commit 734e1b22f9a34216b95af3e484d276a3364a936f Author: Peter Kurfer Date: Tue Dec 10 08:43:59 2024 +0100 initial commit diff --git a/examples/db/cluster.yaml b/examples/db/cluster.yaml new file mode 100644 index 0000000..00dfd93 --- /dev/null +++ b/examples/db/cluster.yaml @@ -0,0 +1,94 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: pgsodium-config +data: + pgsodium_getkey.sh: | + #!/bin/bash + set -euo pipefail + if [[ -z "${VAULT_KEY}" ]]; then + echo "PGSODIUM_KEY is not set" >&2 + exit 1 + fi + + echo -n "$VAULT_KEY" +--- +apiVersion: v1 +kind: Secret +metadata: + name: pgsodium-key +data: + # Generate a 32-byte key + # head -c 32 /dev/urandom | od -A n -t x1 | tr -d ' \n' | base64 + key: NmE4YzQwMWY3NzI4YzdiMWViOTE5NmJhMWRlYmFkOTRhMDRlZTgwZDUzZDg4NWE5MWZlODY0MzdkOGIyYmQ2OA== +--- +apiVersion: v1 +kind: Secret +metadata: + name: supabase-admin-credentials + labels: + cnpg.io/reload: "true" +type: kubernetes.io/basic-auth +stringData: + username: supabase_admin + password: 1n1t-R00t! +--- +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: cluster-example +spec: + instances: 1 + imageName: ghcr.io/supabase/postgres:15.6.1.145 + postgresUID: 105 + postgresGID: 106 + + bootstrap: + initdb: + database: app + owner: supabase_admin + + postgresql: + shared_preload_libraries: + - pg_stat_statements + - pgaudit + - plpgsql + - plpgsql_check + - pg_cron + - pg_net + - pgsodium + - timescaledb + - auto_explain + - pg_tle + - plan_filter + parameters: + pgsodium.getkey_script: /projected/bin/pgsodium_getkey.sh + cron.database_name: app + auto_explain.log_min_duration: 10s + projectedVolumeTemplate: + sources: + - configMap: + name: pgsodium-config + items: + - key: pgsodium_getkey.sh + path: bin/pgsodium_getkey.sh + mode: 0755 + env: + # cloudnative-pg reserves all env variables that start with PG for internal use + - name: VAULT_KEY + valueFrom: + secretKeyRef: + name: pgsodium-key + key: key + + managed: + roles: + - name: supabase_admin + ensure: present + superuser: true + login: true + passwordSecret: + name: supabase-admin-credentials + storage: + size: 1Gi diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..87b5353 --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module code.icb4dc0.de/prskr/supabase-operator + +go 1.23.4 + +require github.com/magefile/mage v1.15.0 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..4ee1b87 --- /dev/null +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/magefile/mage v1.15.0 h1:BvGheCMAsG3bWUDbZ8AyXXpCNwU9u5CB6sM+HNb9HYg= +github.com/magefile/mage v1.15.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= diff --git a/go.work b/go.work new file mode 100644 index 0000000..3d8c05a --- /dev/null +++ b/go.work @@ -0,0 +1,6 @@ +go 1.23.4 + +use ( + . + ./tools +) diff --git a/hack/clean.sql b/hack/clean.sql new file mode 100644 index 0000000..dcb8e80 --- /dev/null +++ b/hack/clean.sql @@ -0,0 +1,3 @@ +-- drop publication if exists supabase_realtime; +-- reach clean state for supabase-operator +drop publication if exists supabase_realtime; diff --git a/mage.go b/mage.go new file mode 100644 index 0000000..8883df9 --- /dev/null +++ b/mage.go @@ -0,0 +1,13 @@ +//go:build ignore + +package main + +import ( + "os" + + "github.com/magefile/mage/mage" +) + +func main() { + os.Exit(mage.Main()) +} diff --git a/magefiles/common.go b/magefiles/common.go new file mode 100644 index 0000000..02f957d --- /dev/null +++ b/magefiles/common.go @@ -0,0 +1,30 @@ +package main + +import ( + "log/slog" + "os" + + _ "github.com/magefile/mage/sh" +) + +var workingDir string + +func init() { + logLevel := new(slog.LevelVar) + + if val, set := os.LookupEnv("MAGE_LOG_LEVEL"); set { + _ = logLevel.UnmarshalText([]byte(val)) + } + + handler := slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{ + Level: logLevel, + }) + + slog.SetDefault(slog.New(handler)) + + if wd, err := os.Getwd(); err != nil { + panic(err) + } else { + workingDir = wd + } +} diff --git a/magefiles/generate.go b/magefiles/generate.go new file mode 100644 index 0000000..7eb1f07 --- /dev/null +++ b/magefiles/generate.go @@ -0,0 +1,4 @@ +package main + +func FetchImageMeta() { +} diff --git a/magefiles/magefile.go b/magefiles/magefile.go new file mode 100644 index 0000000..f7dec2c --- /dev/null +++ b/magefiles/magefile.go @@ -0,0 +1,41 @@ +package main + +import ( + "fmt" + "os" + "os/exec" + + "github.com/magefile/mage/mg" // mg contains helpful utility functions, like Deps +) + +// Default target to run when none is specified +// If not set, running mage will list available targets +// var Default = Build + +// A build step that requires additional params, or platform specific steps for example +func Build() error { + mg.Deps(InstallDeps) + fmt.Println("Building...") + cmd := exec.Command("go", "build", "-o", "MyApp", ".") + return cmd.Run() +} + +// A custom install step if you need your bin someplace other than go/bin +func Install() error { + mg.Deps(Build) + fmt.Println("Installing...") + return os.Rename("./MyApp", "/usr/bin/MyApp") +} + +// Manage your deps, or running package managers. +func InstallDeps() error { + fmt.Println("Installing Deps...") + cmd := exec.Command("go", "get", "github.com/stretchr/piglatin") + return cmd.Run() +} + +// Clean up after yourself +func Clean() { + fmt.Println("Cleaning...") + os.RemoveAll("MyApp") +} diff --git a/tools/go.mod b/tools/go.mod new file mode 100644 index 0000000..ebc3795 --- /dev/null +++ b/tools/go.mod @@ -0,0 +1,3 @@ +module tools + +go 1.23.4 diff --git a/tools/go.sum b/tools/go.sum new file mode 100644 index 0000000..e69de29