global: prometheus: release_label: &prometheusStackDiscoveryLabel kube-prometheus-stack tenant: tenant: name: s3-mobene-keycloak-prodwork01 configuration: name: minio-config pools: - servers: 4 volumesPerServer: 2 storageClassName: hcloud-volumes size: 10Gi buckets: - name: postgres region: "" users: - name: pgbackup prometheus: diskCapacityGB: false log: audit: diskCapacityGB: false env: - name: MINIO_PROMETHEUS_AUTH_TYPE value: "public" - name: MINIO_PROMETHEUS_JOB_ID value: "mobene-keycloak" - name: MINIO_PROMETHEUS_URL value: "http://kube-prometheus-stack-prometheus.monitoring:9090" - name: CONSOLE_PROMETHEUS_URL value: "http://kube-prometheus-stack-prometheus.monitoring:9090" ingress: api: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: 32m nginx.ingress.kubernetes.io/whitelist-source-range: >- 212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,195.201.31.227/32,167.235.150.201/32,167.235.150.198/32,167.235.150.195/32,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,195.201.127.50/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32 host: s3storage-mobene-keycloak-prodwork01.smardigo.digital tls: - secretName: s3-miniotest-cert hosts: - s3storage-mobene-keycloak-prodwork01.smardigo.digital console: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/force-ssl-redirect: "true" host: s3console-mobene-keycloak-prodwork01.smardigo.digital tls: - secretName: s3-console-cert hosts: - s3console-mobene-keycloak-prodwork01.smardigo.digital postgres: pg_operator: namespace: zalando-postgres-operator monitoring: prometheusPushgatewayURL: "http://prometheus-pushgateway.monitoring:9091/metrics/job/pg_basebackup" alerts: postgres: basebackup: timeThreshold: 86400 teamLabel: '' # empty but no defined alertmanager receiver => catchall devops-team name: &pg_cluster_name postgres-cluster spec: teamId: "postgres" volume: size: 10Gi numberOfInstances: 3 users: keycloak_admin: - superuser - createdb databases: keycloak: &database_username keycloak_admin preparedDatabases: keycloak: {} postgresql: version: "14" parameters: max_connections: "100" resources: limits: memory: 2Gi requests: cpu: "0.5" additionalVolumes: - name: backup-monitoring-script mountPath: /nso_scripts/ volumeSource: configMap: name: backup-monitoring-script defaultMode: 0777 targetContainers: - postgres prometheus-postgres-exporter: serviceMonitor: enabled: true labels: release: kube-prometheus-stack rbac: pspEnabled: false config: datasourceSecret: name: postgres-exporter-database-connection key: datasource keycloak: image: registry: prodnso-harbor-01.smardigo.digital repository: smardigo/keycloak tag: 20.0.2.1 pullSecrets: - harbor-pull-secret debug: true args: - "start" httpRelativePath: "/auth/" ingress: enabled: true hostname: keycloak-prodwork01.smardigo.digital annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "true" nginx.ingress.kubernetes.io/whitelist-source-range: >- 212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,195.201.31.227/32,167.235.150.201/32,167.235.150.198/32,167.235.150.195/32,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,195.201.127.50/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32