56 lines
No EOL
1.6 KiB
HCL
56 lines
No EOL
1.6 KiB
HCL
terraform {
|
|
backend "s3" {
|
|
bucket = "fuku-terraform"
|
|
key = "authentik/terraform"
|
|
region = "us-east-1"
|
|
}
|
|
required_providers {
|
|
authentik = {
|
|
source = "goauthentik/authentik"
|
|
version = "2024.2.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
data "authentik_user" "catalin" {
|
|
username = "catalin"
|
|
}
|
|
|
|
resource "authentik_group" "ci" {
|
|
name = "ci"
|
|
users = [data.authentik_user.catalin.id]
|
|
}
|
|
|
|
resource "authentik_group" "admins" {
|
|
name = "authentik Admins"
|
|
is_superuser = true
|
|
}
|
|
|
|
module "argo-workflows" {
|
|
source = "../modules/authentik"
|
|
app_name = "Argo Workflows"
|
|
app_slug = "argo-workflows"
|
|
client_id = var.argo_workflows_client_id
|
|
client_secret = var.argo_workflows_client_secret
|
|
app_access_group_id = authentik_group.ci.id
|
|
redirect_uris = ["https://ci.fuku/oauth2/callback"]
|
|
app_icon = "https://argoproj.github.io/icons/icon-512x512.png"
|
|
app_description = "Kubernetes-native workflow engine supporting DAG and step-based workflows"
|
|
app_publisher = "Argo Project"
|
|
app_url = "https://ci.fuku"
|
|
}
|
|
|
|
module "firezone" {
|
|
source = "../modules/authentik"
|
|
app_name = "Firezone"
|
|
app_slug = "firezone"
|
|
client_id = var.firezone_client_id
|
|
client_secret = var.firezone_client_secret
|
|
app_access_group_id = authentik_group.admins.id
|
|
redirect_uris = ["https://fz.fukurokuju.dev/auth/oidc/authentik/callback/"]
|
|
app_icon = "https://www.firezone.dev/icon.svg"
|
|
app_description = "VPN"
|
|
app_publisher = "Firezone"
|
|
app_url = "https://fz.fukurokuju.dev"
|
|
sub_mode = "hashed_user_id"
|
|
} |