From 7f64d670f9c574a1c9026adee4c290b7fb48b90f Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Tue, 3 Oct 2023 09:43:52 +0200 Subject: [PATCH] refactor(lychee/keycloak): use values instead of valuesObject --- clusters/lychee/keycloak.yaml | 117 +++++++++++++++++++++++++++++++++- 1 file changed, 116 insertions(+), 1 deletion(-) diff --git a/clusters/lychee/keycloak.yaml b/clusters/lychee/keycloak.yaml index 5a693f9..3631750 100644 --- a/clusters/lychee/keycloak.yaml +++ b/clusters/lychee/keycloak.yaml @@ -22,7 +22,122 @@ spec: targetRevision: 16.1.1 helm: releaseName: keycloak - valuesObject: + # valuesObject: + # auth: + # adminUser: mareshqadmin + # existingSecret: keycloak-admin-password + # passwordSecretKey: password + + # global: + # storageClass: hcloud-volumes + + # replicaCount: 2 + + # pdb: + # create: true + # minAvailable: 1 + + # autoscaling: + # enabled: false + + # resources: + # limits: + # cpu: 500m + # memory: 1Gi + # requests: + # cpu: 500m + # memory: 1Gi + + # # Pods must be spread across nodes + # # See: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_affinities.tpl#L56-L106 + # podAntiAffinityPreset: hard + + # updateStrategy: + # type: RollingUpdate + # # See: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#maximum-unavailable-pods + # # rollingUpdate: + # # maxUnavailable: 1 + + # service: + # type: ClusterIP + # # http: + # # enable: false + + # ingress: + # enabled: true + # hostname: sso.mareshq.com + + # servicePort: https + + # ingressClassName: nginx + + # tls: true + + # annotations: + # cert-manager.io/cluster-issuer: letsencrypt-prod + # # Allow self-signed certificates on the backend + # nginx.ingress.kubernetes.io/server-snippet: | + # proxy_ssl_verify off; + # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + # nginx.ingress.kubernetes.io/proxy-buffering: "on" + # nginx.ingress.kubernetes.io/proxy-buffers-number: "4" + # nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" + + # tls: + # enabled: true + # autoGenerated: true + + # production: true + + # metrics: + # enabled: true + + # serviceMonitor: + # enabled: false + + # postgresql: + # enabled: false + + # externalDatabase: + # existingSecret: keycloak-database + # existingSecretHostKey: host + # existingSecretPortKey: port + # existingSecretDatabaseKey: database + # existingSecretUserKey: username + # existingSecretPasswordKey: password + + # startupProbe: + # # Keycloak should be ready to serve requests within 15 minutes + # enabled: true + # initialDelaySeconds: 180 # 3min + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 80 # 12min + # successThreshold: 1 + + # # Custom theme installation and configuration + # initContainers: + # - name: theme-installer + # image: busybox:latest + # command: + # - /bin/sh + # - "-c" + # - | + # wget https://cdn.mareshq.com/keywind.tar.gz -O /tmp/keywind.tar.gz + # tar -xzvf /tmp/keywind.tar.gz -C /opt/bitnami/keycloak/themes + + # volumeMounts: + # - mountPath: /opt/bitnami/keycloak/themes/keywind + # name: theme + + # extraVolumes: + # - name: theme + # emptyDir: {} + + # extraVolumeMounts: + # - name: theme + # mountPath: /opt/bitnami/keycloak/themes/keywind + values: | auth: adminUser: mareshqadmin existingSecret: keycloak-admin-password