Dreaded_X/flux-infra
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

Added cloudnative-pg

Browse Source
This commit is contained in:
Dreaded_X 2024-10-11 00:10:18 +02:00
parent 8f4862d9a5
commit dd7ec0f4cf
Signed by: Dreaded_X
GPG Key ID: FA5F485356B0D2D4
5 changed files with 145 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
clusters/titan.lan.huizinga.dev/infrastructure.yaml
View File

@ -4,6 +4,10 @@ metadata:
name: infra-controllers name: infra-controllers
namespace: flux-system namespace: flux-system
spec: spec:
decryption:
provider: sops
secretRef:
name: sops-gpg
interval: 1h interval: 1h
retryInterval: 1m retryInterval: 1m
timeout: 5m timeout: 5m

74
infrastructure/controllers/cloudnative-pg.yaml Normal file
View File

@ -0,0 +1,74 @@
apiVersion: v1
kind: Namespace
metadata:
name: cnpg-system
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: cnpg
namespace: cnpg-system
spec:
interval: 1m0s
url: https://cloudnative-pg.github.io/charts
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: cnpg
namespace: cnpg-system
spec:
chart:
spec:
chart: cloudnative-pg
reconcileStrategy: ChartVersion
sourceRef:
kind: HelmRepository
name: cnpg
version: 0.22.0
interval: 1m0s
---
apiVersion: v1
kind: Namespace
metadata:
name: cnpg-database
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: cnpg
namespace: cnpg-database
spec:
interval: 1m0s
url: https://cloudnative-pg.github.io/charts
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: cnpg
namespace: cnpg-database
spec:
chart:
spec:
chart: cluster
reconcileStrategy: ChartVersion
sourceRef:
kind: HelmRepository
name: cnpg
version: 0.0.11
interval: 1m0s
values:
type: postgresql
mode: standalone
cluster:
instances: 1
backups:
enabled: true
provider: s3
endpointURL: https://s3.us-west-002.backblazeb2.com
s3:
bucket: titan-k3s-backup
path: /postgres
secret:
create: false
name: b2-access-key

2
infrastructure/controllers/kustomization.yaml
View File

@ -1,7 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ./secrets/
- akri.yaml - akri.yaml
- cert-manager.yaml - cert-manager.yaml
- traefik.yaml - traefik.yaml
- cloudnative-pg.yaml
# - rook.yaml # - rook.yaml

61
infrastructure/controllers/secrets/b2-access-key.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: v1
kind: Secret
metadata:
name: b2-access-key
namespace: cnpg-database
type: Opaque
data:
ACCESS_KEY_ID: ENC[AES256_GCM,data:YpYkexRxH4mVyufrS/Blw3PSrU9H1eO3O6urN9tCZvYBenp7,iv:1ka5Otp0u4HJ5WC3yj+YJLAQC0Cy8Y2vWGqxLSaAGfM=,tag:8SKOcUoUuOWLm0Na2r7Hfw==,type:str]
ACCESS_SECRET_KEY: ENC[AES256_GCM,data:8Q2QsCpe/yiWmETVnIROJe0uiY7gMzQF4e8PiaF2vAgqkNq/oT8ku21bWCQ=,iv:635wzxp/XJ0zoxw9n63km38LdqDcebfU/ltLzN/bHPc=,tag:nGfKtpf8qzNyO3bDbbtn/A==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-10-10T23:09:06Z"
mac: ENC[AES256_GCM,data:h7zG2uHCxmhvsdShoPYizxLoDPJ9fJAYyhxQxZ/oqF88/4NIUUw6hItyEXzELBt7PPU4VDjOu5DuyNaTFsHAJkMOBzof7x11JInvtZYvyId73H0uIyT1l7vliz9zae9X4hQPkID27g+mIJLfmT4IRND9CMTTKWVhVw4zAepi3co=,iv:ZqQahzaZqlOJLa0TjxCwr9hrkE6LqXKDzHafEPGWGKQ=,tag:sMvthhyrtkhzgKWvSf7mLg==,type:str]
pgp:
- created_at: "2024-10-10T22:08:04Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA7pKPTYH5bqOAQ/+MJi/46q5TyjE0mqUfgmx90mYGchNQCvOHOdZJT2E2s2Z
DbqyrI5Bx+EauTl4eYhlMS9Xza/mL5I99GX/49FRpgvfmCwbM/aeOdq/CPWE771n
iylxE6uj0VVQGCazcO84Gg8CUxW3+dtNBbIUQYRxmQST6Pbg/lrmlXF5wDUfEueT
5FkfOZA7py3TyxUB4tcFA13e10CRFC1a7KHvfZm4ISs/1L97tsr0aZNgwCmHZodO
5fcm6poWtXEo16N/4XC8CI0z7unqNVRSgvpvVBHCvULkq4abznho2abkForNNkvv
GaN1Zcq8GIclVexMxaSC0M7BFfOdhmCDXuOdkKP/K1etL9UGGBdo7g5WJ7eqAiKN
Xs43VRijJsltIrTui/0s8zVIRzLfxTYGR2JtSnLuFaMGkKAijR34RsC9hXol+OB1
OAxGVzGfAR8wdgmShV9SPSOl3CtT6317YGuzjzkSbryJ2oYqR4zjV9jXgIEtuDZF
r6RITshhvata0w+e6tHSMYmnsF9YD4LbpGQmLm7r/A5ibBsE/2ZoUGBxNrb68YW1
vQmD2Ywv/Soe4f2Vj7vXJewrrJ1F0NPV/43sxl9lZB9JVMC6c8pMv7hndVq7dofn
dbqVXXeGd+Os/5X0P2yjlJYBjrMpFsg2tNi5dA5gUJ9uXqzNtSFx7ma9uJ4sX3zU
ZgEJAhDRzwccDHXa3D3+FBVJFbwN80G30Z6hS225mpIrBXqkElDH8hGs7KGkdIP5
O6CcZKt+j2R+40J0iJIcy1s211qgkzzDgtUaM1yAlVM8t3JpnykjhLp8mMzytOC1
rag4GdeG4Q==
=9TAG
-----END PGP MESSAGE-----
fp: 1E0CF38FF7C9ADAED58B436ABA4A3D3607E5BA8E
- created_at: "2024-10-10T22:08:04Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA51kG++kLewoAQ//fPw1ZgguXCZSLBnl4J/d4IZok6l4TdnbySDOKTOnZUi0
xyDusr9kdrEdDb4nYUT3PBrxEC2DsKDIJJSwUgLTZB6moIJgHPa51qermyGgqhKU
c4vyYCMKAJyS6rOoU5fsPb+kJS52ltBLEmyO7JndM32CFmfyq4iwphNcheJE7qFW
xBmEtsJBPh4P1ysFQtG0DH8iroAYvsI4HLJw6+pdy/rI3zu3LDmiOnEidGz685BB
gbYj+bJV2gIBGdSWqsjuAJh37dfP9143Hwvz57raA+uqVPtaTaywGuEyDE7E8B7U
LdxATRKDdRp9+ytdn+UBeZQPYolKhv2bOgm4tzBq/VGmm/11nZbXyv69vgooOqnf
YYPg3VGnqpaGmxy94EFuLCWvD0ZO7rMQMOoz0vZRHGNYsye2tUOF/F6eIzhehh3+
AhGSrGDZa5HM41dLsTrNnb8YbzGKqljVJyWvORfIniW6RONIuFrz3/Pe4jjnM+Dm
Y8z033SmAm5JT2Jhc/tb9LvYbVQzfrUWImh9qcVGOU5RqvB13VOCaNHmt33crMjg
KFMhBJ5F3ftqe3JiK+6KOuS9g2wd3M5VM5qLHBLr7qTDb5q/JKsBIY7AcLsVyYNx
T3OynFuAkiYVTe4CuXCSrbVPXd9XkV/dDdQh+5ZR8nxo0/TkpnAwwGdh9hFsOtLS
XAEXagTFsM3Cl3T45ehYSPt6oyfx5dwKkQ8wxaqSWIkrvTla/ofOD9xemsBfYNku
b9vLFfbry8J+p5H9fEtS9/co4xYmajP/Mzq54JflEHqt/ej0MTxnNB5m+a45
=CFmy
-----END PGP MESSAGE-----
fp: 49F10679C425233EFB4B1B6F9D641BEFA42DEC28
encrypted_regex: ^(data|stringData)$
version: 3.9.0

4
infrastructure/controllers/secrets/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- b2-access-key.yaml