Verified Commit 1160eb68 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Add gluebuddy client

The gluebuddy client is required for gluebuddy to retrieve users and
groups membership without being able to change other keycloak data. The
realm-management roles cannot be assigned yet via keycloak as it does
not know about the roles and realm-management client.
parent 6ce40bb2
$ANSIBLE_VAULT;1.1;AES256
64326337646461313665316164323764313937643638663430643162313233653132366535303462
3932656466316661353738313135373866663631333061650a613566316364393730653965393361
64623737363334636163383137376230663630373236393935313633346363633636616161383462
6235616162613134330a613231353965663539396636303235323438346663653466376339306638
61353864633933363361636234313634323231356163383364616161623734636332626233666164
61633930373263653038383866396431636138633963346133383266306132373339323135373362
61383065303036336235316564336438393432656631333063363333663066316565323736343539
33343731333566323530346466383333613561333034383131366138623437663030336466383231
31363539323964363565663537623036396130313938646662323265386234623735363666636562
34646130363336643032313533343537646365633530323536643765633135393331333339306466
65643637633038376364333566393233343262323232373538393238653332366330656537373638
62343564383833376162316365666230636234623161313036636462353031303936373332633839
39366436386438383162653637343937326561303465376138633634636161643535373233396461
64373236633834333565623830393339353539623163353463386364613862333039663364636235
37626666636335366330376331613430356165376539623136613435653563633534613561373830
64373038336238343131393839623830656232373634376430633164626564353435613036326631
32393734633635326132326233353636623664656137643239363630613833353431333765616665
33303538323266313335353865666237366436323665646439326162373962376430393033326363
65613732353266376662383730666566343563386131313362303664326237393832363732353938
33303635646530643062393432383266666435363566633365363061623966636535643864363337
31646637646265353532383439313439353434653135616462636530613737393632623533383364
32326238366436623664306330616635623065396466643262346461386464393133313162353766
32383435353535316630316462303734303062366264633735646664656363656465313562653761
30396261373236623065
62343335616439626161633361343633383666333134313630363932323763613665343634386137
6531633464623036323636653265633232393630396563660a336531663265663133393439616439
66316235653434623534383132356335363730666434646630383137356234383739626630343164
3466613664373461340a333961663035313331323362613231643439396338376432326662313437
35653464356462323831306533353934663364313235343330353066643965666434636239646464
38613462653933313035373030313735663733396237653161353130646563643462626239613538
33393731346535373661313265313839633665303135343433656466356438316532633061626332
38623731333837383432366330393134333166316130313465313135386431323631306636666666
37326363636265303265613462303061326265653562353030386661316138383135343139373939
36306132313430383939633631323365623239643330306463343362613764366436356564316233
32616563313664363334316231326166643164633930633632333634646264383464316230343434
37303966653337366563383064336265663563376165646461306533346564306534353162366433
39303563393261376139386634633935336463333361353162353963323735643930336464393334
36333831613465383332633732646239666430623433373639623938656364623461626137663333
35656463343634353530373231373236313865313733633862306463656131623530616663386465
32376263326431616635663730313861663536616163323835616462326235336337373934323839
30643130306336313536323431366239393735346638636366356230326334336566613638623166
62343634343032383465303461663139356162346366626135363663613032636532313937373037
66663835646435356633306531623835386539623835353162616666616239626366643761303632
62313561393062356566353730303566303632303631643837646439383465303634346438616234
36636333656237316664306262373136376566366236306135316232366465643436313738616466
63646438313832663330653235663765396332323166356431623865623366623831306262326430
63663038616462343836396563363032646661343234653435643637306538643163646563396232
30383564396132613163643438383564393934653763663534326334613763353863373633393163
32333338303830326561343636613839313362303132613937303336383865396239333634373535
62643835353334623738353535373462393836396461663066613738363764336364663664353939
38303631303333306538333338383134343064303833353738626138653632623536316232373762
30626363313133386665
......@@ -10,6 +10,7 @@ data "external" "vault_keycloak" {
"vault_keycloak_admin_password",
"vault_keycloak_smtp_user",
"vault_keycloak_smtp_password",
"vault_keycloak_gluebuddy_openid_client_secret",
"--format", "json"]
}
......@@ -835,3 +836,21 @@ resource "keycloak_openid_user_realm_role_protocol_mapper" "matrix_user_realm_ro
add_to_id_token = true
add_to_access_token = false
}
resource "keycloak_openid_client" "gluebuddy_openid_client" {
realm_id = "archlinux"
client_id = "gluebuddy"
client_secret = data.external.vault_keycloak.result.vault_keycloak_gluebuddy_openid_client_secret
web_origins = []
name = "Gluebuddy"
enabled = true
service_accounts_enabled = true
access_type = "CONFIDENTIAL"
standard_flow_enabled = true
valid_redirect_uris = [
"https://gitlab.archlinux.org/"
]
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment