feat: add invalidation_flow to the tofu authentik providers

tofu/authentik/main.tf

@@ -33,21 +33,6 @@ resource "authentik_group" "vpn" {
 }
 
 
-module "firezone" {
-  source              = "../modules/authentik-oidc"
-  app_name            = "Firezone"
-  app_slug            = "firezone"
-  client_id           = var.firezone_client_id
-  client_secret       = var.firezone_client_secret
-  app_access_group_id = authentik_group.admins.id
-  redirect_uris       = ["https://fz.fukurokuju.dev/auth/oidc/authentik/callback/"]
-  app_icon            = "https://www.firezone.dev/icon.svg"
-  app_description     = "VPN"
-  app_publisher       = "Firezone"
-  app_url             = "https://fz.fukurokuju.dev"
-  sub_mode            = "hashed_user_id"
-}
-
 module "gitea" {
   source              = "../modules/authentik-oidc"
   app_name            = "Gitea"
@@ -159,5 +144,6 @@ module "netbird" {
   extra_property_mappings = [
     "goauthentik.io/providers/oauth2/scope-authentik_api"
   ]
-  app_icon = "https://vpn.fukurokuju.dev/apple-icon.png"
+  app_icon              = "https://vpn.fukurokuju.dev/apple-icon.png"
+  access_token_validity = "days=10"
 }