From 38be32c6b0f847aec1d1e19eb2765485d9f2ed39 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <mail@tazj.in>
Date: Sat, 28 May 2022 18:05:00 +0200
Subject: feat(ops/keycloak): Add OIDC client for panettone

Change-Id: Idb4352e3bbf412df5569aa988a78c6438063f93a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5769
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
---
 ops/keycloak/clients.tf | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/ops/keycloak/clients.tf b/ops/keycloak/clients.tf
index 5f2fd21a35..9506bd4aa0 100644
--- a/ops/keycloak/clients.tf
+++ b/ops/keycloak/clients.tf
@@ -90,3 +90,17 @@ resource "keycloak_openid_audience_protocol_mapper" "oauth2_proxy_audience" {
   name                     = "oauth2-proxy-audience"
   included_custom_audience = keycloak_openid_client.oauth2_proxy.client_id
 }
+
+resource "keycloak_openid_client" "panettone" {
+  realm_id              = keycloak_realm.tvl.id
+  client_id             = "panettone"
+  name                  = "Panettone"
+  enabled               = true
+  access_type           = "CONFIDENTIAL"
+  standard_flow_enabled = true
+
+  valid_redirect_uris = [
+    "https://b.tvl.fyi/auth",
+    "http://localhost:6161/auth",
+  ]
+}
-- 
cgit 1.4.1