Custom keycloak image

containers/keycloak/Containerfile

@@ -0,0 +1,18 @@
+FROM quay.io/keycloak/keycloak:25.0 as builder
+
+# Enable health and metrics support
+ENV KC_HEALTH_ENABLED=true
+ENV KC_METRICS_ENABLED=true
+
+# Configure a database vendor
+ENV KC_DB=postgres
+
+WORKDIR /opt/keycloak
+RUN /opt/keycloak/bin/kc.sh build
+
+FROM quay.io/keycloak/keycloak:latest
+COPY --from=builder /opt/keycloak/ /opt/keycloak/
+ADD themes/jankysolutions /opt/keycloak/themes/jankysolutions
+
+ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
+CMD ["start", "--cache-stack=kubernetes"]

containers/keycloak/themes/jankysolutions/login/resources/jankysolutions.css

@@ -0,0 +1,19 @@
+.pf-v5-c-login__container {
+    grid-template-areas: "main";
+    grid-template-columns: 34rem;
+}
+
+#kc-header-wrapper {
+    padding: 62px 10px 20px;
+    position: absolute;
+    left: 50%;
+    transform: translateX(-50%);
+}
+
+.login-pf body {
+    height: 100%;
+}
+
+div.kc-logo-text span {
+    display: none;
+}

containers/keycloak/themes/jankysolutions/login/theme.properties

@@ -0,0 +1,2 @@
+parent=keycloak.v2
+styles=jankysolutions.css

k8s/keycloak/deployment.yaml

@@ -40,12 +40,14 @@ spec:
               value: "true"
             - name: KC_METRICS_ENABLED
               value: "true"
+            - name: KC_HOSTNAME_URL
+              value: https://auth-next.janky.solutions/
             - name: KC_HOSTNAME
-              value: https://auth-next.janky.solutions
+              value: https://auth-next.janky.solutions/
             - name: KC_PROXY
               value: reencrypt
             - name: KC_PROXY_HEADERS
-              value: xforwarded
+              value: forwarded
             - name: KC_DB
               value: postgres
             - name: KC_DB_URL
@@ -60,6 +62,10 @@ spec:
                 secretKeyRef:
                   name: keycloak.keycloak-database.credentials.postgresql.acid.zalan.do
                   key: password
+            - name: KC_LOG_CONSOLE_OUTPUT
+              value: json
+            # - name: KC_LOG_LEVEL
+            #   value: "DEBUG"
             - name: jgroups.dns.query
               value: keycloak
           ports:
@@ -74,8 +80,7 @@ spec:
               scheme: HTTPS
               path: /health/ready
               port: 9000
-            initialDelaySeconds: 60
+            initialDelaySeconds: 30
-            periodSeconds: 1
       volumes:
       - name: certs
         secret: