talos-kurs/talos-k8s-flux/clusters/t8s-demo/install/keycloak.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: keycloak
  labels:
    app.kubernetes.io/component: keycloak
    pod-security.kubernetes.io/enforce: privileged
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: keycloak
  namespace: flux-system
spec:
  interval: 1h
  targetNamespace: keycloak
  chart:
    spec:
      chart: keycloak
      version: 24.7.4
      sourceRef:
        kind: HelmRepository
        name: bitnami-repo
        namespace: flux-system
      interval: 60m
  values:
    ingress:
      enabled: false
      # hostname: key-dev.bildme.ru
      # servicePort: http
      # tls: true
      # extraTls:
      #   - hosts:
      #       - key-dev.bildme.ru
      #     secretName: tls-ingress
    # tls:
    #   enabled: true
    #   existingSecret: "tls-ingress"

    service:
      type: NodePort
      http:
        enabled: true
      ports:
        http: 80
        https: 443
      nodePorts:
        # http: "8080"
        # https: "8494"
        nodePortHttp: "32183"
        nodePortHttps: "32184"

    # extraVolumes: |
    #   - name: theme
    #     emptyDir: {}

    # extraVolumeMounts:
    #   - name: theme
    #     mountPath: /opt/bitnami/keycloak/themes

    # initContainers:
    #   - name: theme-provider
    #     image: hub.bildme.ru/img/keycloak-theme:0.0.2
    #     imagePullPolicy: IfNotPresent
    #     command:
    #       - sh
    #     args:
    #       - -c
    #       - |
    #         echo "Copying theme..."
    #         cp -R -keycloak-theme/* /theme
    #     volumeMounts:
    #       - name: theme
    #         mountPath: /theme

    metrics:
      enabled: false
      serviceMonitor:
        enabled: true
        labels:
          app: kube-prometheus-stack
          release: in-cluster-monitoring
      prometheusRule:
        enabled: false

    postgresql:
      enabled: true
      storageClass: "piraeus-storage"

    # externalDatabase:
    #   host: "keycloak-test-db-rw"
    #   port: 5432
    #   user: keycloakdbadmin
    #   database: keycloakinfradbtest
    #   password: ""
    #   existingSecret: "keycloak-test-db-app"
    #   existingSecretHostKey: ""
    #   existingSecretPortKey: ""
    #   existingSecretUserKey: ""
    #   existingSecretDatabaseKey: ""
    #   existingSecretPasswordKey: ""
    #   annotations: {}

    # httpRelativePath: "/auth/"