init

talos-k8s-flux/clusters/t8s-demo/install/keycloak.yaml

@@ -0,0 +1,105 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: keycloak
+  labels:
+    app.kubernetes.io/component: keycloak
+    pod-security.kubernetes.io/enforce: privileged
+---
+
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: keycloak
+  namespace: flux-system
+spec:
+  interval: 1h
+  targetNamespace: keycloak
+  chart:
+    spec:
+      chart: keycloak
+      version: 24.7.4
+      sourceRef:
+        kind: HelmRepository
+        name: bitnami-repo
+        namespace: flux-system
+      interval: 60m
+  values:
+    ingress:
+      enabled: false
+      # hostname: key-dev.bildme.ru
+      # servicePort: http
+      # tls: true
+      # extraTls:
+      #   - hosts:
+      #       - key-dev.bildme.ru
+      #     secretName: tls-ingress
+    # tls:
+    #   enabled: true
+    #   existingSecret: "tls-ingress"
+
+    service:
+      type: NodePort
+      http:
+        enabled: true
+      ports:
+        http: 80
+        https: 443
+      nodePorts:
+        # http: "8080"
+        # https: "8494"
+        nodePortHttp: "32183"
+        nodePortHttps: "32184"
+
+    # extraVolumes: |
+    #   - name: theme
+    #     emptyDir: {}
+
+    # extraVolumeMounts:
+    #   - name: theme
+    #     mountPath: /opt/bitnami/keycloak/themes
+
+    # initContainers:
+    #   - name: theme-provider
+    #     image: hub.bildme.ru/img/keycloak-theme:0.0.2
+    #     imagePullPolicy: IfNotPresent
+    #     command:
+    #       - sh
+    #     args:
+    #       - -c
+    #       - |
+    #         echo "Copying theme..."
+    #         cp -R -keycloak-theme/* /theme
+    #     volumeMounts:
+    #       - name: theme
+    #         mountPath: /theme
+
+    metrics:
+      enabled: false
+      serviceMonitor:
+        enabled: true
+        labels:
+          app: kube-prometheus-stack
+          release: in-cluster-monitoring
+      prometheusRule:
+        enabled: false
+
+    postgresql:
+      enabled: true
+      storageClass: "nfs-client"
+
+    # externalDatabase:
+    #   host: "keycloak-test-db-rw"
+    #   port: 5432
+    #   user: keycloakdbadmin
+    #   database: keycloakinfradbtest
+    #   password: ""
+    #   existingSecret: "keycloak-test-db-app"
+    #   existingSecretHostKey: ""
+    #   existingSecretPortKey: ""
+    #   existingSecretUserKey: ""
+    #   existingSecretDatabaseKey: ""
+    #   existingSecretPasswordKey: ""
+    #   annotations: {}
+
+    # httpRelativePath: "/auth/"