61 lines
1.3 KiB
YAML
61 lines
1.3 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: keycloak
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: keycloak
|
|
namespace: keycloak
|
|
spec:
|
|
interval: 10m
|
|
timeout: 10m
|
|
chart:
|
|
spec:
|
|
chart: keycloakx
|
|
version: "7.1.x"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: codecentric
|
|
namespace: flux-system
|
|
values:
|
|
image:
|
|
repository: quay.io/keycloak/keycloak
|
|
tag: "26.5.5"
|
|
command:
|
|
- "/opt/keycloak/bin/kc.sh"
|
|
args:
|
|
- "start"
|
|
- "--hostname-strict=false"
|
|
- "--http-enabled=true"
|
|
- "--proxy-headers=xforwarded"
|
|
database:
|
|
vendor: postgres
|
|
hostname: pgbouncer.default.svc.cluster.local
|
|
port: 6432
|
|
database: keycloak
|
|
username: keycloak
|
|
existingSecret: keycloak-secrets
|
|
existingSecretKey: db-password
|
|
http:
|
|
relativePath: "/"
|
|
extraEnvFrom: |
|
|
- secretRef:
|
|
name: keycloak-secrets
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: "traefik"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "n0ball-tw-issuer"
|
|
rules:
|
|
- host: keycloak.n0ball.tw
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- keycloak.n0ball.tw
|
|
secretName: keycloak-tls
|