From 4f82e5d15f9f8eceec12de0fe52a2b76e61e10e7 Mon Sep 17 00:00:00 2001
From: Hills Eternity <ab@hexor.cy>
Date: Tue, 19 May 2026 12:45:30 +0000
Subject: [PATCH] Update k8s/core/postgresql/external-secrets.yaml

---
 k8s/core/postgresql/external-secrets.yaml | 33 ++++++++++++-----------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/k8s/core/postgresql/external-secrets.yaml b/k8s/core/postgresql/external-secrets.yaml
index bb85f72..e6e4665 100644
--- a/k8s/core/postgresql/external-secrets.yaml
+++ b/k8s/core/postgresql/external-secrets.yaml
@@ -17,20 +17,23 @@ spec:
         PGADMIN_CONFIG_OAUTH2_CONFIG: |-
           [
             {
-              'OAUTH2_NAME': 'Authentik',
-              'OAUTH2_DISPLAY_NAME': 'Authentik',
-              'OAUTH2_CLIENT_ID': '{{ .client_id }}',
-              'OAUTH2_CLIENT_SECRET': '{{ .client_secret }}',
-              'OAUTH2_TOKEN_URL': '{{ .pgadmin_url }}/application/o/token/',
-              'OAUTH2_AUTHORIZATION_URL': '{{ .pgadmin_url }}/application/o/authorize/',
-              'OAUTH2_SERVER_METADATA_URL': '{{ .pgadmin_url }}/application/o/pgadmin/.well-known/openid-configuration',
-              'OAUTH2_API_BASE_URL': '{{ .pgadmin_url }}',
-              'OAUTH2_USERINFO_ENDPOINT': '{{ .pgadmin_url }}/application/o/userinfo/',
-              'OAUTH2_SCOPE': 'openid profile email',
-              'OAUTH2_USERNAME_CLAIM': 'email',
-              'OAUTH2_BUTTON_COLOR': '#000000',
-              'OAUTH2_SSL_CERT_VERIFICATION': False,
-              'OAUTH2_LOGOUT_URL': '{{ .pgadmin_url }}/application/o/pgadmin/end-session/'
+                'OAUTH2_NAME': 'Keycloak',
+                'OAUTH2_DISPLAY_NAME': 'Keycloak',
+                'OAUTH2_CLIENT_ID': '{{ .client_id }}',
+                'OAUTH2_CLIENT_SECRET': '{{ .client_secret }}',
+                
+                'OAUTH2_TOKEN_URL': '{{ .keycloak_url }}/realms/hexor/protocol/openid-connect/token',
+                'OAUTH2_AUTHORIZATION_URL': '{{ .keycloak_url }}/realms/hexor/protocol/openid-connect/auth',
+                'OAUTH2_SERVER_METADATA_URL': '{{ .keycloak_url }}/realms/hexor/.well-known/openid-configuration',
+                'OAUTH2_API_BASE_URL': '{{ .keycloak_url }}',
+                'OAUTH2_USERINFO_ENDPOINT': '{{ .keycloak_url }}/realms/hexor/protocol/openid-connect/userinfo',
+                
+                'OAUTH2_SCOPE': 'openid profile email',
+                'OAUTH2_USERNAME_CLAIM': 'email',
+                'OAUTH2_BUTTON_COLOR': '#000000',
+                'OAUTH2_SSL_CERT_VERIFICATION': False,
+                
+                'OAUTH2_LOGOUT_URL': '{{ .keycloak_url }}/realms/hexor/protocol/openid-connect/logout',
             }
           ]
   data:
@@ -78,7 +81,7 @@ spec:
         metadataPolicy: None
         key: 832042b9-7edb-4f4c-9254-3c8884ba9733
         property: fields[1].value
-    - secretKey: pgadmin_url
+    - secretKey: keycloak_url
       sourceRef:
         storeRef:
           name: vaultwarden-login