Quite a bit

2025-04-01 08:01:18 +00:00 · 2025-04-01 08:01:18 +00:00 · ca415c6959
commit ca415c6959
parent d908078ee6
15 changed files with 10601 additions and 64 deletions
--- a/authentik/nextcloud.tf
+++ b/authentik/nextcloud.tf
@ -31,44 +31,44 @@ resource "random_id" "nextcloud_client_id" {
  byte_length = 16
 }

-resource "authentik_provider_oauth2" "nextcloud" {
-  name = "Nextcloud"
-  #  Required. You can use the output of:
-  #     $ openssl rand -hex 16
-  client_id = random_id.nextcloud_client_id.id
-
-  # Optional: will be generated if not provided
-  # client_secret = "my_client_secret"
-
-  sub_mode           = "user_uuid"
-  authorization_flow = data.authentik_flow.default-provider-authorization-implicit-consent.id
-  invalidation_flow = data.authentik_flow.default-invalidation-flow.id
-
-  allowed_redirect_uris = [
-    {
-      matching_mode = "strict"
-      url           = "https://cloud.lab.cowley.tech/apps/user_oidc/code",
-    }
-  ]
-
-  property_mappings = [
-    data.authentik_property_mapping_provider_scope.scope-email.id,
-    authentik_property_mapping_provider_scope.nextcloud-scope.id
-  ]
-
-  lifecycle {
-    ignore_changes = [
-      signing_key,
-      authentication_flow,
-    ]
-  }
-}
-
-resource "authentik_application" "nextcloud" {
-  name              = "Nextcloud"
-  slug              = "nextcloud"
-  protocol_provider = authentik_provider_oauth2.nextcloud.id
-}
+#resource "authentik_provider_oauth2" "nextcloud" {
+#  name = "Nextcloud"
+#  #  Required. You can use the output of:
+#  #     $ openssl rand -hex 16
+#  client_id = random_id.nextcloud_client_id.id
+#
+#  # Optional: will be generated if not provided
+#  # client_secret = "my_client_secret"
+#
+#  sub_mode           = "user_uuid"
+#  authorization_flow = data.authentik_flow.default-provider-authorization-implicit-consent.id
+#  invalidation_flow = data.authentik_flow.default-invalidation-flow.id
+#
+#  allowed_redirect_uris = [
+#    {
+#      matching_mode = "strict"
+#      url           = "https://cloud.lab.cowley.tech/apps/user_oidc/code",
+#    }
+#  ]
+#
+#  property_mappings = [
+#    data.authentik_property_mapping_provider_scope.scope-email.id,
+#    authentik_property_mapping_provider_scope.nextcloud-scope.id
+#  ]
+#
+#  lifecycle {
+#    ignore_changes = [
+#      signing_key,
+#      authentication_flow,
+#    ]
+#  }
+#}
+#
+#resource "authentik_application" "nextcloud" {
+#  name              = "Nextcloud"
+#  slug              = "nextcloud"
+#  protocol_provider = authentik_provider_oauth2.nextcloud.id
+#}

 resource "authentik_group" "nextcloud_admins" {
  name = "Nextcloud Admins"