about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2021-12-26T16·07+0300
committerclbot <clbot@tvl.fyi>2021-12-26T16·59+0000
commita8923242bebdc2464f760f906fddd135a8c13abb (patch)
treeb7f5d5698fcc0ba76d22402ebe9dcc7d97efa1a0
parente8fa347fd1e22b6c55941ecff8b6d385c7027791 (diff)
fix(ops/keycloak): trust email addresses from LDAP r/3427
Verified emails are required for some things, like e.g. oauth2_proxy

Change-Id: Ifb124be40d6d2863cd1b7ed5fbdfcf4827e8808c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4661
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
-rw-r--r--ops/keycloak/main.tf1
1 files changed, 1 insertions, 0 deletions
diff --git a/ops/keycloak/main.tf b/ops/keycloak/main.tf
index 95902476bba2..d6c01442ecd3 100644
--- a/ops/keycloak/main.tf
+++ b/ops/keycloak/main.tf
@@ -32,6 +32,7 @@ resource "keycloak_ldap_user_federation" "tvl_ldap" {
   uuid_ldap_attribute     = "cn"
   rdn_ldap_attribute      = "cn"
   full_sync_period        = 86400
+  trust_email             = true
 
   user_object_classes = [
     "inetOrgPerson",