Keycload infra-as-code setup
Find a file
2026-04-25 18:20:39 +10:00
.kiro/steering Create Kiro steering rules 2026-03-04 11:00:11 +11:00
.vscode Add searxng 2026-01-01 21:01:11 +11:00
.gitignore Functional realm with a functional vaultwarden 2025-09-04 21:21:12 +10:00
.terraform.lock.hcl Move state to S3 2026-02-13 14:31:38 +11:00
backend.tf Move state to S3 2026-02-13 14:31:38 +11:00
client-forgejo-roles-groups.tf Add Forgejo client 2026-04-25 13:20:08 +10:00
client-forgejo.tf Rename secret keys for Forgejo, application requirements 2026-04-25 13:24:02 +10:00
client-proxmox-users-groups.tf Integrate Proxmox 2025-09-05 21:52:48 +10:00
client-proxmox.tf Move to the new cluster 2025-12-02 20:04:26 +11:00
client-searxng-roles.tf Add searxng 2026-01-01 21:01:11 +11:00
client-searxng.tf Increase session timeouts on searxng 2026-02-14 07:57:33 +11:00
client-vault-roles.tf Config Hashicorp Vault 2025-10-08 20:34:20 +11:00
client-vault.tf Config Hashicorp Vault 2025-10-08 20:34:20 +11:00
client-vaultwarden-roles-groups.tf Add Welcome Page client 2025-09-28 17:58:17 +10:00
client-vaultwarden.tf Increase offline token expiry for Vaultwarden 2025-11-07 15:59:32 +11:00
client-welcome-roles.tf Add Welcome Page client 2025-09-28 17:58:17 +10:00
client-welcome.tf Config Hashicorp Vault 2025-10-08 20:34:20 +11:00
members.tf Remove Forgejo users from the users group, so they become admins 2026-04-25 18:20:39 +10:00
prod.tfvars Move to the new cluster 2025-12-02 20:04:26 +11:00
providers.tf Move to the new cluster 2025-12-02 20:04:26 +11:00
README.md Functional realm with a functional vaultwarden 2025-09-04 21:21:12 +10:00
realm_cosmos.tf Add searxng 2026-01-01 21:01:11 +11:00
realm_master.tf Configure email settings on the master realm 2025-12-03 09:27:02 +11:00
users.tf Add Welcome Page client 2025-09-28 17:58:17 +10:00
variables.tf Functional realm with a functional vaultwarden 2025-09-04 21:21:12 +10:00
versions.tf Move to the new cluster 2025-12-02 20:04:26 +11:00

Keycloak setup guide

Create a client in the Master realm of Keycloak

  1. Open the Master Realm and create a new client called terraform-super
  2. Enable Client Authentication
  3. Disable Standard Flow and Direct access grants
  4. Enable Service Account Roles
  5. In the Service Account Roles for the client add the admin role to the client