feat: add tandoor

2026-01-26 19:37:42 +01:00 · 2026-01-26 19:37:42 +01:00 · d0b57297ea
commit d0b57297ea
parent 0764181b90
5 changed files with 49 additions and 42 deletions
--- a/tofu/authentik/main.tf
+++ b/tofu/authentik/main.tf
@ -199,36 +199,6 @@ module "sftpgo" {
  sub_mode              = "user_username"
 }

-module "netbird" {
-  source              = "../modules/authentik-oidc"
-  app_name            = "netbird"
-  app_slug            = "netbird"
-  client_id           = var.netbird_client_id
-  client_type         = "public"
-  app_access_group_id = authentik_group.vpn.id
-  redirect_uris = [
-    {
-      matching_mode = "strict",
-      url           = "https://vpn.fukurokuju.dev",
-    },
-    {
-      matching_mode = "regex",
-      url           = "https://vpn.fukurokuju.dev.*",
-    },
-    {
-      matching_mode = "strict",
-      url           = "http://localhost:53000"
-    },
-
-  ]
-  sub_mode = "user_id"
-  extra_property_mappings = [
-    "goauthentik.io/providers/oauth2/scope-authentik_api"
-  ]
-  app_icon              = "https://vpn.fukurokuju.dev/apple-icon.png"
-  access_token_validity = "days=10"
-  client_secret         = ""
-}

 module "rustical" {
  source              = "../modules/authentik-oidc"
@ -248,3 +218,13 @@ module "jellyfin" {
  name                = "jellyfin"
  app_access_group_id = authentik_group.arrs.id
 }
+
+module "tandoor" {
+  source              = "../modules/authentik-oidc"
+  app_name            = "Tandoor"
+  app_slug            = "tandoor"
+  app_access_group_id = ""
+  redirect_uris       = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }]
+  client_id           = var.tandoor_client_id
+  client_secret       = var.tandoor_client_secret
+}
--- a/tofu/authentik/sample.env
+++ b/tofu/authentik/sample.env
@ -10,6 +10,7 @@ TF_VAR_paperless_client_id=
 TF_VAR_paperless_client_secret=
 TF_VAR_sftpgo_client_id=
 TF_VAR_sftpgo_client_secret=
-TF_VAR_netbird_client_id=
 TF_VAR_rustical_client_id=
 TF_VAR_rustical_client_secret=
+TF_VAR_tandoor_client_id=
+TF_VAR_tandoor_client_secret=
--- a/tofu/authentik/vars.tf
+++ b/tofu/authentik/vars.tf
@ -39,12 +39,6 @@ variable "paperless_client_secret" {
  type        = string
 }

-variable "netbird_client_id" {
-  description = "Netbird client ID"
-  type        = string
-}
-
-
 variable "sftpgo_client_id" {
  description = "SFTPGo client ID"
  type        = string
@ -61,16 +55,16 @@ variable "rustical_client_id" {
 }

 variable "rustical_client_secret" {
-  description = "Rustical client secret"
+  description = "Tandoor client secret"
  type        = string
 }

-variable "mediamanager_client_id" {
-  description = "MediaManager client ID"
+variable "tandoor_client_id" {
+  description = "Tandoor client ID"
  type        = string
 }

-variable "mediamanager_client_secret" {
-  description = "MediaManager client secret"
+variable "tandoor_client_secret" {
+  description = "Tandoor client secret"
  type        = string
 }