mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/ops/keycloak/README.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

19 lines
574 B
Markdown
Raw Normal View History

feat(ops/secrets): Add tf-keycloak secrets file This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 15:17:32 +01:00
Terraform for Keycloak
======================
This contains the Terraform configuration for deploying TVL's Keycloak
instance (which lives at `auth.tvl.fyi`).
Secrets are needed for applying this. The encrypted file
`//ops/secrets/tf-keycloak.age` contains `export` calls which should
be sourced, for example via `direnv`, by users with the appropriate
credentials.
An example `direnv` configuration used by tazjin is this:
```
docs(ops/buildkite): Add documentation about this config Change-Id: Ia61b15127c67cdd9dddcab9f3540f1aee949cd6b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5839 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-04 01:08:51 +02:00
# //ops/keycloak/.envrc
feat(ops/secrets): Add tf-keycloak secrets file This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 15:17:32 +01:00
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-keycloak.age)
```
Reference in a new issue Copy permalink