apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: echoserver
  namespace: keycloak
  annotations:
    ingress.kubernetes.io/oauth: oauth2_proxy
    ingress.kubernetes.io/auth-url: https://auth.werts.us/oauth2/auth
    ingress.kubernetes.io/auth-signin: https://auth.werts.us/oauth2/start?rd=https://echo.werts.us
    ingress.kubernetes.io/auth-signout-not-implemented: https://auth.werts.us/realms/werts/protocol/openid-connect/logout
spec:
  ingressClassName: haproxy
  rules:
  - host: echo.werts.us
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: echoserver
            port:
              number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: echoserver-non-auth
  namespace: keycloak
spec:
  ingressClassName: haproxy
  rules:
  - host: echo.werts.us
    http:
      paths:
      - path: /non-auth
        pathType: Prefix
        backend:
          service:
            name: echoserver
            port:
              number: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: keycloak
  name: echoserver
spec:
  replicas: 1
  selector:
    matchLabels:
      app: echoserver
  template:
    metadata:
      labels:
        app: echoserver
    spec:
      containers:
      - image: mendhak/http-https-echo:30
        name: echoserver
        ports:
        - containerPort: 4180
          name: http
          protocol: TCP
      restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
  name: echoserver
  namespace: keycloak
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app: echoserver
  type: ClusterIP