From d50d8b7136b176cf57e4e7521f720e2ceb3c9bbe Mon Sep 17 00:00:00 2001 From: Cocopops16 Date: Sat, 24 May 2025 14:56:06 +0200 Subject: [PATCH] working keycloak configuration --- haproxy/ingress.yaml | 11 +++++++++ haproxy/sticky-ingress.yaml | 28 ----------------------- keycloak/keycloak-crd.yaml | 2 +- keycloak/keycloak-deployment.yaml | 37 ------------------------------- keycloak/keycloak-service.yaml | 12 ---------- 5 files changed, 12 insertions(+), 78 deletions(-) delete mode 100644 haproxy/sticky-ingress.yaml delete mode 100644 keycloak/keycloak-deployment.yaml delete mode 100644 keycloak/keycloak-service.yaml diff --git a/haproxy/ingress.yaml b/haproxy/ingress.yaml index 1bdb19b..590103b 100644 --- a/haproxy/ingress.yaml +++ b/haproxy/ingress.yaml @@ -30,8 +30,19 @@ spec: number: 80 - host: "www.reault.tech" http: *http_rules + - host: "iam.reault.tech" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: keycloak-service + port: + number: 8080 tls: - secretName: reault-tech-cert # cert-manager will store the certificate and key in this secret hosts: - www.reault.tech - reault.tech + - iam.reault.tech diff --git a/haproxy/sticky-ingress.yaml b/haproxy/sticky-ingress.yaml deleted file mode 100644 index d02f228..0000000 --- a/haproxy/sticky-ingress.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: sticky-ingress-controller - annotations: - haproxy.org/rate-limit-period: "1m" - haproxy.org/rate-limit-requests: "200" - haproxy.org/rate-limit-status-code: "429" - # add an annotation indicating the issuer to use - cert-manager.io/cluster-issuer: letsencrypt - cookie-persistence: "example-session-persistence-cookie" -spec: - ingressClassName: haproxy - rules: - - host: "iam.reault.tech" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: keycloak-service - port: - number: 8080 - tls: - - secretName: reault-tech-cert # cert-manager will store the certificate and key in this secret - hosts: - - iam.reault.tech \ No newline at end of file diff --git a/keycloak/keycloak-crd.yaml b/keycloak/keycloak-crd.yaml index 366667c..4c4269b 100644 --- a/keycloak/keycloak-crd.yaml +++ b/keycloak/keycloak-crd.yaml @@ -20,7 +20,7 @@ spec: httpsPort: 8443 tlsSecret: reault-tech-cert hostname: - hostname: iam.reault.tech + hostname: "https://iam.reault.tech" proxy: headers: xforwarded # double check your reverse proxy sets and overwrites the X-Forwarded-* headers resources: diff --git a/keycloak/keycloak-deployment.yaml b/keycloak/keycloak-deployment.yaml deleted file mode 100644 index 8989443..0000000 --- a/keycloak/keycloak-deployment.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: keycloak - labels: - app: keycloak -spec: - replicas: 1 - selector: - matchLabels: - app: keycloak - template: - metadata: - labels: - app: keycloak - spec: - containers: - - name: keycloak - image: quay.io/keycloak/keycloak:26.1.3 - args: ["start-dev"] - env: - - name: KEYCLOAK_ADMIN - value: "admin" - - name: KEYCLOAK_ADMIN_PASSWORD - value: "admin" - - name: KC_PROXY - value: "edge" - - name: KC_HEALTH_ENABLED - value: "true" - ports: - - name: http - containerPort: 8080 - readinessProbe: - httpGet: - path: /health/ready - port: 9000 \ No newline at end of file diff --git a/keycloak/keycloak-service.yaml b/keycloak/keycloak-service.yaml deleted file mode 100644 index c36eba6..0000000 --- a/keycloak/keycloak-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: keycloak -spec: - type: ClusterIP - selector: - app: keycloak - ports: - - protocol: TCP - port: 8080