From 22a155b558aedbe6871fc8c46e93bb3575101562 Mon Sep 17 00:00:00 2001
From: Masaki Yatsu <yatsu@yatsu.info>
Date: Sat, 16 Aug 2025 15:46:24 +0900
Subject: [PATCH] fix(keycloak): fix installation errors

---
 keycloak/justfile                      | 8 ++++----
 keycloak/keycloak-values.gomplate.yaml | 7 +++++++
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/keycloak/justfile b/keycloak/justfile
index 71ded8b..8b199db 100644
--- a/keycloak/justfile
+++ b/keycloak/justfile
@@ -332,12 +332,12 @@ delete-user username='':
 
 # Put admin credentials to Vault
 put-admin-credentials-to-vault username password:
-    @just vault::put keycloak/admin username={{ username }} password={{ password }}
+    @just vault::put-root keycloak/admin username={{ username }} password={{ password }}
     @echo "Admin credentials stored in Vault under 'keycloak/admin'."
 
 # Delete admin credentials from Vault
 delete-admin-credentials-from-vault:
-    @just vault::delete keycloak/admin
+    @just vault::delete-root keycloak/admin
     @echo "Admin credentials deleted from Vault."
 
 # Create system user {w/o email, first name and last name}
@@ -385,7 +385,7 @@ admin-username:
     # if [ "${VAULT_ENABLED}" != "false" ]; then
     #     just vault::setup-token
     #     if just vault::exist keycloak/admin 2>/dev/null; then
-    #         just vault::get keycloak/admin username
+    #         just vault::get-root keycloak/admin username
     #         echo
     #         exit 0
     #     fi
@@ -403,7 +403,7 @@ admin-password:
     # if [ "${VAULT_ENABLED}" != "false" ]; then
     #     just vault::setup-token
     #     if just vault::exist keycloak/admin 2>/dev/null; then
-    #         just vault::get keycloak/admin password
+    #         just vault::get-root keycloak/admin password
     #         echo
     #         exit 0
     #     fi
diff --git a/keycloak/keycloak-values.gomplate.yaml b/keycloak/keycloak-values.gomplate.yaml
index 4310dd6..5b0fa85 100644
--- a/keycloak/keycloak-values.gomplate.yaml
+++ b/keycloak/keycloak-values.gomplate.yaml
@@ -1,3 +1,10 @@
+production: true
+
+# Enable HTTP for health checks in production mode
+extraEnvVars:
+  - name: KC_HTTP_ENABLED
+    value: "true"
+
 auth:
   adminUser: {{ .Env.KEYCLOAK_ADMIN_USER }}
   existingSecret: keycloak-credentials