infra/stacks/vault/vault_provider.tf at 27fa8ea18f0ebc5798845bcbb6f26bb820dd5851 - viktor/infra - Forgejo: Beyond coding. We Forge.

viktor/infra

Viktor Barzin 1dec7e6bea Add Vault OIDC authentication via Authentik

Configure Vault to use Authentik as OIDC identity provider for SSO login.
Creates OAuth2 provider/application in Authentik, adds OIDC auth backend,
admin policy, and maps "authentik Admins" group to full vault-admin access.

2026-03-14 13:53:05 +00:00

18 lines

292 B

HCL

Raw Blame History

 terraform {
   required_providers {
     vault = {
       source  = "hashicorp/vault"
       version = "~> 4.0"
     }
   }
 }
 variable "vault_root_token" {
   type      = string
   sensitive = true
 }
 provider "vault" {
   address = "https://vault.viktorbarzin.me"
   token   = var.vault_root_token
 }