dan
/
dans_cloud_terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Keycloak auth for Gitea

zot
Dan Ankers 2023-09-29 07:38:13 +01:00
parent 0d24629a93
commit 02c70140d0
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
main.tf
View File

@ -88,6 +88,31 @@ resource "helm_release" "gitea" {
name = "global.storageClass" name = "global.storageClass"
value = var.storageclass value = var.storageclass
} }
set {
name = "gitea.oauth[0].name"
value = "md1clv.im"
}
set {
name = "gitea.oauth[0].provider"
value = "openidConnect"
}
set {
name = "gitea.oauth[0].key"
value = "gitea"
}
set {
name = "gitea.oauth[0].secret"
value = var.keycloak_gitea_secret
}
set {
name = "gitea.oauth[0].autoDiscoverUrl"
value = "https://keycloak.${var.domain_suffix}/realms/${var.keycloak_realm}/.well-known/openid-configuration"
}
} }
resource "helm_release" "keycloak" { resource "helm_release" "keycloak" {
@ -158,7 +183,8 @@ resource "keycloak_openid_client" "gitea_client" {
access_type = "CONFIDENTIAL" access_type = "CONFIDENTIAL"
standard_flow_enabled = true standard_flow_enabled = true
implicit_flow_enabled = true implicit_flow_enabled = true
client_secret = var.keycloak_gitea_secret
valid_redirect_uris = [ valid_redirect_uris = [
"https://gitea.${var.domain_suffix}/*" "https://git.${var.domain_suffix}/*"
] ]
} }