KubeZero/charts/kubezero-auth/templates/keycloak/keycloak.yaml

53 lines
1.3 KiB
YAML
Raw Normal View History

2022-05-11 14:31:37 +00:00
{{- if .Values.keycloak.enabled }}
apiVersion: k8s.keycloak.org/v2alpha1
kind: Keycloak
metadata:
name: {{ template "kubezero-lib.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
instances: {{ .Values.keycloak.replicas }}
additionalOptions:
# Needs int casting thx to https://github.com/kubernetes-sigs/yaml/issues/45
{{- if lt (int .Values.keycloak.replicas) 2 }}
2022-05-11 14:31:37 +00:00
- name: cache
value: local
{{- end }}
{{- if .Values.postgresql.enabled }}
- name: db
value: postgres
- name: db-url-host
value: {{ template "kubezero-lib.fullname" . }}-postgresql
- name: db-username
value: keycloak
- name: db-password
secret:
name: {{ template "kubezero-lib.fullname" . }}-postgresql
key: password
{{- else }}
# Fallback to local file within the pod - dev ONLY !!
2022-05-11 14:31:37 +00:00
- name: db
value: dev-file
{{- end }}
2022-05-11 14:31:37 +00:00
- name: hostname-strict-https
value: "false"
- name: proxy
value: edge
2022-05-11 14:31:37 +00:00
- name: http-enabled
value: "true"
ingress:
enabled: false
http:
httpEnabled: true
2022-05-11 14:31:37 +00:00
# We use Istio Ingress to terminate TLS
# mTls down the road
hostname:
hostname: {{ default "keycloak" .Values.keycloak.istio.url }}
strict: false
strictBackchannel: false
2022-05-11 14:31:37 +00:00
{{- end }}