37 @@ entries:
      meta_publisher: "AI Tax Agent"
      policy_engine_mode: "any"

+  # --- NATS Monitoring (Proxy Provider for ForwardAuth) --------------------
+  - model: authentik_providers_proxy.proxyprovider
+    state: present
+    identifiers:
+      name: "NATS Monitoring Proxy"
+    attrs:
+      external_host: "https://nats.local.lan"
+      internal_host: "http://apa-nats:8222"
+      authorization_flow:
+        !Find [authentik_flows.flow, [slug, "default-authentication-flow"]]
+      invalidation_flow:
+        !Find [authentik_flows.flow, [slug, "default-invalidation-flow"]]
+      mode: "forward_single"
+      cookie_domain: "local.lan"
+
+  - model: authentik_core.application
+    state: present
+    identifiers:
+      slug: "nats-monitoring"
+    attrs:
+      name: "NATS Monitoring"
+      provider:
+        !Find [
+          authentik_providers_proxy.proxyprovider,
+          [name, "NATS Monitoring Proxy"],
+        ]
+      meta_launch_url: "https://nats.local.lan"
+      meta_description: "NATS Messaging System Monitoring"
+      meta_publisher: "AI Tax Agent"
+      policy_engine_mode: "any"
+
  # --- AI Tax Agent API (Proxy Provider for ForwardAuth) --------------------
  - model: authentik_providers_proxy.proxyprovider
    state: present
@@ -368,3 +413,7 @@ entries:
            authentik_providers_proxy.proxyprovider,
            [name, "AI Tax Agent API Proxy"],
          ]
+        - !Find [
+            authentik_providers_proxy.proxyprovider,
+            [name, "NATS Monitoring Proxy"],
+          ]