Keycloak auth for Gitea

2023-09-29 07:38:13 +01:00 · 2023-09-29 07:38:13 +01:00 · 02c70140d0
parent 0d24629a93
commit 02c70140d0
1 changed files with 27 additions and 1 deletions
--- a/main.tf
+++ b/main.tf
@ -88,6 +88,31 @@ resource "helm_release" "gitea" {
    name = "global.storageClass"
    value = var.storageclass
  }
+
+  set {
+    name = "gitea.oauth[0].name"
+    value = "md1clv.im"
+  }
+
+  set {
+    name = "gitea.oauth[0].provider"
+    value = "openidConnect"
+  }
+
+  set {
+    name = "gitea.oauth[0].key"
+    value = "gitea"
+  }
+
+  set {
+    name = "gitea.oauth[0].secret"
+    value = var.keycloak_gitea_secret
+  }
+
+  set {
+    name = "gitea.oauth[0].autoDiscoverUrl"
+    value = "https://keycloak.${var.domain_suffix}/realms/${var.keycloak_realm}/.well-known/openid-configuration"
+  }
 }

 resource "helm_release" "keycloak" {
@ -158,7 +183,8 @@ resource "keycloak_openid_client" "gitea_client" {
  access_type         = "CONFIDENTIAL"
  standard_flow_enabled = true
  implicit_flow_enabled = true
+  client_secret = var.keycloak_gitea_secret
  valid_redirect_uris = [
-    "https://gitea.${var.domain_suffix}/*"
+    "https://git.${var.domain_suffix}/*"
  ]
 }