tvl-depot/ops/keycloak/README.md

Terraform for Keycloak
======================

This contains the Terraform configuration for deploying TVL's Keycloak
instance (which lives at `auth.tvl.fyi`).

Secrets are needed for applying this. The encrypted file
`//ops/secrets/tf-keycloak.age` contains `export` calls which should
be sourced, for example via `direnv`, by users with the appropriate
credentials.

An example `direnv` configuration used by tazjin is this:

```
# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-keycloak.age)
```
feat(ops/secrets): Add tf-keycloak secrets file This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> 2021-12-27 15:17:32 +01:00			`Terraform for Keycloak`
			`======================`

			`This contains the Terraform configuration for deploying TVL's Keycloak`
			instance (which lives at `auth.tvl.fyi`).

			`Secrets are needed for applying this. The encrypted file`
			`//ops/secrets/tf-keycloak.age` contains `export` calls which should
			be sourced, for example via `direnv`, by users with the appropriate
			`credentials.`

			An example `direnv` configuration used by tazjin is this:

			```
			`# //ops/secrets/.envrc`
			`source_up`
			`eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-keycloak.age)`
			```