working keycloak configuration
This commit is contained in:
Cocopops16
parent
844533a514
commit
d50d8b7136
@ -30,8 +30,19 @@ spec:
|
|||||||
number: 80
|
number: 80
|
||||||
- host: "www.reault.tech"
|
- host: "www.reault.tech"
|
||||||
http: *http_rules
|
http: *http_rules
|
||||||
|
- host: "iam.reault.tech"
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: keycloak-service
|
||||||
|
port:
|
||||||
|
number: 8080
|
||||||
tls:
|
tls:
|
||||||
- secretName: reault-tech-cert # cert-manager will store the certificate and key in this secret
|
- secretName: reault-tech-cert # cert-manager will store the certificate and key in this secret
|
||||||
hosts:
|
hosts:
|
||||||
- www.reault.tech
|
- www.reault.tech
|
||||||
- reault.tech
|
- reault.tech
|
||||||
|
- iam.reault.tech
|
||||||
|
|||||||
@ -1,28 +0,0 @@
|
|||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: sticky-ingress-controller
|
|
||||||
annotations:
|
|
||||||
haproxy.org/rate-limit-period: "1m"
|
|
||||||
haproxy.org/rate-limit-requests: "200"
|
|
||||||
haproxy.org/rate-limit-status-code: "429"
|
|
||||||
# add an annotation indicating the issuer to use
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt
|
|
||||||
cookie-persistence: "example-session-persistence-cookie"
|
|
||||||
spec:
|
|
||||||
ingressClassName: haproxy
|
|
||||||
rules:
|
|
||||||
- host: "iam.reault.tech"
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: keycloak-service
|
|
||||||
port:
|
|
||||||
number: 8080
|
|
||||||
tls:
|
|
||||||
- secretName: reault-tech-cert # cert-manager will store the certificate and key in this secret
|
|
||||||
hosts:
|
|
||||||
- iam.reault.tech
|
|
||||||
@ -20,7 +20,7 @@ spec:
|
|||||||
httpsPort: 8443
|
httpsPort: 8443
|
||||||
tlsSecret: reault-tech-cert
|
tlsSecret: reault-tech-cert
|
||||||
hostname:
|
hostname:
|
||||||
hostname: iam.reault.tech
|
hostname: "https://iam.reault.tech"
|
||||||
proxy:
|
proxy:
|
||||||
headers: xforwarded # double check your reverse proxy sets and overwrites the X-Forwarded-* headers
|
headers: xforwarded # double check your reverse proxy sets and overwrites the X-Forwarded-* headers
|
||||||
resources:
|
resources:
|
||||||
|
|||||||
@ -1,37 +0,0 @@
|
|||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: keycloak
|
|
||||||
labels:
|
|
||||||
app: keycloak
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: keycloak
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: keycloak
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: keycloak
|
|
||||||
image: quay.io/keycloak/keycloak:26.1.3
|
|
||||||
args: ["start-dev"]
|
|
||||||
env:
|
|
||||||
- name: KEYCLOAK_ADMIN
|
|
||||||
value: "admin"
|
|
||||||
- name: KEYCLOAK_ADMIN_PASSWORD
|
|
||||||
value: "admin"
|
|
||||||
- name: KC_PROXY
|
|
||||||
value: "edge"
|
|
||||||
- name: KC_HEALTH_ENABLED
|
|
||||||
value: "true"
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
containerPort: 8080
|
|
||||||
readinessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /health/ready
|
|
||||||
port: 9000
|
|
||||||
@ -1,12 +0,0 @@
|
|||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: keycloak
|
|
||||||
spec:
|
|
||||||
type: ClusterIP
|
|
||||||
selector:
|
|
||||||
app: keycloak
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
port: 8080
|
|
||||||
Loading…
x
Reference in New Issue
Block a user