From cb80b8222ed691cea3d64ab949cc889ac9bce2a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beatrice=20Dellac=C3=A0?= Date: Sat, 29 Mar 2025 23:27:21 +0100 Subject: [PATCH] update keycloak --- .../{ => disabled}/keycloak-ingress.yaml | 2 +- deploy/keycloak/disabled/keycloak.yaml | 55 +++++++++++++ deploy/keycloak/keycloak.yaml | 79 ++++++------------- 3 files changed, 82 insertions(+), 54 deletions(-) rename deploy/keycloak/{ => disabled}/keycloak-ingress.yaml (92%) create mode 100644 deploy/keycloak/disabled/keycloak.yaml diff --git a/deploy/keycloak/keycloak-ingress.yaml b/deploy/keycloak/disabled/keycloak-ingress.yaml similarity index 92% rename from deploy/keycloak/keycloak-ingress.yaml rename to deploy/keycloak/disabled/keycloak-ingress.yaml index 790a8bd..6b5a193 100644 --- a/deploy/keycloak/keycloak-ingress.yaml +++ b/deploy/keycloak/disabled/keycloak-ingress.yaml @@ -7,7 +7,7 @@ spec: - hosts: - sso.panic.haus rules: - - host: sso.panic.hausT + - host: sso.panic.haus http: paths: - path: / diff --git a/deploy/keycloak/disabled/keycloak.yaml b/deploy/keycloak/disabled/keycloak.yaml new file mode 100644 index 0000000..0ab0058 --- /dev/null +++ b/deploy/keycloak/disabled/keycloak.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: Service +metadata: + name: keycloak + namespace: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keycloak + namespace: keycloak + labels: + app: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - name: keycloak + image: quay.io/keycloak/keycloak:26.1.4 + args: ["start-dev"] + env: + - name: KEYCLOAK_ADMIN + value: "admin" + - name: KEYCLOAK_ADMIN_PASSWORD + value: "admin" + - name: KC_PROXY_HEADERS + value: "xforwarded" + - name: KC_HTTP_ENABLED + value: "true" + - name: KC_HEALTH_ENABLED + value: "true" + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /health/ready + port: 9000 diff --git a/deploy/keycloak/keycloak.yaml b/deploy/keycloak/keycloak.yaml index 8c77224..9516250 100644 --- a/deploy/keycloak/keycloak.yaml +++ b/deploy/keycloak/keycloak.yaml @@ -1,53 +1,26 @@ -apiVersion: v1 -kind: Service -metadata: - name: keycloak - labels: - app: keycloak -spec: - ports: - - name: http - port: 8080 - targetPort: 8080 - selector: - app: keycloak - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: keycloak - labels: - app: keycloak -spec: - replicas: 1 - selector: - matchLabels: - app: keycloak - template: - metadata: - labels: - app: keycloak - spec: - containers: - - name: keycloak - image: quay.io/keycloak/keycloak:26.1.4 - args: ["start-dev"] - env: - - name: KEYCLOAK_ADMIN - value: "admin" - - name: KEYCLOAK_ADMIN_PASSWORD - value: "admin" - - name: KC_PROXY_HEADERS - value: "xforwarded" - - name: KC_HTTP_ENABLED - value: "true" - - name: KC_HEALTH_ENABLED - value: "true" - ports: - - name: http - containerPort: 8080 - readinessProbe: - httpGet: - path: /health/ready - port: 9000 +global: + defaultStorageClass: longhorn +proxy: edge +production: true +proxyHeaders: 'xforwarded' +adminIngress: + enabled: true + hostname: sso.panic.haus +ingress: + path: / + tls: true + enabled: true + controller: default + hostname: sso.panic.haus + annotations: + cert-manager.io/cluster-issuer: le-prod +postgresql: + enabled: + false +externalDatabase: + host: postgres-base-rw.postgres + user: keycloak + database: keycloakdb + password: u825qCNxfrBScKToTd3W9zKVPxpVsi7L +replicaCount: 3 +