How to configure custom themes for keyCloak on kubernetes
The approach that I have used on the past was to first create a .tar file (e.g., custom_theme.tar
) with the custom themes to be used in Keycloak. Then mount volume to the folder where the Keycloak themes are stored (i.e., /opt/jboss/keycloak/themes/my_custom_theme
), and copy the .tar file with the custom themes from a local folder into the Keycloak container.
The helm char folder structure:
Chart.yaml custom_theme.tar templates values.yaml
the content of :
values.yaml:
password: adminpassword
The template folder structure:
customThemes-configmap.yaml ingress.yaml service.yamldeployment.yaml secret.yaml
the content of :
customThemes-configmap.yaml
apiVersion: v1kind: ConfigMapmetadata: name: customthemes-configmapbinaryData: custom_theme.tar: |- {{ .Files.Get "custom_theme.tar" | b64enc}}
ingress.yaml
apiVersion: extensions/v1beta1kind: Ingressmetadata: name: keycloakspec: tls: - hosts: - keycloak-sprint01.demo rules: - host: keycloak-sprint01.demo http: paths: - backend: serviceName: keycloak servicePort: 8080
service.yaml
apiVersion: v1kind: Servicemetadata: name: keycloak labels: app: keycloakspec: ports: - name: http port: 8080 targetPort: 8080 selector: app: keycloak type: LoadBalancer
secret.yaml
apiVersion: v1kind: Secretmetadata: name: keycloak-passwordtype: OpaquestringData: password: {{.Values.password}}
deployment.yaml
apiVersion: apps/v1kind: Deploymentmetadata: name: keycloak namespace: default labels: app: keycloakspec: replicas: 1 selector: matchLabels: app: keycloak template: metadata: labels: app: keycloak spec: containers: - name: keycloak image: quay.io/keycloak/keycloak:10.0.1 env: - name: KEYCLOAK_USER value: "admin" - name: KEYCLOAK_PASSWORD valueFrom: secretKeyRef: name: keycloak-password key: password - name: PROXY_ADDRESS_FORWARDING value: "true" - name: DB_VENDOR value: "h2" - name: JAVA_TOOL_OPTIONS value: -Dkeycloak.profile.feature.scripts=enabled ports: - name: http containerPort: 8080 - name: https containerPort: 8443 readinessProbe: httpGet: path: /auth/realms/master port: 8080 volumeMounts: - mountPath: /opt/jboss/keycloak/themes/my_custom_theme name: shared-volume initContainers: - name: init-customtheme image: busybox:1.28 command: ['sh', '-c', 'cp -rL /CustomTheme/custom_theme.tar /shared && cd /shared/ && tar -xvf custom_theme.tar && rm -rf custom_theme.tar'] volumeMounts: - mountPath: /shared name: shared-volume - mountPath: /CustomTheme name: theme-volume volumes: - name: shared-volume emptyDir: {} - name: theme-volume configMap: name: customthemes-configmap
I am not claiming that this is the best way to do it, I am not an expert in Kubernetes or helm. A Git repo containing the aforementioned files can be found here.