From 0706f4e6377a1f75161339164f4f210e99048203 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 Jan 2026 03:33:44 +0000 Subject: [PATCH 1/5] chore(deps): update code.forgejo.org/forgejo-helm/forgejo docker tag to v16 --- k8s/argo-apps/forgejo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/argo-apps/forgejo.yaml b/k8s/argo-apps/forgejo.yaml index 1f49a0c..44b2f4d 100644 --- a/k8s/argo-apps/forgejo.yaml +++ b/k8s/argo-apps/forgejo.yaml @@ -14,7 +14,7 @@ spec: sources: - chart: forgejo repoURL: code.forgejo.org/forgejo-helm - targetRevision: 15.1.0 + targetRevision: 16.0.1 helm: valuesObject: replicaCount: 2 From 1b1dc44b5b69a31290c9312a22133af9d63912e5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 28 Jan 2026 03:33:28 +0000 Subject: [PATCH 2/5] chore(deps): update vaultwarden/server docker tag to v1.35.2 --- docker/vaultwarden/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/vaultwarden/docker-compose.yml b/docker/vaultwarden/docker-compose.yml index 4c2b3dc..bef3334 100644 --- a/docker/vaultwarden/docker-compose.yml +++ b/docker/vaultwarden/docker-compose.yml @@ -1,7 +1,7 @@ --- services: vaultwarden: - image: vaultwarden/server:1.34.3-alpine + image: vaultwarden/server:1.35.2-alpine restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} From 79c399ad0c4764d254db5ef44ea6dc6eda487bec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 Jan 2026 03:25:54 +0000 Subject: [PATCH 3/5] chore(deps): update ghcr.io/lennart-k/rustical docker tag to v0.12.3 --- docker/rustical/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rustical/docker-compose.yml b/docker/rustical/docker-compose.yml index 1b2688e..2818a50 100644 --- a/docker/rustical/docker-compose.yml +++ b/docker/rustical/docker-compose.yml @@ -1,7 +1,7 @@ --- services: rustical: - image: ghcr.io/lennart-k/rustical:0.12.1 + image: ghcr.io/lennart-k/rustical:0.12.3 ports: - '4000:4000' volumes: From b61b882081ac24b2d22424d91004b83e4e34d83e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 Jan 2026 03:27:44 +0000 Subject: [PATCH 4/5] chore(deps): update terraform authentik to v2025.12.0 --- tofu/authentik/.terraform.lock.hcl | 47 ++++++++++++------- tofu/authentik/main.tf | 2 +- .../authentik-ldap/.terraform.lock.hcl | 47 ++++++++++++------- tofu/modules/authentik-ldap/main.tf | 2 +- tofu/modules/authentik-oidc/main.tf | 2 +- tofu/modules/authentik-proxy/main.tf | 2 +- 6 files changed, 64 insertions(+), 38 deletions(-) diff --git a/tofu/authentik/.terraform.lock.hcl b/tofu/authentik/.terraform.lock.hcl index de2d5a9..61e958d 100644 --- a/tofu/authentik/.terraform.lock.hcl +++ b/tofu/authentik/.terraform.lock.hcl @@ -2,23 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.10.1" - constraints = "2025.10.1" + version = "2025.12.0" + constraints = "2025.12.0" hashes = [ - "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", - "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", - "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", - "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", - "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", - "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", - "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", - "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", - "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", - "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", - "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", - "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", - "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", - "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", - "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", + "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", + "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", + "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", + "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", + "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", + "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", + "