From b6ea4d2615d5a997264eb6f712338cf4ced7e8f9 Mon Sep 17 00:00:00 2001 From: dvirlabs Date: Sun, 15 Mar 2026 06:39:32 +0200 Subject: [PATCH] Set keycloak with http instead https for traefik and keep https for users (external --- manifests/keycloak/values.yaml | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/manifests/keycloak/values.yaml b/manifests/keycloak/values.yaml index 19cc53c..c5a5a47 100644 --- a/manifests/keycloak/values.yaml +++ b/manifests/keycloak/values.yaml @@ -18,12 +18,7 @@ proxyHeaders: xforwarded replicaCount: 1 tls: - enabled: true - usePem: true - autoGenerated: true - # existingSecret: keycloak-crt # Removed - using auto-generated certificate instead - certFilename: tls.crt - certKeyFilename: tls.key + enabled: false service: type: ClusterIP @@ -36,12 +31,10 @@ ingress: ingressClassName: traefik hostname: keycloak.dvirlabs.com path: / - servicePort: https + servicePort: http annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/service.serversscheme: https - traefik.ingress.kubernetes.io/service.serverstransport: infra-keycloak-insecure@kubernetescrd tls: true postgresql: @@ -62,8 +55,8 @@ postgresql: customStartupProbe: httpGet: path: /realms/master - port: https - scheme: HTTPS + port: http + scheme: HTTP initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 @@ -73,8 +66,8 @@ customStartupProbe: customLivenessProbe: httpGet: path: /realms/master - port: https - scheme: HTTPS + port: http + scheme: HTTP initialDelaySeconds: 120 periodSeconds: 10 timeoutSeconds: 5 @@ -84,8 +77,8 @@ customLivenessProbe: customReadinessProbe: httpGet: path: /realms/master - port: https - scheme: HTTPS + port: http + scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5