Chris Cowley
parent
a10e42d448
commit
ae76ef9c0b
20 changed files with 365 additions and 100 deletions
42
authentik/jellyfin.tf
Normal file
42
authentik/jellyfin.tf
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
resource "random_id" "jellyfin_client_id" {
|
||||
byte_length = 16
|
||||
}
|
||||
|
||||
resource "authentik_provider_oauth2" "jellyfin" {
|
||||
name = "Jellyfin"
|
||||
client_id = random_id.jellyfin_client_id.id
|
||||
|
||||
authorization_flow = data.authentik_flow.default-provider-authorization-implicit-consent.id
|
||||
|
||||
redirect_uris = [
|
||||
"https://jellyfin.lab.cowley.tech/sso/OID/start/authentik"
|
||||
]
|
||||
|
||||
property_mappings = [
|
||||
data.authentik_property_mapping_provider_scope.scope-email.id,
|
||||
data.authentik_property_mapping_provider_scope.scope-profile.id,
|
||||
data.authentik_property_mapping_provider_scope.scope-openid.id,
|
||||
]
|
||||
lifecycle {
|
||||
ignore_changes = [
|
||||
signing_key,
|
||||
authentication_flow,
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
resource "authentik_application" "jellyfin" {
|
||||
name = "Jellyfin"
|
||||
slug = "jellyfin"
|
||||
protocol_provider = authentik_provider_oauth2.jellyfin.id
|
||||
meta_launch_url = "https://jellyfin.lab.cowley.tech/sso/OID/start/authentik"
|
||||
}
|
||||
resource "kubernetes_secret" "jellyfin_oidc" {
|
||||
metadata {
|
||||
name = "jellyfin-oidc"
|
||||
namespace = "jellyfin"
|
||||
}
|
||||
data = {
|
||||
client-secret = authentik_provider_oauth2.jellyfin.client_secret
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue