separate cluster store secrets

This commit is contained in:
Joseph Hanson 2024-10-22 21:29:03 -05:00
parent 6b0cb19bfd
commit 455218cf64
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
2 changed files with 22 additions and 5 deletions

View file

@ -4,7 +4,6 @@ apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: radarr name: radarr
namespace: anime
spec: spec:
secretStoreRef: secretStoreRef:
kind: ClusterSecretStore kind: ClusterSecretStore
@ -17,6 +16,26 @@ spec:
PUSHOVER_TOKEN: "{{ .radarr_token }}" PUSHOVER_TOKEN: "{{ .radarr_token }}"
PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}" PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}"
RADARR__AUTH__APIKEY: "{{ .api_key_anime }}" RADARR__AUTH__APIKEY: "{{ .api_key_anime }}"
dataFrom:
- extract:
key: pushover
- extract:
key: radarr
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: radarr
spec:
secretStoreRef:
name: crunchy-pgo-secrets
kind: ClusterSecretStore
target:
name: radarr-db-secret
template:
engineVersion: v2
data:
RADARR__POSTGRES__HOST: "{{ .pgbouncer-host }}" RADARR__POSTGRES__HOST: "{{ .pgbouncer-host }}"
RADARR__POSTGRES__USER: "{{ .user }}" RADARR__POSTGRES__USER: "{{ .user }}"
RADARR__POSTGRES__PASSWORD: "{{ .password }}" RADARR__POSTGRES__PASSWORD: "{{ .password }}"
@ -25,7 +44,3 @@ spec:
dataFrom: dataFrom:
- extract: - extract:
key: postgres-pguser-radarr-anime key: postgres-pguser-radarr-anime
- extract:
key: pushover
- extract:
key: radarr

View file

@ -45,6 +45,8 @@ spec:
envFrom: envFrom:
- secretRef: - secretRef:
name: radarr-secret name: radarr-secret
- secretRef:
name: radarr-db-secret
probes: probes:
liveness: &probes liveness: &probes
enabled: true enabled: true