From 9fdc42a6a32438e5ae5e6e32a8dd3817a3ad9e51 Mon Sep 17 00:00:00 2001
From: titver968 <vermesan@hotmail.com>
Date: Tue, 30 Dec 2025 12:42:56 +0100
Subject: [PATCH] keycloak certificate in argo-cd

---
 .../include/.keycloak-cerficate.yaml.swp      | Bin 0 -> 12288 bytes
 argocd/apps/keycloak/values-keycloak.yaml     |  42 ++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 argocd/apps/cert-manager/include/.keycloak-cerficate.yaml.swp
 create mode 100644 argocd/apps/keycloak/values-keycloak.yaml

diff --git a/argocd/apps/cert-manager/include/.keycloak-cerficate.yaml.swp b/argocd/apps/cert-manager/include/.keycloak-cerficate.yaml.swp
new file mode 100644
index 0000000000000000000000000000000000000000..70117043054dae0fb2e299cb52c1f1fee8c332fc
GIT binary patch
literal 12288
zcmeI&y>1jS5C`x%dOifA-;g4eZ*!!|N)$kqA{0oZp!0br7i)LzmF+$0gai^bbi6=1
z9)pIOGIb;#gz;rh;X?<a1pO_IeBQBV*T2p>&-YJ`j*G+TjHKNmy4*dq=E6?S-x4L8
zhPdR=anvs7x3simb*#-3?;G{lhAp#*UjI<AT-e0Aw9fgnVO}-|vD9JVO<n4~kEP*|
zRHvO@aF9u+9cnHcUYXYGMoIS68l8B$(p|gtjYvQM0@ngJ>EPjPKaY1G>=gIzzPL`|
z7X%;x0SG_<0uX=z1R(I=3#5KRZ)BG@#+}|8`^iuJI79~l2tWV=5P$##AOHafKmY;|
zfWSW}plhN>a_E1b5B~E1|K|LEd7J2q#Ak^Q60al%iI);P689y(%H#`)PZA#`a*cNq
zXb^w^1Rwwb2tWV=5P$##AOL~i3KY^7!4G{^e1H9WYCYvtV_jVpPun3T4o5K#9M;dB
z?zk#iPEoNlVbv#jY}fhcd|IvNsA6w(d3>6$oG*2<-YL0xuAJqXL)7LhvYXbtCktv9
zpGno27aQMo-sNHScSRzb!0Bq?=H)82kz&s#SI!?Edu^m}Gt61VmF%n=6IJnt?^K(b
g)N#_aPP(FzNbb(ttNZb!dwU|glg<8uS}tew4draZ4gdfE

literal 0
HcmV?d00001

diff --git a/argocd/apps/keycloak/values-keycloak.yaml b/argocd/apps/keycloak/values-keycloak.yaml
new file mode 100644
index 0000000..9ce6230
--- /dev/null
+++ b/argocd/apps/keycloak/values-keycloak.yaml
@@ -0,0 +1,42 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: keycloak-tls
+  namespace: kube-system
+spec:
+  secretName: keycloak-tls
+  issuerRef:
+    name: lets-encrypt
+    kind: ClusterIssuer
+  dnsNames:
+    - keycloak.innovation-hub-niedersachsen.de
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: keycloak
+  namespace: kube-system
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`keycloak.innovation-hub-niedersachsen.de`)
+      kind: Rule
+      services:
+        - name: keycloak-external
+          port: 8080
+  tls:
+    secretName: keycloak-tls
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: keycloak-external
+  namespace: kube-system
+spec:
+  type: ExternalName
+  externalName: keycloak.innohub.local
+  ports:
+    - port: 8080