From d9f5e4774b186168ab3c8a31d4fed679bae2bed9 Mon Sep 17 00:00:00 2001
From: Joe Banks <joe@jb3.dev>
Date: Sat, 24 Aug 2024 03:54:57 +0100
Subject: Move Keycloak to custom image

---
 kubernetes/namespaces/tooling/keycloak/configmap.yaml  | 2 +-
 kubernetes/namespaces/tooling/keycloak/deployment.yaml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'kubernetes/namespaces/tooling')

diff --git a/kubernetes/namespaces/tooling/keycloak/configmap.yaml b/kubernetes/namespaces/tooling/keycloak/configmap.yaml
index bf3c49d..ca02049 100644
--- a/kubernetes/namespaces/tooling/keycloak/configmap.yaml
+++ b/kubernetes/namespaces/tooling/keycloak/configmap.yaml
@@ -7,7 +7,7 @@ data:
   # Set the hostname for outbound traffic and enable the feature to read that
   # environment variable
   KC_HOSTNAME: "id.pydis.wtf"
-  KC_FEATURES: "hostname:v2"
+  KC_FEATURES: "hostname:v2,passkeys"
 
   # Set the location of the TLS certificates generated by Vault
   KC_HTTPS_CERTIFICATE_FILE: "/vault/secrets/server.crt"
diff --git a/kubernetes/namespaces/tooling/keycloak/deployment.yaml b/kubernetes/namespaces/tooling/keycloak/deployment.yaml
index 6957b13..a68ac57 100644
--- a/kubernetes/namespaces/tooling/keycloak/deployment.yaml
+++ b/kubernetes/namespaces/tooling/keycloak/deployment.yaml
@@ -32,8 +32,8 @@ spec:
       serviceAccountName: internal-tls-issuer
       containers:
         - name: keycloak
-          image: quay.io/keycloak/keycloak:25.0.4
-          args: ["start"]
+          image: ghcr.io/owl-corp/keycloak:25.0.4
+          imagePullPolicy: Always
           envFrom:
             - secretRef:
                 name: keycloak-secret-env
-- 
cgit v1.2.3