diff options
Diffstat (limited to 'data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak')
4 files changed, 123 insertions, 0 deletions
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml new file mode 100644 index 0000000..5cd9975 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml @@ -0,0 +1,52 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + spec: + containers: + - name: keycloak + image: quay.io/keycloak/keycloak:21.0.2 + args: ["start-dev"] + env: + - name: KEYCLOAK_ADMIN + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: username + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: password + - name: KC_PROXY + value: "edge" + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /realms/master + port: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml new file mode 100644 index 0000000..40e6d22 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" +spec: + ingressClassName: "traefik" + tls: + - hosts: + - id.tyil.nl + secretName: tls-nl.tyil.id + rules: + - host: id.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: keycloak + port: + number: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml new file mode 100644 index 0000000..acda853 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services +spec: + encryptedData: + password: AgCpUewLKDwRembIHJSygOSViDlKDmA0UhKS6xaEWWpSZ2Cc0rJbtQZG6blK5O231wAXiILfCjY9oKAzLaHKQ+gqrmCwMCcYBsBT+r9SUk5iSYHUQW90nCNwgZ9kzCE8erBTFov2qWFLHxCuzhrAp2BlSDP8mAV8OwGuiNFeaqv0yVciaMfz89h+y4O3hJgGIhNZn8Pn/z4KgbP21GwUHf9OYCpkTfLyHFKqkfSUyBivIYlcI4aOL6PEy4PIPbSW0VgtPRwWCSM+/QU8H7MiOn93r9shtDcifp/9irWmd+PHwGE+xaJZLacirRtMcR4Fg9nV5V/AbuDjUokj4hwWyXN7RJBXa7uEhYGOhmGVHEqjuSkXRTxIH0d2xdXRSbKMMVcv1nOytRs2l5e98ggPWq1CwF1XCVnGosAkynlmaB0DKztdRJz3g2FJeFkLjDWOjOMV8iPLHbCrOZeJ59snknzeYaIZ7WZ5BKLRUSXSC7yQvNX6dAD0eSCs1pKb+kFcaBVYi0vjEwIMe4KlSgYcaVXOyte65PCC1GYFgWyjr50g2qDLIJNzEQYj41nsTUwu5r29YRcj8hBX4aVMJO4VMlOMwWbOOvjLZCpFY0wASUoGaM/PEHllHqboVKPIokbZokyAMH6XwGHzy4gybB9OQUSe6+rYjST2CjF+JL0Z50yi0qg0bpnyUJ9GLcTOEY8FGkS241NlInRDGYw= + username: AgA+PP/Nr93rKQix8v9cx4r/LOHfUVjNA+6QEB3ITCbrjpmPC7DlzYtmGVGmIKpTqnzBZZOc1KjdVVgF+YNOZLoulGQOp3cx18LgxbxLU3Uh5kuSKkRDOZzSxe6OpVy0DE5aJXQqB9uzPDs9liIasW6ELbgOcgxOyk/+I0vkYcFpb+J7lbOMsLm4iPW/aY6AV35vmB0QLutDBoBiObfdwI9xJUHCZds9emuPY9wElybzBpsUVDoW9diTu64ePNL55RvTMloShTt4ICVrR/WGIJnOiwtXIMigzzBWPFBPyYIOsjMfBQgquXhpRVksNhSfmVQWwvWaFPb7IjeS1KeyIPl01XeJRej+AodT8n0lmW1YFsUiMj6GRELBNCmeW+r3+vWJlXcaVAN9a8ds8bN3F34iVs/JxVUHVA25T/bdtJY9kS0eM+9Xfli6F5Z61v8jjKS2PfJGAJq1Gly6E5eugzslHVwjmSfkB2mGYL8IJ3SJl93C+CX6l3txKKa+EWN7Sdt0wZpSZKUw4nmiYK8Vt6rvgcKc41obTxSFdQyYpwBtzGINuda5kto92gXvZi/FmBxISP2uCXPpcIHfnFS73xyuLTsRjmHgHr8ss/LGYdBPE7PLihd+av1mMd02X4j+pfT0E11EbHp+sJ47W0UGskYsR24HJw4pXVwYcFA0lfNd8PQgDPOOcxOYz65iFnmnAfeSBJo5 + template: + data: null + metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services + type: Opaque + diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml new file mode 100644 index 0000000..c9068b7 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + ports: + - name: http + port: 8080 + targetPort: 8080 +... |