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", + "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", + "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", + "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", + "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", + "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", + "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", + "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", + "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", + "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", + "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", + "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", + "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", + "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", + "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", + "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", + "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", + "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", + "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", + "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", + "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", + "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", ] } diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 87ebc58..7d43f4f 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-ldap/.terraform.lock.hcl b/tofu/modules/authentik-ldap/.terraform.lock.hcl index de2d5a9..61e958d 100644 --- a/tofu/modules/authentik-ldap/.terraform.lock.hcl +++ b/tofu/modules/authentik-ldap/.terraform.lock.hcl @@ -2,23 +2,36 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/goauthentik/authentik" { - version = "2025.10.1" - constraints = "2025.10.1" + version = "2025.12.0" + constraints = "2025.12.0" hashes = [ - "h1:X0bV1LqI7nu4np+xiGP8yLVfyl6rh/XNXz7QQ7Hsr6g=", - "zh:02ac2478c8901043a0455b8b6b8185e9814786bd802a9aa6d4126d4f56d4735d", - "zh:24d680732a9ea72a86c1e7bf4aa13ab9cc0c60ee4bd4cae8af43670eff88edd9", - "zh:4f415f177671eeea2234eb835479bbb710e811e60864cec6a00ee0e03a412fa3", - "zh:55498caa20504dd52a1870823e15dec6c78948eac2e6ec98e6ec122b5407630b", - "zh:570f9ca7f909bda94b97feab7898ef392e01ae6178d8a9d36aac984d8a433ec1", - "zh:92ac78b97e2d5310ed82233980f941ebecf69ae1f9d03f3e719d8687aa6f4cc7", - "zh:95f852a4e7d22daac86901ebc6b327d5987832b707ad3fd3aeff6c36dd088717", - "zh:98c8659f468a58a9d224b2fca9d5909d39bcabf9e2593e9b4a574dbffb6e2dca", - "zh:a7d1428ec803ae794ebb05d772fa44020827a6b762a5b2da11869fc618ea59cd", - "zh:b1ef054b09fed4282c625a38a4aa6d1276c58e541f4cffcc716aa7d2b773f30a", - "zh:b95e3edeb0da3ee0c0392afa18957cf7d41b2f71ed08a50f4bf38010aaf77d30", - "zh:c3ce9f57889e6bb33f34ee4cc4463a77652b811351bbb25e6fc5ba9dc0c61e14", - "zh:f6d2fe811ad5c242ced99a6b51b2d7f60f060d4bc6837fe1026c2abb7cb6f9a4", - "zh:f78b8e20e7d9f53e1622051c706369a7c6d0f1e37c16df67a214697cd5d0a4fb", + "h1:1WOionGZogRGfcwgsBshgGDDMFWqioq62s/FmpTonI8=", + "h1:7EkbL1fO5vkX5IvlGhKIjWcEPIc7U3zS/x0+rMC+NKE=", + "h1:N65bk3gPCHEJE8c68LCjQ2NMwDKDJlt0+ofnmeNM4FI=", + "h1:S2NDeRAxbfKPGvBqM7WES5znedi0V2AWc5wxkczYDd8=", + "h1:ZmqC2orWU2UItPZJZfsSnBBX7Ds0OEk8EarBtWjuFsc=", + "h1:aofPDDDWm9c87uip8IwKlhGDePNNr6Sy0Q+m9NgOols=", + "h1:f3+jlDlxpgKdCbcB7ac4lVn5pdSMM1e2Qh0AB0RDNsA=", + "h1:jt+Gtla0Z7zN4gCltMg//aDfCoSIdCyFF4ept4Qwc6E=", + "h1:msEjekUeIUKY6lipADjuQpaU1HPrp0MU19R9LpZv5UM=", + "h1:t61WX+9iOOCLlZ8tt/vZP7X8M/Q7F5k6QUyduYtpVf8=", + "h1:tI7fyxvSatX28mp0woFsBbhrnzgeZTZAaitzKThlyAo=", + "h1:wzjwM6RA9Jth4iCN5J9dzxnfjO56ZFl1T5rAQhuU1og=", + "h1:xZZSwrSXnUCPmP9U3EY9fKPmBru58wZozovF2+i//oY=", + "h1:z/+UpU0PH5hae3WEqJO7Lreo0wYO77UuJrimJyV3Mcg=", + "zh:0ce23bd10c1782a3ae9321a572093df2c283df9003fc1cf33f6e63df18a81b7a", + "zh:0de1db5b3363603e6bd25c9c420e24e872bcfe8d43a7015b710a0292ffa7a649", + "zh:1d719e62eb5195a6461cdf2e175960093cdb77b190a7b15eb3fd0e1fc38409e1", + "zh:3adba178a720c90f296183479872a82719f5497b24e90224c044bcc9e29092b7", + "zh:54e5895e61a39b955be26977c273d9581beccf0e22ec58932708472cab40b03b", + "zh:59b8df5b3be8bf9e8a8dcc7b5edf96b0ca505