delete profiles for forgejo and keycloak

1 files changed, 0 insertions, 36 deletions

diff --git a/docs/keycloak.org b/docs/keycloak.org
deleted file mode 100644
index cd6e773..0000000
--- a/docs/keycloak.org
+++ /dev/null
@@ -1,36 +0,0 @@
-* Keycloak
-
-Running at https://id.fcuny.net.
-
-There's an admin user in 1password.
-** Bootstrap
-#+begin_src shell
-ssh keycloak-host -L 8080:localhost:8080
-#+end_src
-
-Then go to =http://localhost:8080= with your browser to setup the initial user.
-
-** Client for forgejo
-The client is managed by terranix.
-*** forgejo configuration
-- create a new authentication source under https://code.fcuny.net/admin/auths
-- choose OAuth2
-- set the name to =id.fcuny.net=
-- set OAuth2 provider to OpenID Connect
-- configure the OpenID realm to =https://id.fcuny.net/realms/master/.well-known/openid-configuration=
-- the client ID is =forgejo=
-- the client secret is in the =credentials= tab in forgejo for the client
-- select =skip local 2FA=
-** Managing with terranix
-Ultimately we want to manage it with terranix.
-
-First, we need a client ID and a secret. The client can be created in the UI:
-- https://id.fcuny.net/admin/master/console/#/master/clients
-- create a new client (use =terranix= if possible, so that it's descriptive)
-- =Standard Flow Enabled= should be disabled
-- =Direct Access Grants Enabled= should be disabled
-- =Service Accounts Enabled= should be enabled
-
-The go to "Service account roles" for the newly created client, and ensure it has =admin= role (assign role -> filter by realm roles -> admin).
-
-Export the secret with =KEYCLOAK_CLIENT_SECRET= (it might be already be set in =../.envrc.local=).