WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-06-27 23:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
8de72a0f0c28de2b9ead46bb8513eebf58a031dc
fedora-infra_ansible/roles/openshift-apps/keycloak/templates/operator-config.yml.j2
Aurélien Bompard 8de72a0f0c Use our postgresql server for IPA-tuura 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-10-21 16:12:10 +02:00

38 lines
894 B
Django/Jinja
Raw Blame History

apiVersion: k8s.keycloak.org/v2alpha1
kind: Keycloak
metadata:
name: config
spec:
instances: 1
db:
vendor: postgres
host: db-fas01{{env_suffix}}.{{datacenter}}.fedoraproject.org
usernameSecret:
name: keycloak-secrets
key: db_username
passwordSecret:
name: keycloak-secrets
key: db_password
http:
httpEnabled: true
hostname:
hostname: keycloak.apps.ocp{{env_suffix}}.fedoraproject.org
proxy:
headers: xforwarded
features:
enabled:
- ipa-tuura-federation
truststores:
ipa:
secret:
name: trusted-certs
additionalOptions:
# Connections to IPA-tuura can take longer than the default 5 seconds
- name: spi-connections-http-client--default--socket-timeout-millis
value: "60000"
# Slow login because of IPA-tuura
ingress:
annotations:
haproxy.router.openshift.io/timeout: 1m
Reference in New Issue View Git Blame Copy Permalink