2277d3592d
- Keycloak (Bitnami Helm chart) with PostgreSQL on Longhorn - oauth2-proxy for arch-docs dev/staging auth - ArgoCD OIDC integration via ConfigMap - Realm 'infrastructure': users admin/claude, groups infra-admins/infra-bots - 4 OIDC clients: grafana, argocd, gitea, oauth2-proxy - NetworkPolicy: default-deny + selective allow - oauth2-proxy ingress for dev/staging subdomains
23 lines
500 B
YAML
23 lines
500 B
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: keycloak-infra
|
|
namespace: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: http://10.10.10.1:3000/claude/k8s-apps.git
|
|
targetRevision: main
|
|
path: apps/keycloak
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: keycloak
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=false
|