38 lines
1.3 KiB
HCL
38 lines
1.3 KiB
HCL
module "giteaclient" {
|
|
source = "./modules/kc-client"
|
|
|
|
realm = var.realm
|
|
client_id = "gitea"
|
|
client_name = "Gitea"
|
|
description = "git.tobiasmanske.de"
|
|
root_url = "https://git.tobiasmanske.de"
|
|
admin_url = "https://git.tobiasmanske.de"
|
|
base_url = ""
|
|
valid_redirect_uris = ["https://git.tobiasmanske.de/user/oauth2/Keycloak/callback"]
|
|
web_origins = ["https://git.tobiasmanske.de"]
|
|
}
|
|
|
|
resource "keycloak_openid_user_property_protocol_mapper" "gitea-username-mapper" {
|
|
realm_id = module.giteaclient.realm.id
|
|
client_id = module.giteaclient.client.id
|
|
|
|
name = "username"
|
|
user_property = "username"
|
|
claim_name = "preferred_username"
|
|
add_to_userinfo = true
|
|
add_to_access_token = true
|
|
add_to_id_token = false
|
|
}
|
|
|
|
resource "keycloak_openid_user_client_role_protocol_mapper" "gitea-role-mapper" {
|
|
realm_id = module.giteaclient.realm.id
|
|
client_id = module.giteaclient.client.id
|
|
client_id_for_role_mappings = module.giteaclient.client_id
|
|
multivalued = true
|
|
name = "user-client-role-mapper"
|
|
claim_name = "roles"
|
|
add_to_userinfo = true
|
|
add_to_access_token = true
|
|
add_to_id_token = false
|
|
}
|