homelab/terraform/authentik/oauth2-apps.tfvars

oauth_applications = {
  "paperless" = {
    name                       = "Paperless-NGX"
    slug                       = "paperless"
    group                      = "Tools"
    meta_description           = "Document management system"
    meta_icon                  = "https://img.icons8.com/fluency/48/documents.png"
    redirect_uris              = ["https://docs.hexor.cy/accounts/oidc/authentik/login/callback/"]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=5"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    create_group               = true
    access_groups              = ["admins"]
  }

  "gitea" = {
    name                       = "Gitea"
    slug                       = "gitea"
    group                      = "Tools"
    meta_description           = "Git repository hosting"
    meta_icon                  = "https://img.icons8.com/?size=100&id=20906&format=png&color=000000"
    redirect_uris              = ["https://gt.hexor.cy/user/oauth2/Authentik/callback"]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=10"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    access_groups              = ["admins"]
  }

  "jellyfin" = {
    name             = "Jellyfin"
    slug             = "jellyfin"
    group            = "Media and Storage"
    meta_description = "Media streaming server"
    meta_icon        = "https://img.icons8.com/plasticine/100/jellyfin.png"
    redirect_uris = [
      "https://jf.hexor.cy/sso/OID/r/authentik",
      "https://jf.hexor.cy/sso/OID/redirect/authentik"
    ]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=10"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    access_groups              = ["admins"]
  }

  "argocd" = {
    name                       = "ArgoCD"
    slug                       = "argocd"
    group                      = "Core"
    meta_description           = "GitOps deployment tool"
    meta_icon                  = "https://img.icons8.com/color-glass/48/octopus.png"
    redirect_uris              = ["https://ag.hexor.cy/auth/callback"]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=5"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    signing_key                = "1b1b5bec-034a-4d96-871a-133f11322360"
    access_groups              = ["admins"]
  }

  "grafana" = {
    name                       = "Grafana"
    slug                       = "grafana"
    group                      = "Core"
    meta_description           = "Monitoring and observability"
    meta_icon                  = "https://img.icons8.com/fluency/48/grafana.png"
    redirect_uris              = ["https://gf.hexor.cy/login/generic_oauth"]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=5"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    access_groups              = ["admins"]
  }

  "immich" = {
    name             = "Immich"
    slug             = "immich"
    group            = "Media and Storage"
    meta_description = "Photo and video management"
    meta_icon        = "https://img.icons8.com/fluency/48/photos.png"
    redirect_uris = [
      "https://photos.hexor.cy/auth/login",
      "https://photos.hexor.cy/user-settings",
      "app.immich:///oauth-callback",
      "http://photos.homenet:30283/auth/login",
      "http://photos.homenet:30283/user-settings"
    ]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=5"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    signing_key                = "1b1b5bec-034a-4d96-871a-133f11322360"
    access_groups              = ["admins"]
    create_group               = true
  }

  "pgadmin" = {
    name                       = "Postgres WEB Admin"
    slug                       = "pgadmin"
    group                      = "Core"
    meta_description           = "PostgreSQL WEB administration"
    meta_icon                  = "https://img.icons8.com/?size=100&id=JRnxU7ZWP4mi&format=png&color=000000"
    redirect_uris              = ["https://pg.hexor.cy/oauth2/authorize"]
    client_type                = "confidential"
    include_claims_in_id_token = true
    access_code_validity       = "minutes=1"
    access_token_validity      = "minutes=5"
    refresh_token_validity     = "days=30"
    scope_mappings             = ["openid", "profile", "email"]
    access_groups              = ["admins"]
    signing_key                = "1b1b5bec-034a-4d96-871a-133f11322360"
  }
}