From d0ae7760bc6d3a32b099e0868c1fa40db7c1dcc2 Mon Sep 17 00:00:00 2001
From: dvirlabs <dvirlabs@gmail.com>
Date: Fri, 13 Mar 2026 15:36:41 +0200
Subject: [PATCH] Update keycloak values

---
 manifests/keycloak/values.yaml | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/manifests/keycloak/values.yaml b/manifests/keycloak/values.yaml
index 438d79c..0735dcb 100644
--- a/manifests/keycloak/values.yaml
+++ b/manifests/keycloak/values.yaml
@@ -13,9 +13,16 @@ auth:
   adminPassword: adminpassword
 
 production: true
+proxyHeaders: xforwarded
 
 tls:
-  enabled: false
+  enabled: true
+  usePemCerts: true
+  autoGenerated:
+    enabled: false
+  existingSecret: keycloak-crt
+  certFilename: tls.crt
+  certKeyFilename: tls.key
 
 replicaCount: 1
 
@@ -30,10 +37,11 @@ ingress:
   ingressClassName: traefik
   hostname: keycloak.dvirlabs.com
   path: /
-  servicePort: http
+  servicePort: https
   annotations:
     traefik.ingress.kubernetes.io/router.entrypoints: websecure
     traefik.ingress.kubernetes.io/router.tls: "true"
+    traefik.ingress.kubernetes.io/service.serversscheme: https
   tls: true
 
 postgresql:
@@ -49,8 +57,8 @@ postgresql:
 customReadinessProbe:
   httpGet:
     path: /realms/master
-    port: http
-    scheme: HTTP
+    port: https
+    scheme: HTTPS
   initialDelaySeconds: 30
   periodSeconds: 10
   timeoutSeconds: 1
@@ -59,8 +67,4 @@ customReadinessProbe:
 
 extraEnvVars:
   - name: KEYCLOAK_LOGLEVEL
-    value: INFO
-  - name: KC_HTTP_ENABLED
-    value: "true"
-  - name: KC_PROXY_HEADERS
-    value: xforwarded
\ No newline at end of file
+    value: INFO
\ No newline at end of file