keycloak
This commit is contained in:
Danijel Simeunovic
42
infra/keycloak.yaml
Normal file
42
infra/keycloak.yaml
Normal file
@@ -0,0 +1,42 @@
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: keycloak
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-wave: "1"
|
||||
labels:
|
||||
app.kubernetes.io/name: keycloak
|
||||
app.kubernetes.io/part-of: identity
|
||||
app.kubernetes.io/managed-by: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: default
|
||||
|
||||
sources:
|
||||
- repoURL: https://charts.bitnami.com/bitnami
|
||||
chart: keycloak
|
||||
targetRevision: "25.2.0"
|
||||
helm:
|
||||
releaseName: keycloak
|
||||
valueFiles:
|
||||
- $values/infra/values/keycloak-values.yaml
|
||||
|
||||
- repoURL: git@github.com:fortedigital/sturdy-adventure.git
|
||||
targetRevision: HEAD
|
||||
ref: values
|
||||
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: keycloak
|
||||
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
allowEmpty: false
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- Validate=true
|
||||
- ServerSideApply=true
|
||||
55
infra/values/keycloak-values.yaml
Normal file
55
infra/values/keycloak-values.yaml
Normal file
@@ -0,0 +1,55 @@
|
||||
# Bitnami Keycloak Helm Chart Values
|
||||
# Host: id.forteapps.net
|
||||
# Chart version: 25.2.0
|
||||
|
||||
production: true
|
||||
proxyHeaders: xforwarded
|
||||
|
||||
auth:
|
||||
adminUser: admin
|
||||
existingSecret: keycloak-credentials
|
||||
passwordSecretKey: admin-password
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
hostname: id.forteapps.net
|
||||
tls: true
|
||||
ingressClassName: traefik
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: 1Gi
|
||||
|
||||
postgresql:
|
||||
enabled: true
|
||||
auth:
|
||||
existingSecret: keycloak-credentials
|
||||
secretKeys:
|
||||
adminPasswordKey: postgres-password
|
||||
userPasswordKey: password
|
||||
username: bn_keycloak
|
||||
database: bitnami_keycloak
|
||||
primary:
|
||||
persistence:
|
||||
size: 8Gi
|
||||
|
||||
keycloakConfigCli:
|
||||
enabled: true
|
||||
configuration:
|
||||
forte-realm.json: |
|
||||
{
|
||||
"realm": "forte",
|
||||
"enabled": true,
|
||||
"displayName": "Forte",
|
||||
"sslRequired": "external",
|
||||
"registrationAllowed": false,
|
||||
"loginWithEmailAllowed": true,
|
||||
"resetPasswordAllowed": true,
|
||||
"rememberMe": true
|
||||
}
|
||||
17
secrets/keycloak-credentials-sealed.yaml
Normal file
17
secrets/keycloak-credentials-sealed.yaml
Normal file
@@ -0,0 +1,17 @@
|
||||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: keycloak-credentials
