From e3bf165da0ef89c9bb81c6891fe58eacd8736cea Mon Sep 17 00:00:00 2001
From: decentral1se <cellarspoon@riseup.net>
Date: Sun, 8 Jan 2023 01:15:36 +0100
Subject: [PATCH] refactor!: remove KEYCLOAK2* env vars

The experiment is over.
---
 .env.sample           | 11 -----------
 abra.sh               |  2 +-
 compose.keycloak2.yml | 19 -------------------
 homeserver.yaml.tmpl  | 14 --------------
 4 files changed, 1 insertion(+), 45 deletions(-)
 delete mode 100644 compose.keycloak2.yml

diff --git a/.env.sample b/.env.sample
index 9e4765c..29f5f72 100644
--- a/.env.sample
+++ b/.env.sample
@@ -55,21 +55,10 @@ ALLOWED_LIFETIME_MAX=4w
 #KEYCLOAK_ALLOW_EXISTING_USERS=false
 #SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1
 
-#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak2.yml"
-#KEYCLOAK2_ENABLED=1
-#KEYCLOAK2_ID=keycloak2
-#KEYCLOAK2_NAME=
-#KEYCLOAK2_URL=
-#KEYCLOAK2_CLIENT_ID=
-#KEYCLOAK2_CLIENT_DOMAIN=
-#KEYCLOAK2_ALLOW_EXISTING_USERS=false
-#SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION=v1
-
 #COMPOSE_FILE="$COMPOSE_FILE:compose.turn.yml"
 #TURN_ENABLED=1
 #TURN_URIS="[\"turns:coturn.foo.zone?transport=udp\", \"turns:coturn.foo.zone?transport=tcp\"]"
 #TURN_ALLOW_GUESTS=true
-#KEYCLOAK2_ALLOW_EXISTING_USERS=false
 #SECRET_TURN_SHARED_SECRET_VERSION=v1
 
 #COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
diff --git a/abra.sh b/abra.sh
index 5cec792..b929f72 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,6 +1,6 @@
 export DISCORD_BRIDGE_YAML_VERSION=v2
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v15
+export HOMESERVER_YAML_VERSION=v16
 export LOG_CONFIG_VERSION=v2
 export SHARED_SECRET_AUTH_VERSION=v1
 export SIGNAL_BRIDGE_YAML_VERSION=v3
diff --git a/compose.keycloak2.yml b/compose.keycloak2.yml
deleted file mode 100644
index 971b6cc..0000000
--- a/compose.keycloak2.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-version: "3.8"
-
-services:
-  app:
-    secrets:
-      - keycloak2_client_secret
-    environment:
-      - KEYCLOAK2_ALLOW_EXISTING_USERS
-      - KEYCLOAK2_CLIENT_ID
-      - KEYCLOAK2_ENABLED
-      - KEYCLOAK2_ID
-      - KEYCLOAK2_NAME
-      - KEYCLOAK2_URL
-
-secrets:
-  keycloak2_client_secret:
-    external: true
-    name: ${STACK_NAME}_keycloak2_client_secret_${SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION}
diff --git a/homeserver.yaml.tmpl b/homeserver.yaml.tmpl
index 9b3b368..81313de 100644
--- a/homeserver.yaml.tmpl
+++ b/homeserver.yaml.tmpl
@@ -604,20 +604,6 @@ oidc_providers:
         display_name_template: "{{ "{{ user.name }}" }}"
   {{ end }}
 
-  {{ if eq (env "KEYCLOAK2_ENABLED") "1" }}
-  - idp_id: {{ env "KEYCLOAK2_ID" }}
-    idp_name: {{ env "KEYCLOAK2_NAME" }}
-    issuer: "{{ env "KEYCLOAK2_URL" }}"
-    client_id: "{{ env "KEYCLOAK2_CLIENT_ID" }}"
-    client_secret: "{{ secret "keycloak2_client_secret" }}"
-    scopes: ["openid", "profile"]
-    allow_existing_users: {{ env "KEYCLOAK2_ALLOW_EXISTING_USERS" }}
-    user_mapping_provider:
-      config:
-        localpart_template: "{{ "{{ user.preferred_username }}" }}"
-        display_name_template: "{{ "{{ user.name }}" }}"
-  {{ end }}
-
 # Additional settings to use with single-sign on systems such as OpenID Connect,
 # SAML2 and CAS.
 #