Initial render: k3s-dev environment
This commit is contained in:
gitea-admin
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: ag-appserver
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-appserver
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-appserver
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: ag-appserver
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: ag-db-importer
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-db-importer
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-db-importer
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: ag-db-importer
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: ag-report
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-report
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/ag-report
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: ag-report
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,45 @@
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: authgateway
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: authgateway
|
||||
owner: ag_appserver
|
||||
postInitApplicationSQLRefs:
|
||||
configMapRefs:
|
||||
- key: authgateway.sql
|
||||
name: authgateway-sql
|
||||
secret:
|
||||
name: ag-appserver
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:16
|
||||
instances: 2
|
||||
managed:
|
||||
roles:
|
||||
- login: true
|
||||
name: ag_appserver
|
||||
passwordSecret:
|
||||
name: ag-appserver
|
||||
- login: true
|
||||
name: ag_importer
|
||||
passwordSecret:
|
||||
name: ag-db-importer
|
||||
- login: true
|
||||
name: ag_report
|
||||
passwordSecret:
|
||||
name: ag-report
|
||||
postgresql:
|
||||
parameters:
|
||||
effective_cache_size: 6GB
|
||||
shared_buffers: 3GB
|
||||
resources:
|
||||
limits:
|
||||
cpu: 3
|
||||
memory: 12Gi
|
||||
requests:
|
||||
cpu: 1
|
||||
memory: 4Gi
|
||||
storage:
|
||||
size: 30Gi
|
||||
@@ -0,0 +1,15 @@
|
||||
apiVersion: v1
|
||||
data:
|
||||
authgateway.sql: |
|
||||
CREATE ROLE ag_importer;
|
||||
CREATE ROLE ag_report;
|
||||
CREATE SCHEMA ag_meta AUTHORIZATION ag_appserver;
|
||||
CREATE SCHEMA ag_main AUTHORIZATION ag_appserver;
|
||||
GRANT USAGE ON SCHEMA ag_meta TO ag_importer;
|
||||
GRANT USAGE ON SCHEMA ag_main TO ag_importer;
|
||||
GRANT USAGE ON SCHEMA ag_meta TO ag_report;
|
||||
GRANT USAGE ON SCHEMA ag_main TO ag_report;
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: authgateway-sql
|
||||
namespace: abinitio-db
|
||||
@@ -0,0 +1,33 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: cc-jdbc
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/cc-jdbc
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/cc-jdbc
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: cc-jdbc
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://controlcenter-db-rw.abinitio-db:5432/controlcenter?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: controlcenter-db-rw:5432:controlcenter:{{ .username }}:{{ .password
|
||||
}}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@controlcenter-db-rw.abinitio-db:5432/controlcenter
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,37 @@
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: controlcenter
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: controlcenter
|
||||
owner: cc_jdbc
|
||||
postInitApplicationSQLRefs:
|
||||
configMapRefs:
|
||||
- key: controlcenter.sql
|
||||
name: controlcenter-sql
|
||||
secret:
|
||||
name: cc-jdbc
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:16
|
||||
instances: 2
|
||||
managed:
|
||||
roles:
|
||||
- login: true
|
||||
name: cc_jdbc
|
||||
passwordSecret:
|
||||
name: cc-jdbc
|
||||
postgresql:
|
||||
parameters:
|
||||
effective_cache_size: 4GB
|
||||
shared_buffers: 2GB
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2
|
||||
memory: 8Gi
|
||||
requests:
|
||||
cpu: 1
|
||||
memory: 4Gi
|
||||
storage:
|
||||
size: 30Gi
|
||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mhub-appserver
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-appserver
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-appserver
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: mhub-appserver
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mhub-db-importer
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-db-importer
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-db-importer
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: mhub-db-importer
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,32 @@
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mhub-report
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
data:
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-report
|
||||
property: username
|
||||
secretKey: username
|
||||
- remoteRef:
|
||||
key: secret/abinitio/mhub-report
|
||||
property: password
|
||||
secretKey: password
|
||||
refreshInterval: 1m
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault-store
|
||||
target:
|
||||
name: mhub-report
|
||||
template:
|
||||
data:
|
||||
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
|
||||
.password }}&user={{ .username }}
|
||||
password: '{{ .password }}'
|
||||
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
|
||||
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
|
||||
username: '{{ .username }}'
|
||||
metadata:
|
||||
labels:
|
||||
cnpg.io/reload: "true"
|
||||
@@ -0,0 +1,45 @@
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: metadatahub
|
||||
namespace: abinitio-db
|
||||
spec:
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: metadatahub
|
||||
owner: mhub_appserver
|
||||
postInitApplicationSQLRefs:
|
||||
configMapRefs:
|
||||
- key: metadatahub.sql
|
||||
name: metadatahub-sql
|
||||
secret:
|
||||
name: mhub-appserver
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:16
|
||||
instances: 2
|
||||
managed:
|
||||
roles:
|
||||
- login: true
|
||||
name: mhub_appserver
|
||||
passwordSecret:
|
||||
name: mhub-appserver
|
||||
- login: true
|
||||
name: mhub_importer
|
||||
passwordSecret:
|
||||
name: mhub-db-importer
|
||||
- login: true
|
||||
name: mhub_report
|
||||
passwordSecret:
|
||||
name: mhub-report
|
||||
postgresql:
|
||||
parameters:
|
||||
effective_cache_size: 12GB
|
||||
shared_buffers: 6GB
|
||||
resources:
|
||||
limits:
|
||||
cpu: 6
|
||||
memory: 24Gi
|
||||
requests:
|
||||
cpu: 3
|
||||
memory: 12Gi
|
||||
storage:
|
||||
size: 60Gi
|
||||
@@ -0,0 +1,15 @@
|
||||
apiVersion: v1
|
||||
data:
|
||||
metadatahub.sql: |
|
||||
CREATE ROLE mhub_importer;
|
||||
CREATE ROLE mhub_report;
|
||||
CREATE SCHEMA mhub_meta AUTHORIZATION mhub_appserver;
|
||||
CREATE SCHEMA mhub_main AUTHORIZATION mhub_appserver;
|
||||
GRANT USAGE ON SCHEMA mhub_meta TO mhub_importer;
|
||||
GRANT USAGE ON SCHEMA mhub_main TO mhub_importer;
|
||||
GRANT USAGE ON SCHEMA mhub_meta TO mhub_report;
|
||||
GRANT USAGE ON SCHEMA mhub_main TO mhub_report;
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: metadatahub-sql
|
||||
namespace: abinitio-db
|
||||
Reference in New Issue
Block a user