diff --git a/kubernetes/apps/database/crunchy-postgres-operator/cluster/pushsecret.yaml b/kubernetes/apps/database/crunchy-postgres-operator/cluster/pushsecret.yaml index d31f173d..f89b01a3 100644 --- a/kubernetes/apps/database/crunchy-postgres-operator/cluster/pushsecret.yaml +++ b/kubernetes/apps/database/crunchy-postgres-operator/cluster/pushsecret.yaml @@ -112,4 +112,34 @@ spec: secretKey: password remoteRef: remoteKey: sonarr - property: SONARR__POSTGRES_PASSWORD \ No newline at end of file + property: SONARR__POSTGRES_PASSWORD +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json +apiVersion: external-secrets.io/v1alpha1 +kind: PushSecret +metadata: + name: radarr +spec: + refreshInterval: 1h + secretStoreRefs: + - name: onepassword-connect + kind: ClusterSecretStore + selector: + secret: + name: postgres-pguser-radarr + data: + - match: + secretKey: host + remoteRef: + remoteKey: radarr + property: RADARR__POSTGRES_HOST + - match: + secretKey: user + remoteRef: + remoteKey: radarr + property: RADARR__POSTGRES_USER + - match: + secretKey: password + remoteRef: + remoteKey: radarr + property: RADARR__POSTGRES_PASSWORD \ No newline at end of file diff --git a/kubernetes/apps/default/radarr/app/externalsecret.yaml b/kubernetes/apps/default/radarr/app/externalsecret.yaml index a7312b2b..a3aa2615 100644 --- a/kubernetes/apps/default/radarr/app/externalsecret.yaml +++ b/kubernetes/apps/default/radarr/app/externalsecret.yaml @@ -16,6 +16,9 @@ spec: RADARR__API_KEY: "{{ .api_key }}" PUSHOVER_TOKEN: "{{ .radarr_token }}" PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}" + RADARR__POSTGRES_HOST: "{{ .RADARR__POSTGRES_HOST }}" + RADARR__POSTGRES_USER: "{{ .RADARR__POSTGRES_USER }}" + RADARR__POSTGRES_PASSWORD: "{{ .RADARR__POSTGRES_PASSWORD }}" dataFrom: - extract: key: pushover diff --git a/kubernetes/apps/default/radarr/app/helmrelease.yaml b/kubernetes/apps/default/radarr/app/helmrelease.yaml index af3e59b7..b73c052f 100644 --- a/kubernetes/apps/default/radarr/app/helmrelease.yaml +++ b/kubernetes/apps/default/radarr/app/helmrelease.yaml @@ -46,22 +46,7 @@ spec: RADARR__PORT: &port 80 RADARR__LOG_LEVEL: info RADARR__THEME: dark - RADARR__POSTGRES_HOST: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: host RADARR__POSTGRES_PORT: "5432" - RADARR__POSTGRES_USER: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: user - RADARR__POSTGRES_PASSWORD: - valueFrom: - secretKeyRef: - name: "${APP}-pguser-${DB_USER}" - key: password RADARR__POSTGRES_MAIN_DB: radarr_main RADARR__POSTGRES_LOG_DB: radarr_logs TZ: America/Chicago diff --git a/kubernetes/apps/default/radarr/app/kustomization.yaml b/kubernetes/apps/default/radarr/app/kustomization.yaml index 11d79afd..75d641c9 100644 --- a/kubernetes/apps/default/radarr/app/kustomization.yaml +++ b/kubernetes/apps/default/radarr/app/kustomization.yaml @@ -4,7 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./externalsecret.yaml - - ./postgresCluster.yaml - ./pvc.yaml - ./helmrelease.yaml configMapGenerator: diff --git a/kubernetes/apps/default/radarr/app/postgresCluster.yaml b/kubernetes/apps/default/radarr/app/postgresCluster.yaml deleted file mode 100644 index 9d346840..00000000 --- a/kubernetes/apps/default/radarr/app/postgresCluster.yaml +++ /dev/null @@ -1,87 +0,0 @@ ---- -# yaml-language-server: $schema=https://ks.hsn.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json -apiVersion: postgres-operator.crunchydata.com/v1beta1 -kind: PostgresCluster -metadata: - name: "${APP}" -spec: - postgresVersion: 16 - dataSource: - pgbackrest: - stanza: db - configuration: - - secret: - name: pgo-s3-creds - global: - repo1-path: "/${APP}/repo1" - repo1-s3-uri-style: path - repo: - name: repo1 - s3: - bucket: "crunchy-postgres" - endpoint: "s3.hsn.dev" - region: "us-east-1" - patroni: - dynamicConfiguration: - synchronous_mode: true - postgresql: - synchronous_commit: "on" - pg_hba: - - hostnossl all all 10.32.0.0/16 md5 - - hostssl all all all md5 - instances: - - name: postgres - metadata: - labels: - app.kubernetes.io/name: pgo-${APP} - replicas: 2 - dataVolumeClaimSpec: - storageClassName: openebs-hostpath - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi - topologySpreadConstraints: - - maxSkew: 1 - topologyKey: "kubernetes.io/hostname" - whenUnsatisfiable: "DoNotSchedule" - labelSelector: - matchLabels: - postgres-operator.crunchydata.com/cluster: ${APP} - postgres-operator.crunchydata.com/data: postgres - users: - - name: "${DB_USER}" - databases: - - "radarr_main" - - "radarr_logs" - options: "SUPERUSER" - password: - type: AlphaNumeric - backups: - pgbackrest: - configuration: - - secret: - name: pgo-s3-creds - global: - archive-push-queue-max: 4GiB - repo1-retention-full: "14" - repo1-retention-full-type: time - repo1-path: "/${APP}/repo1" - repo1-s3-uri-style: path - manual: - repoName: repo1 - options: - - --type=full - metadata: - labels: - app.kubernetes.io/name: pgo-${APP}-backup - repos: - - name: repo1 - schedules: - full: "0 1 * * 0" - differential: "0 1 * * 1-6" - s3: - bucket: "crunchy-postgres" - endpoint: "s3.hsn.dev" - region: "us-east-1"