Add push secret and form uri based on more reliable service.

This commit is contained in:
Joseph Hanson 2024-05-02 06:43:58 -05:00
parent 1fa5fbfe38
commit 1f80555349
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
4 changed files with 45 additions and 4 deletions

View file

@ -13,7 +13,7 @@ spec:
template:
engineVersion: v2
data:
DATABASE_URI: "postgresql://{{ .user }}:{{ .password }}@immich-primary-real.media.svc:{{ .port }}/{{ .dbname }}"
DATABASE_URI: "postgresql://{{ .DATABASE_USER }}:{{ .DATABASE_PASSWORD }}@immich-primary-real.media.svc:{{ .DATABASE_PORT }}/{{ .DATABASE_NAME }}"
dataFrom:
- extract:
key: immich-pguser-immich
key: immich

View file

@ -58,8 +58,8 @@ spec:
DB_URL:
valueFrom:
secretKeyRef:
name: immich-pguser-immich
key: uri
name: immich-secret
key: DATABASE_URI
envFrom:
- configMapRef:
name: immich-app-config

View file

@ -10,6 +10,7 @@ resources:
- ./machine-learning
- ./microservices
- ./postgresCluster.yaml
- ./pushsecret.yaml
- ./service.yaml
configMapGenerator:
- name: immich-databse-init-sql

View file

@ -0,0 +1,40 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: immich
spec:
refreshInterval: 1h
secretStoreRefs:
- name: onepassword-connect
kind: ClusterSecretStore
selector:
secret:
name: immich-pguser-immich
data:
- match:
secretKey: dbname
remoteRef:
remoteKey: immich
property: DATABASE_NAME
- match:
secretKey: host
remoteRef:
remoteKey: immich
property: DATABASE_HOST
- match:
secretKey: user
remoteRef:
remoteKey: immich
property: DATABASE_USER
- match:
secretKey: password
remoteRef:
remoteKey: immich
property: DATABASE_PASSWORD
- match:
secretKey: port
remoteRef:
remoteKey: immich
property: DATABASE_PORT