diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix index 30caa984d..6638f30b3 100644 --- a/ops/modules/monorepo-gerrit.nix +++ b/ops/modules/monorepo-gerrit.nix @@ -94,12 +94,13 @@ in { html = "cl/$1"; }; - # Configures integration with CAS, which then integrates with a variety - # of backends. + # Configures integration with Keycloak, which then integrates with a + # variety of backends. auth.type = "OAUTH"; - plugin.gerrit-oauth-provider-cas-oauth = { - root-url = "https://login.tvl.fyi"; - client-id = "OAUTH-TVL-gerrit-Fv0d8Aizz5"; + plugin.gerrit-oauth-provider-keycloak-oauth = { + root-url = "https://auth.tvl.fyi"; + realm = "TVL"; + client-id = "gerrit"; # client-secret is set in /var/lib/gerrit/etc/secure.config. }; diff --git a/ops/secrets/gerrit-secrets.age b/ops/secrets/gerrit-secrets.age index 077f33f06..02a3c66b5 100644 Binary files a/ops/secrets/gerrit-secrets.age and b/ops/secrets/gerrit-secrets.age differ