feat(ops/secrets): Add tf-keycloak secrets file
This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
This commit is contained in:
Vincent Ambo
tazjin
parent
4f030f085d
commit
e616f978d0
4 changed files with 33 additions and 1 deletions
18
ops/keycloak/README.md
Normal file
18
ops/keycloak/README.md
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
Terraform for Keycloak
|
||||
======================
|
||||
|
||||
This contains the Terraform configuration for deploying TVL's Keycloak
|
||||
instance (which lives at `auth.tvl.fyi`).
|
||||
|
||||
Secrets are needed for applying this. The encrypted file
|
||||
`//ops/secrets/tf-keycloak.age` contains `export` calls which should
|
||||
be sourced, for example via `direnv`, by users with the appropriate
|
||||
credentials.
|
||||
|
||||
An example `direnv` configuration used by tazjin is this:
|
||||
|
||||
```
|
||||
# //ops/secrets/.envrc
|
||||
source_up
|
||||
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-keycloak.age)
|
||||
```
|
||||
Loading…
Add table
Add a link
Reference in a new issue