Keycloak database has got messed up -> Keycloak has got messed up -> Keycloak provider can't initialize until Keycloak is running.

2023-10-17 08:21:17 +01:00 · 2023-10-17 08:21:17 +01:00 · e78595e85f
parent 27d1b8434b
commit e78595e85f
2 changed files with 61 additions and 1 deletions
--- a/main.tf
+++ b/main.tf
@ -16,6 +16,10 @@ terraform {
      source = "telmate/proxmox"
      version = "~> 2.9.8"
    }
+    guacamole = {
+      source = "techBeck03/guacamole"
+      version = "~> 1.4.1"
+    }
  }
  backend "kubernetes" {
    secret_suffix    = "tfstate"
@ -40,6 +44,14 @@ provider "keycloak" {
  url = "https://keycloak.${var.domain_suffix}"
 }

+provider "guacamole" {
+  url = "https://guac.${var.domain_suffix}/"
+  # token = var.guacamole_token
+  # data_source = var.guacamole_datasource
+  username = "guacadmin"
+  password = "guacadmin"
+}
+
 provider "proxmox" {
  pm_api_url = var.proxmox_api_url
  pm_api_token_id = var.proxmox_token_id
@ -72,6 +84,8 @@ resource "helm_release" "keycloak" {
      auth:
        password: ${var.postgres_password}
    proxy: edge
+    metrics:
+      enabled: true
    EOT
  ]
 }
@ -83,6 +97,35 @@ resource "keycloak_realm" "realm" {
  default_signature_algorithm = "RS256"
 }

+resource "keycloak_user" "initial_keycloak_user" {
+  realm_id   = keycloak_realm.realm.id
+  username   = var.keycloak_user.username
+  enabled    = true
+
+  email      = var.keycloak_user.email
+  first_name = var.keycloak_user.firstname
+  last_name  = var.keycloak_user.lastname
+
+  initial_password {
+    value     = var.keycloak_user.password
+    temporary = false
+  }
+}
+
+resource "keycloak_group" "admin_group" {
+  realm_id   = keycloak_realm.realm.id
+  name = "Admins"
+}
+
+resource "keycloak_user_groups" "initial_user_in_admin_group" {
+  exhaustive = false
+  realm_id = keycloak_realm.realm.id
+  user_id = keycloak_user.initial_keycloak_user.id
+  group_ids = [
+    keycloak_group.admin_group.id
+  ]
+}
+
 resource "keycloak_openid_client" "gitea_client" {
  realm_id            = keycloak_realm.realm.id
  client_id           = "gitea"
@ -540,3 +583,20 @@ resource "proxmox_vm_qemu" "vyos_router" {
  ${var.ssh_key}
  EOF
 }
+
+resource "guacamole_connection_group" "routers" {
+  parent_identifier = "ROOT"
+  name = "Routers"
+  type = "organizational"
+}
+
+resource "guacamole_connection_ssh" "vyos_vms" {
+  for_each = { for x in proxmox_vm_qemu.vyos_router: x.name => x }
+  name = each.value.name
+  parent_identifier = guacamole_connection_group.routers.identifier
+  parameters {
+    hostname = each.value.default_ipv4_address
+    username = "vyos"
+    private_key = var.ssh_private_key
+  }
+}
--- a/vars.tf
+++ b/vars.tf
@ -55,7 +55,7 @@ variable "proxmox_api_url" {
 }

 variable "guacamole_datasource" {
-  default = "mysql"
+  default = "postgresql"
 }

 variable "guac_namespace" {