freezer/mareshq-cluster-kiwi
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2025-08-23. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
mareshq-cluster-kiwi/helm/values/keycloak.yaml
Vojtech Mares a4f9b46fdb
feat: initial commit 
Signed-off-by: Vojtech Mares <iam@vojtechmares.com>
2023-12-13 18:15:03 +01:00

112 lines
2.2 KiB
YAML
Raw Permalink Blame History

auth:
adminUser: mareshqadmin
adminPassword: mareshqadmin
global:
storageClass: longhorn
replicaCount: 2
pdb:
create: true
minAvailable: 1
autoscaling:
enabled: false
resources:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: 500m
memory: 1Gi
# Pods must be spread across nodes
# See: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_affinities.tpl#L56-L106
# podAntiAffinityPreset: hard
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
service:
type: ClusterIP
# http:
# enable: false
ingress:
enabled: true
hostname: sso.mareshq.com
servicePort: https
ingressClassName: nginx
tls: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
# Allow self-signed certificates on the backend
nginx.ingress.kubernetes.io/server-snippet: |
proxy_ssl_verify off;
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nginx.ingress.kubernetes.io/proxy-buffering: "on"
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
tls:
enabled: true
autoGenerated: true
production: true
metrics:
enabled: true
serviceMonitor:
enabled: false
postgresql:
enabled: false
externalDatabase:
existingSecret: mareshq-keycloak-database-credentials
existingSecretHostKey: host
existingSecretPortKey: port
existingSecretUserKey: username
existingSecretDatabaseKey: database
existingSecretPasswordKey: password
startupProbe:
# Keycloak should be ready to serve requests within 15 minutes
enabled: true
initialDelaySeconds: 180 # 3min
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 80 # 12min
successThreshold: 1
# Custom theme installation and configuration
initContainers:
- name: theme-installer
image: busybox:latest
command:
- /bin/sh
- "-c"
- |
wget https://vojtechmares.github.io/cdn/keywind.tar.gz -O /tmp/keywind.tar.gz
tar -xzvf /tmp/keywind.tar.gz -C /opt/bitnami/keycloak/themes
volumeMounts:
- mountPath: /opt/bitnami/keycloak/themes/keywind
name: theme
extraVolumes:
- name: theme
emptyDir: {}
extraVolumeMounts:
- name: theme
mountPath: /opt/bitnami/keycloak/themes/keywind
View git blame Copy permalink