snix/ops/secrets
Vincent Ambo 73288ba569 feat(ops): Add initial oauth2_proxy configuration
The intent is to configure oauth2_proxy pointing at Keycloak to enable
usage with nginx auth_request directives.

I want to expose this as a function from within the module in which
nginx server configuration blocks can be wrapped, but the function for
that is currently a placeholder.

Change-Id: I5ed7deb9bf1c62818f516e68c33e8c5b632fccfe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4767
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2022-01-04 18:04:27 +00:00
..
.skip-subtree feat(ops/secrets): Bootstrap agenix secrets folder 2021-12-08 18:22:00 +00:00
besadii.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
buildkite-agent-token.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
buildkite-graphql-token.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
clbot-ssh.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
clbot.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
default.nix refactor(ops/secrets): generalize out a mkSecrets function 2021-12-27 03:46:26 +00:00
gerrit-queue.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
gerrit-secrets.age feat(monorepo-gerrit): Configure for Keycloak compatibility 2021-12-26 00:10:09 +00:00
grafana.age fix(whitby): Point grafana at new auth provider 2021-12-27 14:44:38 +00:00
irccat.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
keycloak-db.age feat(whitby): Configure initial Keycloak setup 2021-12-25 21:11:40 +00:00
mkSecrets.nix refactor(ops/secrets): optimize + typecheck mkSecrets 2021-12-27 23:16:31 +00:00
nix-cache-priv.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
nix-cache-pub.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
oauth2_proxy.age feat(ops): Add initial oauth2_proxy configuration 2022-01-04 18:04:27 +00:00
owothia.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
panettone.age chore(ops/secrets): Reencrypt all secrets with sterni included 2021-12-11 18:51:36 +03:00
README.md feat(ops/secrets): Bootstrap agenix secrets folder 2021-12-08 18:22:00 +00:00
secrets.nix feat(ops): Add initial oauth2_proxy configuration 2022-01-04 18:04:27 +00:00
smtprelay.age feat(ops/secrets): Add smtprelay credentials 2022-01-01 15:30:17 +00:00
tf-glesys.age feat(ops/secrets): Import secrets for tf-glesys 2021-12-27 15:53:57 +00:00
tf-keycloak.age fix(ops/keycloak): Move Terraform state to GleSYS bucket 2021-12-27 15:53:57 +00:00

TVL's deployment secrets, encrypted with agenix