Adding external secret.
This commit is contained in:
parent
362d50652d
commit
67b37e9e9a
3 changed files with 33 additions and 2 deletions
|
|
@ -33,7 +33,11 @@ spec:
|
|||
compression: bzip2
|
||||
maxParallel: 8
|
||||
destinationPath: s3://valinor-cnpg/
|
||||
endpointURL: https://${SECRET_CLOUDFLARE_ACCOUNT_ID}.r2.cloudflarestorage.com
|
||||
endpointURL:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: cnpg-secret
|
||||
key: CLOUDFLARE_R2_ENDPOINT
|
||||
serverName: postgres-v3
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
|
|
@ -45,7 +49,11 @@ spec:
|
|||
externalClusters:
|
||||
- name: clusterBackup
|
||||
barmanObjectStore:
|
||||
destinationPath: https://${SECRET_CLOUDFLARE_ACCOUNT_ID}.r2.cloudflarestorage.com
|
||||
destinationPath:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: cnpg-secret
|
||||
key: CLOUDFLARE_R2_ENDPOINT
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
name: cloudnative-pg-secret
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: cnpg
|
||||
namespace: database
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: cnpg-secret
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
CLOUDFLARE_R2_ENDPOINT: "https://{{ .cloudflare_account_id }}.r2.cloudflarestorage.com"
|
||||
data:
|
||||
- secretKey: cloudflare_account_id
|
||||
remoteRef:
|
||||
key: cloudflare
|
||||
property: account_id
|
||||
|
|
@ -4,6 +4,7 @@ kind: Kustomization
|
|||
namespace: fediverse
|
||||
resources:
|
||||
- ./cluster.yaml
|
||||
- ./externalsecret.yaml
|
||||
- ./scheduledbackup.yaml
|
||||
- ./prometheusrule.yaml
|
||||
# - ./service.yaml
|
||||
|
|
|
|||
Reference in a new issue