Bring some Keycloak config into TF

main.tf

@@ -126,6 +126,30 @@ resource "keycloak_user_groups" "initial_user_in_admin_group" {
   ]
 }
 
+resource "keycloak_openid_client_scope" "openid_client_scope" {
+  realm_id               = keycloak_realm.realm.id
+  name                   = "groups"
+  description            = "When requested, this scope will map a user's group memberships to a claim"
+  include_in_token_scope = true
+  gui_order              = 1
+}
+
+resource "keycloak_openid_client" "proxmox_client" {
+  realm_id            = keycloak_realm.realm.id
+  client_id           = "dc-proxmox1"
+
+  enabled             = true
+
+  access_type         = "CONFIDENTIAL"
+  standard_flow_enabled = true
+  implicit_flow_enabled = true
+  client_secret = var.keycloak_proxmox_secret
+  valid_redirect_uris = [
+    "https://172.29.7.12:8006",
+    "https://172.29.7.15:8006"
+  ]
+}
+
 resource "keycloak_openid_client" "gitea_client" {
   realm_id            = keycloak_realm.realm.id
   client_id           = "gitea"