keycloak fixes

2025-11-08 15:36:11 +01:00
parent f5024da2b5
commit 47fccb18a2
2 changed files with 40 additions and 4 deletions
--- a/keycloak/main.yaml
+++ b/keycloak/main.yaml
@@ -122,7 +122,12 @@ spec:
                app.kubernetes.io/name: keycloakx
            topologyKey: kubernetes.io/hostname
      containers:
-      - env:
+      - command:
+        - /opt/keycloak/bin/kc.sh
+        - start
+        - --http-port=8080
+        - --hostname-strict=false
+        env:
        - name: KC_HTTP_RELATIVE_PATH
          value: /auth
        - name: KC_CACHE
@@ -138,7 +143,7 @@ spec:
        - name: KC_DB_URL_HOST
          value: cnpg-keycloak-cluster-rw.keycloak.svc.cluster.local
        - name: KC_DB_URL_PORT
-          value: "1234"
+          value: "5432"
        - name: KC_DB_URL_DATABASE
          value: keycloak
        - name: KC_DB_USERNAME
@@ -195,6 +200,33 @@ spec:
          timeoutSeconds: 1
        volumeMounts: null
      enableServiceLinks: true
+      initContainers:
+      - command:
+        - sh
+        - -c
+        - |
+          echo 'Waiting for Database to become ready...'
+
+          until printf "." && nc -z -w 2 cnpg-keycloak-cluster-rw.keycloak.svc.cluster.local 5432; do
+              sleep 2;
+          done;
+
+          echo 'Database OK ✓'
+        image: docker.io/busybox:1.32
+        imagePullPolicy: IfNotPresent
+        name: dbchecker
+        resources:
+          limits:
+            cpu: 20m
+            memory: 32Mi
+          requests:
+            cpu: 20m
+            memory: 32Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          runAsGroup: 1000
+          runAsNonRoot: true
+          runAsUser: 1000
      restartPolicy: Always
      securityContext:
        fsGroup: 1000