tvl-depot/ops/keycloak/main.tf

# Configure TVL Keycloak instance.
#
# TODO(tazjin): Configure GitHub/GitLab IDP

terraform {
  required_providers {
    keycloak = {
      source = "mrparkers/keycloak"
    }
  }

  backend "s3" {
    endpoint = "https://objects.dc-sto1.glesys.net"
    bucket   = "tvl-state"
    key      = "terraform/tvl-keycloak"
    region   = "glesys"

    skip_credentials_validation = true
    skip_region_validation      = true
    skip_metadata_api_check     = true
  }
}

provider "keycloak" {
  client_id = "terraform"
  url       = "https://auth.tvl.fyi"
}

resource "keycloak_realm" "tvl" {
  realm                       = "TVL"
  enabled                     = true
  display_name                = "The Virus Lounge"
  default_signature_algorithm = "RS256"
}
feat(ops/keycloak): Check in initial Keycloak configuration This is still missing most of the client configuration etc., in part due to bugs in the provider which are preventing resource imports. Change-Id: Ic224ffc001f8e1fe6dcd47b7d002580fdf7b0774 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4628 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de> 2021-12-26 01:08:03 +01:00			`# Configure TVL Keycloak instance.`
			`#`
			`# TODO(tazjin): Configure GitHub/GitLab IDP`

			`terraform {`
			`required_providers {`
			`keycloak = {`
			`source = "mrparkers/keycloak"`
			`}`
			`}`
fix(ops/keycloak): Move Terraform state to GleSYS bucket This should never sit around locally the way it does now. Change-Id: Icfbdaf1949d6d948a796a0759282ea6144af3621 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4709 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> 2021-12-27 15:23:59 +01:00
			`backend "s3" {`
			`endpoint = "https://objects.dc-sto1.glesys.net"`
			`bucket = "tvl-state"`
			`key = "terraform/tvl-keycloak"`
			`region = "glesys"`

			`skip_credentials_validation = true`
			`skip_region_validation = true`
			`skip_metadata_api_check = true`
			`}`
feat(ops/keycloak): Check in initial Keycloak configuration This is still missing most of the client configuration etc., in part due to bugs in the provider which are preventing resource imports. Change-Id: Ic224ffc001f8e1fe6dcd47b7d002580fdf7b0774 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4628 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de> 2021-12-26 01:08:03 +01:00			`}`

			`provider "keycloak" {`
			`client_id = "terraform"`
			`url = "https://auth.tvl.fyi"`
			`}`

			`resource "keycloak_realm" "tvl" {`
			`realm = "TVL"`
			`enabled = true`
			`display_name = "The Virus Lounge"`
			`default_signature_algorithm = "RS256"`
			`}`