|
||||
namespace: keycloak
|
||||
spec:
|
||||
encryptedData:
|
||||
admin-password: AgCbGhJduOlTEmA9OLys+ZmuXLU5T1dmdm+fRlrNnPtvjpDCmfKYnOP4rbvBs+Kvf1Y1TZ8fbR2UTISg96pXfY/TsSoJlU024NpBWSZ4e7HxJgHtq0ZwaNi+ruw41JiQ01LrGJ23q34WaPVFV/VfCDaWMlcIJ4gfRb9+lb8jXB6/sr9zSVNWtfrPoYdECcXvr3sOIz9Y5D1eiV/uuDuDQqm+vKpZp8a3bvWO5sB/uQ6a+ECCI/NUFJHtEP8sGLsCGoJMrO1UotXCvKLpIflcxMwW3NlzHd2e7vEPRdelpc3tlT88wd33lQ2LuXMJpQuMI6eHIcVA72UtTqD5bePU1HVWb6d8Dlg6UdebUDIphuJ5rsV3uKYNMgOxn+mvBVXhu5xRBsyanwHoUIKcvvuXaN93YtXHk4khgmt6GNNFdLFEZ69wDB5tPLrlpepvKzNzFYwEIRngYNQlBT3rn8677XgBhUltoq4vYoEqYredVCrh5N7R+DrYD2OYmfsB4WWoMrmE1+Kn/HA/Nu6i5M3mAYXg3NP6Yv9dI5ynMQKVBtwGnFn/hDym1cixmxdQs2FQ3ZaD62zzcXQ0Sc2CuiYVtKg8MZjLCGQoV6ZG7UrnuZ0cyzKE2SGmOaWwFHkRysXoRZiQ/eBybUWwU4DXigczSJ3zBEg57pjEsvloHqAEcGjMxqV1VqXpty/6tdFKkRvCgO6pH5wIQA==
|
||||
password: AgBeVrYU5CDY8yBA0huXHEJuxykggruULsQB/Q/2sKOZTGZ9KyF1WSB2qJXG9CPIuwBz1YR/hlg4ezF7dQRaWNJspLXeTQgAmjwvgsa3XrfQEEoSFbt9KuN2T28W1S32YbQQJOQHMiMjn8+6YtIWTVM/14MWMGIw8J54Js1cWMsOS4BDT7qe059YMbivxOuPi+J0duL28doowmy5A393804LjyBTzWynB1XqmeBd9V5dJWeQSRl7jpvORR+LKGm/JXF9dX97kyeews0o89qa7VnPqxb9ZGUXhSufMEC8qmm2tXgyj80HaP+PE2aZ0M69o7Xmn1FkEaIxQ8stTyepG4+c7iySbdeqIWPWf0LpgPlkdEuQ7hXAtyNd2TLnD0AxNBiN8bKl2DGLIxaOpoa2PvVHqU08fFQuyHGB3uCvAhgO69Pvb6q62Og2hQHgNM4WWAgu1h9K/F3R4DyzxC0JPYAjfw+XIZCiuYX/UYpjEFXIw4pFU/2SCDGbbPNMKFVxppuBU8h8m7/QTawkJZ0y9ivv0SuIG1z2ExjX73dWk+h1my732wyaoGV+os4R5io5O+aznyvFUsH23N+jNj6WzMSromdYxHKIdmBakd7FiNqsXFy0vm7+aY+tie9WnB/ysC9zN13UpHTCkG5mn2E0X+ctzL9RM7ylQMMesfmk5VCnzewEQloGtEby334CCc/HH1X8+Ws9AO6okEMGplVI53cI2rXwXncFis37qO9yMeV5EZ18wfjXeaKxouiv/zZRuY4wnaojqJKIh0wnbwcOK1f8
|
||||
postgres-password: AgBlBR9F4xBm5B31+dwptBjxH4LvjOBd/kDr5AJ2CRpjBZOsEqZa2jnFjUujlNFKfRDWDdzt3FQ6E7VW8Qt2hsrngDgRcIH6aPoZBOSZ0xVMpqLiY+Ek8YlZXH86Oh3+m4wUFNtcM9lZwPGU09/byC5W5zWhpmsypd+waXHF6VJZmweayupvbCwHOL2af58y3HXdl7uqX2/VyTR6mVZKcLVePO/QHNTMBlkPlfw+HKjDuluPcS3MirZU42k6E5OGo3v9XheF4HoiiY5Z76YkBI9k1shYzQYk2w48iPg7QV4heZxUDgwcrkRdJA/eEAUQejakTM4m2yx84ef1xzW2vnnkxz/OTO4KCZtcM7LddBOuO6TS9LSb7JEcfx8SJ7+oQTVhEk0e7nEAMGQQrcOE8TOX122ejBnMkhJra57VnHQ73Xb6fEjQy9dhz6pEnukagIvKKsZ1gZwJkY6qBfq4MtE7nGRCL5OFdXjEFwjdHG1pyR57sYqwvmX5ufE0YZkymdxdmFl/Wigh8uIeZAkfwYgH+8bWg/1Z5yLYzXxhx4S+YjOfLO4ncy2zILw8LnIZvnrOCWgogiiYOJM32E78jZadmZOGVVXbgRvOPLZpw8458Frwsk9oaXMjL7TEryXsH8U8NzVeUBOnnmW9Z6w25a755Jkb2AwnLYbfxMoHhJm7DTTERNM4ZM4umPjUEsXhlTRo/rJ8oE4El54sdSEHIuau0U+ZDbfE0V0y2YhVK1gx2iKeDdvPmGp2LGRURT6AQNc/a5c3/S9MXLEgVSiaSUO5
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: keycloak-credentials
|
||||
namespace: keycloak
|
||||
Reference in New Issue
Block a user