f93fc0db022cc33513172dbc2c8", + "zh:6d86630e353b874ad43d09e3d3541ba4f824c578122a21c7895a452a0534ca05", + "zh:b6c7466446ce685971dee0c7b2dcb16917e3d23805a51d7a2091e475908c8d87", + "zh:ca306de78ea0f99f698548d51b094501e8299340ccc9c6549d1b62fc1fe29456", + "zh:cc6bd38417c0a6c0d7a1c8533007c113155d82d085ea705d955dadf62b2f9f66", + "zh:da657c9db5647620fca377fdc934db6a0f6d05d4cc0dd91a47404850805fd6da", + "zh:dc0b1effedb7a35d1756be915ff8b48d0f422b7a9da75e7f14a2d3efa2d4806f", + "zh:eef8d1715e9cfcb6cbe05dc071390ee91276d12f6fd870bac116af47518f6176", + "zh:f4c0cd2168f59d4fbf4b1fada95a9c973224bbf81975e948f741ad18ef665690", ] } diff --git a/tofu/modules/authentik-ldap/main.tf b/tofu/modules/authentik-ldap/main.tf index 19cf5a6..86d1806 100644 --- a/tofu/modules/authentik-ldap/main.tf +++ b/tofu/modules/authentik-ldap/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-oidc/main.tf b/tofu/modules/authentik-oidc/main.tf index d78086a..3ca69a3 100644 --- a/tofu/modules/authentik-oidc/main.tf +++ b/tofu/modules/authentik-oidc/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } diff --git a/tofu/modules/authentik-proxy/main.tf b/tofu/modules/authentik-proxy/main.tf index 49179aa..288bd61 100644 --- a/tofu/modules/authentik-proxy/main.tf +++ b/tofu/modules/authentik-proxy/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { authentik = { source = "goauthentik/authentik" - version = "2025.10.1" + version = "2025.12.0" } } } From 1ce70d911f4d7d9a9eb46e179a0681934b91e272 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 28 Jan 2026 10:17:13 +0100 Subject: [PATCH 5/5] feat: add ganymede --- docker/ganymede/docker-compose.yml | 48 ++++++++++++++++++++++++++++++ docker/ganymede/sample.env | 27 +++++++++++++++++ tofu/authentik/main.tf | 23 ++++++++++++++ tofu/authentik/sample.env | 2 ++ tofu/authentik/vars.tf | 10 +++++++ 5 files changed, 110 insertions(+) create mode 100644 docker/ganymede/docker-compose.yml create mode 100644 docker/ganymede/sample.env diff --git a/docker/ganymede/docker-compose.yml b/docker/ganymede/docker-compose.yml new file mode 100644 index 0000000..7ba5213 --- /dev/null +++ b/docker/ganymede/docker-compose.yml @@ -0,0 +1,48 @@ +--- +services: + ganymede: + container_name: ganymede + image: ghcr.io/zibbp/ganymede:4.11.3 + restart: unless-stopped + environment: + DEBUG: ${GANYMEDE_DEBUG:-false} + TZ: ${GANYMEDE_TZ:-Europe/Madrid} + VIDEOS_DIR: ${GANYMEDE_VIDEOS_DIR:-/data/videos} + TEMP_DIR: ${GANYMEDE_TEMP_DIR:-/data/temp} + LOGS_DIR: ${GANYMEDE_LOGS_DIR:-/data/logs} + CONFIG_DIR: ${GANYMEDE_CONFIG_DIR:-/data/config} + DB_HOST: ${GANYMEDE_DB_HOST:-192.168.1.3} + DB_PORT: ${GANYMEDE_DB_PORT:-5432} + DB_USER: ${GANYMEDE_DB_USER:-ganymede} + DB_PASS: ${GANYMEDE_DB_PASS} + DB_NAME: ${GANYMEDE_DB_NAME:-ganymede} + DB_SSL: ${GANYMEDE_DB_SSL:-disable} + TWITCH_CLIENT_ID: ${GANYMEDE_TWITCH_CLIENT_ID} + TWITCH_CLIENT_SECRET: ${GANYMEDE_TWITCH_CLIENT_SECRET} + MAX_CHAT_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS:-3} + MAX_CHAT_RENDER_EXECUTIONS: ${GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS:-2} + MAX_VIDEO_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS:-2} + MAX_VIDEO_CONVERT_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS:-3} + MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS:-2} + OAUTH_ENABLED: ${GANYMEDE_OAUTH_ENABLED:-true} + OAUTH_PROVIDER_URL: ${GANYMEDE_OAUTH_PROVIDER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/} + OAUTH_CLIENT_ID: ${GANYMEDE_OAUTH_CLIENT_ID} + OAUTH_CLIENT_SECRET: ${GANYMEDE_OAUTH_CLIENT_SECRET} + OAUTH_REDIRECT_URL: ${GANYMEDE_OAUTH_REDIRECT_URL:-https://vods.roboces.dev/api/v1/auth/oauth/callback} + SHOW_SSO_LOGIN_BUTTON: ${GANYMEDE_SHOW_SSO_LOGIN_BUTTON:-true} + FORCE_SSO_AUTH: ${GANYMEDE_FORCE_SSO_AUTH:-true} + REQUIRE_LOGIN: ${GANYMEDE_REQUIRE_LOGIN:-true} + volumes: + - ${GANYMEDE_VIDEOS:-/mnt/vods/ganymede/videos}:/data/videos + - ${GANYMEDE_TEMP:-/mnt/vods/ganymede/temp}:/data/temp + - ${GANYMEDE_CACHE:-/mnt/vods/ganymede/cache}:/data/.cache + - ${GANYMEDE_LOGS:-/mnt/vods/ganymede/logs}:/data/logs + - ${GANYMEDE_CONFIG:-/mnt/vods/ganymede/config}:/data/config + ports: + - "4800:4000" + healthcheck: + test: curl --fail http://localhost:4000/health || exit 1 + interval: 60s + retries: 5 + start_period: 60s + timeout: 10s diff --git a/docker/ganymede/sample.env b/docker/ganymede/sample.env new file mode 100644 index 0000000..5b2205b --- /dev/null +++ b/docker/ganymede/sample.env @@ -0,0 +1,27 @@ +GANYMEDE_DEBUG=false +GANYMEDE_TZ=Europe/Madrid +GANYMEDE_VIDEOS_DIR=/data/videos +GANYMEDE_TEMP_DIR=/data/temp +GANYMEDE_LOGS_DIR=/data/logs +GANYMEDE_CONFIG_DIR=/data/config +GANYMEDE_DB_HOST=192.168.1.3 +GANYMEDE_DB_PORT=5432 +GANYMEDE_DB_USER=ganymede +GANYMEDE_DB_PASS= +GANYMEDE_DB_NAME=ganymede +GANYMEDE_DB_SSL=disable +GANYMEDE_TWITCH_CLIENT_ID= +GANYMEDE_TWITCH_CLIENT_SECRET= +GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS=3 +GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS=2 +GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS=2 +GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS=3 +GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS=2 +GANYMEDE_OAUTH_ENABLED=true +GANYMEDE_OAUTH_PROVIDER_URL=https://auth.fukurokuju.dev/application/o/ganymede/ +GANYMEDE_OAUTH_CLIENT_ID= +GANYMEDE_OAUTH_CLIENT_SECRET= +GANYMEDE_OAUTH_REDIRECT_URL=https://vods.roboces.dev/api/v1/auth/oauth/callback +GANYMEDE_SHOW_SSO_LOGIN_BUTTON=true +GANYMEDE_FORCE_SSO_AUTH=false +GANYMEDE_REQUIRE_LOGIN=false diff --git a/tofu/authentik/main.tf b/tofu/authentik/main.tf index 7d43f4f..42c0582 100644 --- a/tofu/authentik/main.tf +++ b/tofu/authentik/main.tf @@ -22,6 +22,11 @@ resource "authentik_group" "ci" { users = [data.authentik_user.catalin.id] } +resource "authentik_group" "vods" { + name = "vods" + users = [data.authentik_user.catalin.id] +} + resource "authentik_group" "admins" { name = "authentik Admins" is_superuser = true @@ -204,6 +209,8 @@ module "rustical" { source = "../modules/authentik-oidc" app_name = "rustical" app_slug = "rustical" + app_url = "https://cal.roboces.dev" + app_icon = "https://cal.roboces.dev/favicon.ico" client_id = var.rustical_client_id client_secret = var.rustical_client_secret redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] @@ -216,6 +223,8 @@ module "jellyfin" { app_slug = "jellyfin" base_dn = "DC=ldap,DC=fukurokuju,DC=dev" name = "jellyfin" + app_url = "https://jelly.roboces.dev" + app_icon = "https://jelly.roboces.dev/favicon.ico" app_access_group_id = authentik_group.arrs.id } @@ -224,7 +233,21 @@ module "tandoor" { app_name = "Tandoor" app_slug = "tandoor" app_access_group_id = "" + app_url = "https://recipes.roboces.dev" redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] + app_icon = "https://recipes.roboces.dev/favicon.icon" client_id = var.tandoor_client_id client_secret = var.tandoor_client_secret } + +module "ganymede" { + source = "../modules/authentik-oidc" + app_name = "Ganymede" + app_slug = "ganymede" + redirect_uris = [{ matching_mode = "strict", url = "https://vods.roboces.dev/api/v1/auth/oauth/callback" }] + client_id = var.ganymede_client_id + client_secret = var.ganymede_client_secret + app_url = "https://vods.roboces.dev" + app_icon = "https://vods.roboces.dev/favicon.ico" + app_access_group_id = authentik_group.vods.id +} diff --git a/tofu/authentik/sample.env b/tofu/authentik/sample.env index 3887146..d7e4361 100644 --- a/tofu/authentik/sample.env +++ b/tofu/authentik/sample.env @@ -14,3 +14,5 @@ TF_VAR_rustical_client_id= TF_VAR_rustical_client_secret= TF_VAR_tandoor_client_id= TF_VAR_tandoor_client_secret= +TF_VAR_ganymede_client_id= +TF_VAR_ganymede_client_secret= diff --git a/tofu/authentik/vars.tf b/tofu/authentik/vars.tf index 30ec835..f85bfe7 100644 --- a/tofu/authentik/vars.tf +++ b/tofu/authentik/vars.tf @@ -68,3 +68,13 @@ variable "tandoor_client_secret" { description = "Tandoor client secret" type = string } + +variable "ganymede_client_id" { + description = "Ganymede client ID" + type = string +} + +variable "ganymede_client_secret" { + description = "Ganymede client secret" + type = string +}