From 4d9a8e32d771dab014c465a17fd7ef1e94ca631a Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Tue, 22 Oct 2024 22:54:11 -0500
Subject: [PATCH] update sonarr to work with pgb and no push secrets

---
 .../apps/anime/radarr/app/helmrelease.yaml    |  2 +-
 .../apps/anime/sonarr/app/externalsecret.yaml | 34 ++++++++++++++-----
 .../apps/anime/sonarr/app/helmrelease.yaml    |  2 ++
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/kubernetes/apps/anime/radarr/app/helmrelease.yaml b/kubernetes/apps/anime/radarr/app/helmrelease.yaml
index 3f3e9fc1..3c65e433 100644
--- a/kubernetes/apps/anime/radarr/app/helmrelease.yaml
+++ b/kubernetes/apps/anime/radarr/app/helmrelease.yaml
@@ -21,7 +21,7 @@ spec:
     cleanupOnFail: true
     remediation:
       retries: 3
-      strategy: uninstall
+      strategy: rollback
   values:
     controllers:
       radarr:
diff --git a/kubernetes/apps/anime/sonarr/app/externalsecret.yaml b/kubernetes/apps/anime/sonarr/app/externalsecret.yaml
index 63b544d1..dac2e2e3 100644
--- a/kubernetes/apps/anime/sonarr/app/externalsecret.yaml
+++ b/kubernetes/apps/anime/sonarr/app/externalsecret.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/external-secrets.io/externalsecret_v1beta1.json
+# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
@@ -7,8 +7,8 @@ metadata:
 spec:
   refreshInterval: 1m
   secretStoreRef:
-    name: crunchy-pgo-secrets
     kind: ClusterSecretStore
+    name: onepassword-connect
   target:
     name: sonarr-secret
     template:
@@ -17,15 +17,31 @@ spec:
         PUSHOVER_TOKEN: "{{ .sonarr_token }}"
         PUSHOVER_USER_KEY: "{{ .userkey_jahanson }}"
         SONARR__AUTH__APIKEY: "{{ .api_key_anime }}"
-        SONARR__POSTGRES__HOST: "{{ .pgbouncer-host }}"
-        SONARR__POSTGRES__USER: "{{ .user }}"
-        SONARR__POSTGRES__PASSWORD: "{{ .password }}"
-        SONARR__POSTGRES__PORT: "{{ .port }}"
-        SONARR__POSTGRES__MAINDB: sonarr_main
   dataFrom:
-    - extract:
-        key: postgres-pguser-sonarr-anime
     - extract:
         key: pushover
     - extract:
         key: sonarr
+---
+# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: sonarr-db
+spec:
+  secretStoreRef:
+    name: crunchy-pgo-secrets
+    kind: ClusterSecretStore
+  target:
+    name: sonarr-db-secret
+    template:
+      engineVersion: v2
+      data:
+        SONARR__POSTGRES__HOST: "{{ index . \"pgbouncer-host\" }}"
+        SONARR__POSTGRES__USER: "{{ .user }}"
+        SONARR__POSTGRES__PASSWORD: "{{ .password }}"
+        SONARR__POSTGRES__PORT: "{{ .port }}"
+        SONARR__POSTGRES__MAINDB: "{{ .dbname }}"
+  dataFrom:
+    - extract:
+        key: postgres-pguser-sonarr-anime
diff --git a/kubernetes/apps/anime/sonarr/app/helmrelease.yaml b/kubernetes/apps/anime/sonarr/app/helmrelease.yaml
index d36cc379..4e95f85e 100644
--- a/kubernetes/apps/anime/sonarr/app/helmrelease.yaml
+++ b/kubernetes/apps/anime/sonarr/app/helmrelease.yaml
@@ -45,6 +45,8 @@ spec:
             envFrom:
               - secretRef:
                   name: sonarr-secret
+              - secretRef:
+                  name: sonarr-db-secret
             probes:
               liveness: &probes
                 enabled: true