From 4d8204a524733341ca750cbb65ada5a0f6dc4372 Mon Sep 17 00:00:00 2001 From: Peter Kurfer Date: Thu, 15 Aug 2024 14:23:48 +0200 Subject: [PATCH] feat(vaultwarden): provision new DB --- coder/resources/db/user.yaml | 2 +- vaultwarden/kustomization.yaml | 2 ++ vaultwarden/resources/db/db.yaml | 8 ++++++++ vaultwarden/resources/db/user.yaml | 12 ++++++++++++ 4 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 vaultwarden/resources/db/db.yaml create mode 100644 vaultwarden/resources/db/user.yaml diff --git a/coder/resources/db/user.yaml b/coder/resources/db/user.yaml index 5ee0a38..e9d369f 100644 --- a/coder/resources/db/user.yaml +++ b/coder/resources/db/user.yaml @@ -8,5 +8,5 @@ spec: database: coder secretName: coder-db-credentials privileges: OWNER - secretTemplate: # Output secrets can be customized using standard Go templates + secretTemplate: PQ_URL: "postgresql://{{.Role}}:{{.Password}}@{{.Host}}:5432/{{.Database}}?sslmode=require&search_path=coder" \ No newline at end of file diff --git a/vaultwarden/kustomization.yaml b/vaultwarden/kustomization.yaml index 1212de5..b66e9fb 100644 --- a/vaultwarden/kustomization.yaml +++ b/vaultwarden/kustomization.yaml @@ -16,6 +16,8 @@ images: resources: - "resources/namespace.yaml" + - "resources/db/db.yaml" + - "resources/db/user.yaml" - "resources/pvc.yaml" - "resources/deployment.yaml" - "resources/service.yaml" diff --git a/vaultwarden/resources/db/db.yaml b/vaultwarden/resources/db/db.yaml new file mode 100644 index 0000000..40e62b8 --- /dev/null +++ b/vaultwarden/resources/db/db.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: db.movetokube.com/v1alpha1 +kind: Postgres +metadata: + name: vaultwarden +spec: + database: vaultwarden + dropOnDelete: false \ No newline at end of file diff --git a/vaultwarden/resources/db/user.yaml b/vaultwarden/resources/db/user.yaml new file mode 100644 index 0000000..292461e --- /dev/null +++ b/vaultwarden/resources/db/user.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: db.movetokube.com/v1alpha1 +kind: PostgresUser +metadata: + name: vaultwarden +spec: + role: vaultwarden + database: vaultwarden + secretName: vaultwarden-db-credentials + privileges: OWNER + secretTemplate: + PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require" \ No newline at end of file