e616f978d0
This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
18 lines
573 B
Markdown
18 lines
573 B
Markdown
Terraform for Keycloak
|
|
======================
|
|
|
|
This contains the Terraform configuration for deploying TVL's Keycloak
|
|
instance (which lives at `auth.tvl.fyi`).
|
|
|
|
Secrets are needed for applying this. The encrypted file
|
|
`//ops/secrets/tf-keycloak.age` contains `export` calls which should
|
|
be sourced, for example via `direnv`, by users with the appropriate
|
|
credentials.
|
|
|
|
An example `direnv` configuration used by tazjin is this:
|
|
|
|
```
|
|
# //ops/secrets/.envrc
|
|
source_up
|
|
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-keycloak.age)
|
|
```
|