infra/k8s/keycloak/ingress.yaml

56 lines
1.3 KiB
YAML
Raw Permalink Normal View History

2024-07-11 03:24:06 +00:00
apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
name: keycloak-frontend
spec:
serverName: keycloak.keycloak.svc.cluster.local
rootCAsSecrets:
- keycloak-frontend
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak
annotations:
traefik.ingress.kubernetes.io/router.middlewares: keycloak-keycloak-root-redirect@kubernetescrd
2024-07-11 03:24:06 +00:00
spec:
rules:
2024-07-26 22:30:12 +00:00
- host: auth.janky.solutions
2024-07-11 03:24:06 +00:00
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: keycloak
port:
name: web
---
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak # so prometheus can find this service
annotations:
traefik.ingress.kubernetes.io/service.serverstransport: keycloak-keycloak-frontend@kubernetescrd
traefik.ingress.kubernetes.io/service.serversscheme: https
spec:
ports:
- name: web
port: 8443
- name: management
port: 9000
clusterIP: None
selector:
app: keycloak
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: keycloak-root-redirect
spec:
redirectRegex:
regex: ^https://auth.janky.solutions/$
replacement: https://auth.janky.solutions/realms/janky.solutions/account