about summary refs log tree commit diff
path: root/ops/keycloak
diff options
context:
space:
mode:
authorFlorian Klink <flokli@flokli.de>2024-09-01T12·21+0300
committerclbot <clbot@tvl.fyi>2024-09-01T13·18+0000
commite74378a3246bf8abd539ee1fce60bdcb494010fe (patch)
tree5f3feccbe0505cdcf1351e30fd5c7567afdda3df /ops/keycloak
parent5119cae360aa51cb66f253fd9d6c7b8bcc1fa63d (diff)
fix(ops/keycloak): set base_path r/8632
The docs mention this applies to "users of the legacy distribution of keycloak".
However, we get a "failed to perform initial login to Keycloak: error
sending POST request to https://auth.tvl.fyi/realms/master/protocol/openid-connect/token: 404 Not Found"
if we don't set this.

With this, the provider is able to talk to the API, as long as the
secrets are sourced.

Change-Id: I0b9cdd45b1628aa0870a1673491c12c07bf7f8d6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12411
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'ops/keycloak')
-rw-r--r--ops/keycloak/main.tf5
1 files changed, 5 insertions, 0 deletions
diff --git a/ops/keycloak/main.tf b/ops/keycloak/main.tf
index a7726d7271b4..d5698700ce58 100644
--- a/ops/keycloak/main.tf
+++ b/ops/keycloak/main.tf
@@ -28,6 +28,11 @@ terraform {
 provider "keycloak" {
   client_id = "terraform"
   url       = "https://auth.tvl.fyi"
+  # NOTE: Docs mention this applies to "users of the legacy distribution of keycloak".
+  # However, we get a "failed to perform initial login to Keycloak: error
+  # sending POST request to https://auth.tvl.fyi/realms/master/protocol/openid-connect/token: 404 Not Found"
+  # if we don't set this.
+  base_path = "/auth"
 }
 
 resource "keycloak_realm" "tvl" {