Jeff Billimek

> can we maybe change in the readme the `kubectl apply` by `kubectl create` just to avoid having to search for that? @jonathanbeber do you happen to know if the...

Thanks @ChipWolf. This is a problem, and I'm not sure the best approach for fixing it: * Helm will not upgrade changes to CRDs beyond whatever version they were upon...

As things stand right now in this repo's configuration with flux2, even installing the cert-manager CRDs out-of-band from the helm chart causes issues and failures within flux to reconcile. The...

Some more references: * https://fluxcd.io/docs/guides/mozilla-sops/ * https://github.com/k8s-at-home/template-cluster-k3s

Thanks @echel0n! Will take a look at the [helm chart](https://github.com/codecentric/helm-charts/tree/master/charts/keycloak).

Some references: * https://github.com/ibuetler/docker-keycloak-traefik-workshop * https://github.com/containous/traefik/issues/593

See also [authelia](https://www.authelia.com/): repo: https://github.com/clems4ever/authelia

If sticking with cloud-based (Auth0), now that nginx is being used, will likely deploy something like: * [oauth2-proxy helm chart](https://github.com/helm/charts/tree/master/stable/oauth2-proxy) * configure oauth2-proxy to leverage auth0 with something like [this...

Deployed oauth2-proxy configured to use auth0: https://github.com/billimek/k8s-gitops/tree/master/kube-system/oauth2-proxy

Interesting, you need to run keycloak sidecards on all of the target workloads doing auth? I was hoping it could be used as a 'central' replacement for something like auth0.