# Fix DNS resolution for keycloak.nge6.com from inside cluster
apiVersion: kubernetes.crossplane.io/v1alpha2
kind: Object
metadata:
  name: keycloak-internal-dns
  namespace: crossplane-system
spec:
  providerConfigRef:
    name: kubernetes-provider
  forProvider:
    manifest:
      apiVersion: v1
      kind: Service
      metadata:
        name: keycloak-nge6-com
        namespace: pomerium
      spec:
        type: ExternalName
        externalName: keycloak-http.auth-system.svc.cluster.local
        ports:
        - port: 80
          targetPort: 80
---
# Add custom hosts entry to CoreDNS
apiVersion: kubernetes.crossplane.io/v1alpha2
kind: Object
metadata:
  name: coredns-custom-hosts
  namespace: crossplane-system
spec:
  providerConfigRef:
    name: kubernetes-provider
  forProvider:
    manifest:
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: coredns-custom
        namespace: kube-system
      data:
        keycloak.override: |
          keycloak.nge6.com:53 {
            hosts {
              212.2.241.28 keycloak.nge6.com
              fallthrough
            }
          }