ingress-keycloak-example.yaml

apiVersion: v1
kind: Service
metadata:
  name: external-keycloak
spec:
  ports:
  - name: https
    port: 8443
    targetPort: 8443
---
apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
  name: external-keycloak-1
  labels:
    kubernetes.io/service-name: external-keycloak
addressType: IPv4
ports:
  - name: ''
    appProtocol: http
    protocol: TCP
    port: 8443
endpoints:
  - addresses:
      - "172.17.0.1"
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: external-keycloak
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
    nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
    nginx.ingress.kubernetes.io/proxy-busy-buffers-size: "24k"
    nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "180s"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "180s"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "180s"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Server $host;
      proxy_set_header X-Forwarded-Uri $request_uri;
spec:
  tls:
    - hosts:
      - $KEYCLOAK_EXTERNAL_URL
      secretName: tls-keycloak-ingress
  rules:
  - host: $KEYCLOAK_EXTERNAL_URL
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: external-keycloak
            port:
              number: 8443