fix

2023-09-12 16:04:43 +02:00
parent e4e52a8909
commit 3e4d6e4cf7
11 changed files with 117 additions and 111 deletions
--- a/apps/nextcloud/oauth2.tf
+++ b/apps/nextcloud/oauth2.tf
@@ -22,6 +22,10 @@ data "kubernetes_secret_v1" "oauth2-client-id" {
  }
 }

+data "authentik_certificate_key_pair" "ca" {
+  name = "authentik Self-signed Certificate"
+}
+
 data "authentik_scope_mapping" "oauth2" {
  managed_list = [
    "goauthentik.io/providers/oauth2/scope-email",
@@ -43,6 +47,7 @@ resource "authentik_provider_oauth2" "oauth2" {
  authorization_flow  = data.authentik_flow.default-authorization-flow.id
  client_type         = "confidential"
  sub_mode            = "user_username"
+  signing_key         = data.authentik_certificate_key_pair.ca.id
  property_mappings   = data.authentik_scope_mapping.oauth2.ids
  redirect_uris       = [
    "https://${local.dns-name}/apps/user_oidc/code"