yonote/onprem-deploy
14
0
Fork 0
Code Pull Requests 2 Releases Activity

test

Browse Source
This commit is contained in:
artem.drozdov
2024-08-14 15:38:44 +03:00
parent 711d43f2ae
commit aa7ce3d79f
9 changed files with 201 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yonote-keycloak-chart/Chart.lock
View File

@@ -6,4 +6,4 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
version: 11.6.2
digest: sha256:4ff512f4cf7c217961e59af3e2cb656f4d6fc8441f17ce3da96ca1a03f58bf58
generated: "2024-07-16T12:04:39.863844193+03:00"
generated: "2024-08-13T16:19:44.489332745+03:00"

3
yonote-keycloak-chart/secret-values.yaml
View File

@@ -8,4 +8,5 @@ keycloak:
secrets:
stringData:
KEYCLOAK_ADMIN_PASSWORD: "12345"
KC_DB_PASSWORD: "tT9BqYdNyd1"
KC_DB_PASSWORD: "tT9BqYdNyd1"

44
yonote-keycloak-chart/traefik-forward-auth.yaml
View File

@@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik-forward-auth
namespace: yonote-develop
namespace: yonote-onprem
labels:
app: traefik-forward-auth
spec:
@@ -35,11 +35,11 @@ spec:
- name: DEFAULT_PROVIDER
value: "oidc"
- name: PROVIDERS_OIDC_ISSUER_URL
value: "https://auth.yonote.develop.wilix.dev/realms/dev-forward-auth"
value: "https://auth.onprem-test.stands.wilix.dev/realms/yonote"
- name: PROVIDERS_OIDC_CLIENT_ID
value: "dev-forward-auth-client"
value: "admin"
- name: PROVIDERS_OIDC_CLIENT_SECRET
value: "552xO2iJ70KiXU5laViGlEHavDjpSZ6X"
value: "12345"
- name: SECRET
value: "0987654321"
- name: LOG_LEVEL
@@ -52,4 +52,38 @@ spec:
terminationGracePeriodSeconds: 60
dnsPolicy: ClusterFirst
securityContext: {}
schedulerName: default-scheduler
schedulerName: default-scheduler
---
apiVersion: v1
kind: Service
metadata:
name: traefik-forward-auth
namespace: yonote-onprem
labels:
app: traefik-forward-auth
spec:
ports:
- name: auth-http
protocol: TCP
port: 4181
targetPort: 4181
selector:
app: traefik-forward-auth
type: ClusterIP
sessionAffinity: None
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-forward-auth
spec:
forwardAuth:
address: https://auth.onprem-test.stands.wilix.dev:4181
authResponseHeaders:
- X-Forwarded-User

52
yonote-keycloak-chart/values.yaml
View File

@@ -18,26 +18,25 @@ keycloak:
image:
registry: images.updates.yonote.ru
repository: yonote-keycloak
tag: latest
tag: 19-0.1.1
command:
- /bin/sh
- -c
- |
"/opt/keycloak/bin/kc.sh" "start-dev"
- /opt/keycloak/bin/kc.sh import --file=/opt/keycloak/data/import/realm-export.json --debug
- /opt/keycloak/bin/kc.sh start
configMaps:
configs:
data:
KEYCLOAK_PROFILE: dev
KEYCLOAK_ADMIN: root
KC_PROXY: edge
KC_HOSTNAME_STRICT: "false"
KC_HOSTNAME_ADMIN: auth.onprem-test.stands.wilix.dev/admin
KC_HOSTNAME_ADMIN: auth.onprem-test.stands.wilix.dev
KC_HOSTNAME: auth.onprem-test.stands.wilix.dev
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://yonote-keycloak-db:5432/keycloak
KC_DB_URL_DATABASE: keycloak
# KC_DB_URL_DATABASE: keycloak
KC_DB_USERNAME: keycloak
KC_HOSTNAME_STRICT_HTTPS: "false"
KC_HOSTNAME_PATH: "/"
@@ -66,7 +65,6 @@ keycloak:
memory: 128Mi
service:
service:
type: ClusterIP
port: 8080
targetPort: 8080
@@ -85,24 +83,24 @@ keycloak:
- "auth.onprem-test.stands.wilix.dev"
secretName: "auth.onprem-test.stands.wilix.dev"
livenessProbe:
enabled: true
failureThreshold: 6
initialDelaySeconds: 60
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 5
httpGet:
path: /
port: app
# livenessProbe:
# enabled: true
# failureThreshold: 6
# initialDelaySeconds: 60
# periodSeconds: 15
# successThreshold: 1
# timeoutSeconds: 5
# httpGet:
# path: /
# port: app
readinessProbe:
enabled: true
failureThreshold: 6
initialDelaySeconds: 60
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 5
httpGet:
path: /
port: app
# readinessProbe:
# enabled: true
# failureThreshold: 6
# initialDelaySeconds: 60
# periodSeconds: 15
# successThreshold: 1
# timeoutSeconds: 5
# httpGet:
# path: /
# port: app