...
Using a NodePort and NGINX as a reverse proxy, we finally got it online: https://keycloak.folio.gbv.de/ (you need a whitelisted IP to access it). To make this work, we had to adjust KC_HOSTNAME and KC_HOSTNAME_BACKCHANNEL to <https://keycloak.folio.gbv.de/.
GBV: 2025-02-12
We have the MGR-Apps in place. Unfortunately the security-setup does not work until now. If we enable SECURITY_ENABLED=true for mgr-applications with with EPHEMERAL, the Container crashes. We guess the secrets must be stored in VAULT, but there is no hint in the existing setup-instractions how to do it.
Vorschlag: We tried to start the mgr-applications deployment but failed so far. We currently assume that mgr-apps tries to retrieve a token from keycloak and fails with the following message during what seems to be the bootstrap step triggered by the KC_IMPORT_ENABLED = true. It generates the following error in mgr-applications log:
...