JankySolutions/infra
2
0
Fork 0
Code Issues Pull requests 5 Projects Releases Packages 12 Wiki Activity Actions
infra/k8s/keycloak/deployment.yaml
Finn 439a88927b Update keycloak domain
2024-07-26 15:30:12 -07:00

84 lines
2.5 KiB
YAML
Raw Permalink Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
labels:
app: keycloak
spec:
replicas: 2
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: git.janky.solutions/jankysolutions/infra/keycloak:25.0
imagePullPolicy: Always
resources: {}
volumeMounts:
- name: certs
mountPath: /etc/certs
readOnly: true
- name: postgres-ca
mountPath: /opt/keycloak/.postgresql/root.crt
subPath: ca.crt
readOnly: true
env:
- name: KC_HTTPS_CERTIFICATE_FILE
value: "/etc/certs/tls.crt"
- name: KC_HTTPS_CERTIFICATE_KEY_FILE
value: "/etc/certs/tls.key"
- name: KC_HEALTH_ENABLED
value: "true"
- name: KC_METRICS_ENABLED
value: "true"
- name: KC_HOSTNAME_URL
value: https://auth.janky.solutions/
- name: KC_HOSTNAME
value: https://auth.janky.solutions/
- name: KC_PROXY_HEADERS
value: xforwarded
- name: KC_DB
value: postgres
- name: KC_DB_URL
value: "jdbc:postgresql://keycloak-database.keycloak.svc.cluster.local/keycloak?ssl=true"
- name: KC_DB_USERNAME
valueFrom:
secretKeyRef:
name: keycloak.keycloak-database.credentials.postgresql.acid.zalan.do
key: username
- name: KC_DB_PASSWORD
valueFrom:
secretKeyRef:
name: keycloak.keycloak-database.credentials.postgresql.acid.zalan.do
key: password
- name: KC_LOG_CONSOLE_OUTPUT
value: json
# - name: KC_LOG_LEVEL
# value: "DEBUG"
- name: jgroups.dns.query
value: keycloak
ports:
- name: jgroups
containerPort: 7600
- name: web
containerPort: 8443
- name: management
containerPort: 9000
readinessProbe:
httpGet:
scheme: HTTPS
path: /health/ready
port: 9000
initialDelaySeconds: 30
volumes:
- name: certs
secret:
secretName: keycloak-frontend
- name: postgres-ca
secret:
secretName: database-certificate
Reference in a new issue View git blame Copy permalink