Add push secret and form uri based on more reliable service.

This commit is contained in:
Joseph Hanson 2024-05-02 06:43:58 -05:00
parent 1fa5fbfe38
commit 1f80555349
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
4 changed files with 45 additions and 4 deletions

View file

@ -13,7 +13,7 @@ spec:
template: template:
engineVersion: v2 engineVersion: v2
data: data:
DATABASE_URI: "postgresql://{{ .user }}:{{ .password }}@immich-primary-real.media.svc:{{ .port }}/{{ .dbname }}" DATABASE_URI: "postgresql://{{ .DATABASE_USER }}:{{ .DATABASE_PASSWORD }}@immich-primary-real.media.svc:{{ .DATABASE_PORT }}/{{ .DATABASE_NAME }}"
dataFrom: dataFrom:
- extract: - extract:
key: immich-pguser-immich key: immich

View file

@ -58,8 +58,8 @@ spec:
DB_URL: DB_URL:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: immich-pguser-immich name: immich-secret
key: uri key: DATABASE_URI
envFrom: envFrom:
- configMapRef: - configMapRef:
name: immich-app-config name: immich-app-config

View file

@ -10,6 +10,7 @@ resources:
- ./machine-learning - ./machine-learning
- ./microservices - ./microservices
- ./postgresCluster.yaml - ./postgresCluster.yaml
- ./pushsecret.yaml
- ./service.yaml - ./service.yaml
configMapGenerator: configMapGenerator:
- name: immich-databse-init-sql - name: immich-databse-init-sql

View file

@ -0,0 +1,40 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: immich
spec:
refreshInterval: 1h
secretStoreRefs:
- name: onepassword-connect
kind: ClusterSecretStore
selector:
secret:
name: immich-pguser-immich
data:
- match:
secretKey: dbname
remoteRef:
remoteKey: immich
property: DATABASE_NAME
- match:
secretKey: host
remoteRef:
remoteKey: immich
property: DATABASE_HOST
- match:
secretKey: user
remoteRef:
remoteKey: immich
property: DATABASE_USER
- match:
secretKey: password
remoteRef:
remoteKey: immich
property: DATABASE_PASSWORD
- match:
secretKey: port
remoteRef:
remoteKey: immich
property: DATABASE_PORT