From e74378a3246bf8abd539ee1fce60bdcb494010fe Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sun, 1 Sep 2024 15:21:44 +0300
Subject: fix(ops/keycloak): set base_path

The docs mention this applies to "users of the legacy distribution of keycloak".
However, we get a "failed to perform initial login to Keycloak: error
sending POST request to https://auth.tvl.fyi/realms/master/protocol/openid-connect/token: 404 Not Found"
if we don't set this.

With this, the provider is able to talk to the API, as long as the
secrets are sourced.

Change-Id: I0b9cdd45b1628aa0870a1673491c12c07bf7f8d6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12411
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
---
 ops/keycloak/main.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ops/keycloak/main.tf b/ops/keycloak/main.tf
index a7726d7271b4..d5698700ce58 100644
--- a/ops/keycloak/main.tf
+++ b/ops/keycloak/main.tf
@@ -28,6 +28,11 @@ terraform {
 provider "keycloak" {
   client_id = "terraform"
   url       = "https://auth.tvl.fyi"
+  # NOTE: Docs mention this applies to "users of the legacy distribution of keycloak".
+  # However, we get a "failed to perform initial login to Keycloak: error
+  # sending POST request to https://auth.tvl.fyi/realms/master/protocol/openid-connect/token: 404 Not Found"
+  # if we don't set this.
+  base_path = "/auth"
 }
 
 resource "keycloak_realm" "tvl" {
-- 
cgit 1.4.1