First commit

2025-06-09 23:32:10 -04:00
commit 863aaeabc7
92 changed files with 2992 additions and 0 deletions
--- a/manifest/05-postgres/.gitignore
+++ b/manifest/05-postgres/.gitignore
@@ -0,0 +1 @@
+secret.yml
--- a/manifest/05-postgres/backup.yml
+++ b/manifest/05-postgres/backup.yml
@@ -0,0 +1,9 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: ScheduledBackup
+metadata:
+  name: daily-backup
+spec:
+  schedule: "0 * * * * *"
+  backupOwnerReference: self
+  cluster:
+    name: cnpg-cluster
--- a/manifest/05-postgres/cnpg.yml
+++ b/manifest/05-postgres/cnpg.yml
@@ -0,0 +1,45 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: cnpg-cluster
+spec:
+  instances: 3
+  bootstrap:
+    initdb:
+      database: app
+      owner: app
+      secret:
+        name: cnpg-secret
+  storage:
+    pvcTemplate:
+      accessModes:
+        - ReadWriteOnce
+      resources:
+        requests:
+          storage: 20Gi
+      storageClassName: cnpg-storage
+  affinity:
+    enablePodAntiAffinity: true
+    topologyKey: kubernetes.io/hostname
+    podAntiAffinityType: required
+  backup:
+    retentionPolicy: "7d"
+    barmanObjectStore:
+      destinationPath: "s3://backups/"
+      endpointURL: "https://minio-api.skrd.fun"
+      s3Credentials:
+        accessKeyId:
+          name: aws-creds
+          key: ACCESS_KEY
+        secretAccessKey:
+          name: aws-creds
+          key: SECRET_KEY
+  managed:
+    services:
+      additional:
+        - selectorType: rw
+          serviceTemplate:
+            metadata:
+              name: "cnpg-cluster-open"
+            spec:
+              type: LoadBalancer
--- a/manifest/05-postgres/operator.yml
+++ b/manifest/05-postgres/operator.yml
@@ -0,0 +1,10 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: postgres
+  namespace: kube-system
+spec:
+  repo: https://cloudnative-pg.github.io/charts
+  chart: cloudnative-pg
+  targetNamespace: cnpg-system
+  createNamespace: true
--- a/manifest/05-postgres/secret.yml.example
+++ b/manifest/05-postgres/secret.yml.example
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cnpg-secret
+stringData:
+  username: EXAMPLE
+  password: EXAMPLE
+type: kubernetes.io/basic-auth
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aws-creds
+type: Opaque
+stringData:
+  ACCESS_KEY: EXAMPLE
+  SECRET_KEY: EXAMPLE
--- a/manifest/05-postgres/settings.yml
+++ b/manifest/05-postgres/settings.yml
@@ -0,0 +1,11 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: cnpg-storage
+provisioner: driver.longhorn.io
+allowVolumeExpansion: true
+parameters:
+  numberOfReplicas: "1"
+  dataLocality: "strict-local"
+  staleReplicaTimeout: "2880"
+---