From 289c15cb92d086de405f9a59df8f47ba346171a1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beatrice=20Dellac=C3=A0?= <hello@beatrice.wtf>
Date: Sat, 29 Mar 2025 19:27:57 +0100
Subject: [PATCH] add keycloak, udpate postgres

---
 deploy/cloudnativepg/postgres-base.yaml |  1 +
 deploy/keycloak/keycloak-ingress.yaml   | 19 +++++++++
 deploy/keycloak/keycloak.yaml           | 53 +++++++++++++++++++++++++
 3 files changed, 73 insertions(+)
 create mode 100644 deploy/keycloak/keycloak-ingress.yaml
 create mode 100644 deploy/keycloak/keycloak.yaml

diff --git a/deploy/cloudnativepg/postgres-base.yaml b/deploy/cloudnativepg/postgres-base.yaml
index a846bea..9b3186b 100644
--- a/deploy/cloudnativepg/postgres-base.yaml
+++ b/deploy/cloudnativepg/postgres-base.yaml
@@ -8,3 +8,4 @@ spec:
   storage:
     size: 10Gi
     storageClass: longhorn
+  enableSuperuserAccess: true
diff --git a/deploy/keycloak/keycloak-ingress.yaml b/deploy/keycloak/keycloak-ingress.yaml
new file mode 100644
index 0000000..790a8bd
--- /dev/null
+++ b/deploy/keycloak/keycloak-ingress.yaml
@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: keycloak
+spec:
+  tls:
+    - hosts:
+        - sso.panic.haus
+  rules:
+    - host: sso.panic.hausT
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: keycloak
+                port:
+                  number: 8080
diff --git a/deploy/keycloak/keycloak.yaml b/deploy/keycloak/keycloak.yaml
new file mode 100644
index 0000000..8c77224
--- /dev/null
+++ b/deploy/keycloak/keycloak.yaml
@@ -0,0 +1,53 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: keycloak
+  labels:
+    app: keycloak
+spec:
+  ports:
+    - name: http
+      port: 8080
+      targetPort: 8080
+  selector:
+    app: keycloak
+  type: ClusterIP
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: keycloak
+  labels:
+    app: keycloak
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: keycloak
+  template:
+    metadata:
+      labels:
+        app: keycloak
+    spec:
+      containers:
+        - name: keycloak
+          image: quay.io/keycloak/keycloak:26.1.4
+          args: ["start-dev"]
+          env:
+            - name: KEYCLOAK_ADMIN
+              value: "admin"
+            - name: KEYCLOAK_ADMIN_PASSWORD
+              value: "admin"
+            - name: KC_PROXY_HEADERS
+              value: "xforwarded"
+            - name: KC_HTTP_ENABLED
+              value: "true"
+            - name: KC_HEALTH_ENABLED
+              value: "true"
+          ports:
+            - name: http
+              containerPort: 8080
+          readinessProbe:
+            httpGet:
+              path: /health/ready
+              port: 9000