homelab/k8s/core/postgresql/nas-db.yaml

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: psql-nas
  labels:
    app: psql-nas
    app.kubernetes.io/name: psql-nas
    reloader.stakater.com/auto: "true"
spec:
  selector:
    matchLabels:
      app: psql-nas
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: psql-nas
    spec:
      nodeSelector:
        kubernetes.io/hostname: nas.tail2fe2d.ts.net
      volumes:
        - name: storage
          hostPath:
            path: /mnt/storage/Storage/k8s/psql
            type: DirectoryOrCreate
      containers:
        - name: psql
          image: 'bitnami/postgresql:17'
          env:
            - name: POSTGRESQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD

          ports:
            - name: http
              containerPort: 5432
              protocol: TCP
          volumeMounts:
            - name: storage
              mountPath: /bitnami/postgresql
        - name: psql-exporter
          image: 'quay.io/prometheuscommunity/postgres-exporter:latest'
          env:
            - name: DATA_SOURCE_URI
              value: "localhost:5432/postgres?sslmode=disable"
            - name: DATA_SOURCE_USER
              value: "postgres"
            - name: DATA_SOURCE_PASS
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD
          ports:
            - name: metrics
              containerPort: 9187
              protocol: TCP
        - name: user-creation
          image: 'bitnami/postgresql:17'
          command:
            - /bin/bash
            - -c
            - |
              until pg_isready -h 127.0.0.1 -p 5432 -U postgres; do
                echo "Waiting for database to be ready..."
                sleep 2
              done

              for var in $(printenv | grep "^USER_" | awk -F '=' '{print $1}'); do
                USERNAME=${var#"USER_"}
                PASSWORD=$(printenv "$var")
                echo "Creating user $USERNAME"
                psql -h 127.0.0.1 -p 5432 -U postgres -d postgres -c "CREATE USER $USERNAME WITH PASSWORD '$PASSWORD';"
                echo "Creating database $USERNAME"
                psql -h 127.0.0.1 -p 5432 -U postgres -d postgres -c "CREATE DATABASE $USERNAME WITH OWNER = $USERNAME ENCODING = 'UTF8';"
              done
              echo All done
              tail -f /dev/null
          envFrom:
            - secretRef:
                name: postgres-users
          env:
            - name: PGPASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD
---
apiVersion: v1
kind: Service
metadata:
  name: psql-nas
spec:
  selector:
    app: psql-nas
  ports:
    - protocol: TCP
      port: 5432
      targetPort: 5432