xelnagamex/homelab
1
0
Fork 0
forked from ab/homelab
Code Pull Requests Activity

Added psql

Browse Source
This commit is contained in:
Ultradesu
2025-04-06 01:04:30 +01:00
parent a7cf18563d
commit ac2cd72efa
10 changed files with 560 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
k8s/core/postgresql/external-secrets.yaml Normal file
View File

@ -0,0 +1,151 @@
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: postgres-creds
namespace: psql
spec:
target:
name: postgres-secret
deletionPolicy: Delete
template:
type: Opaque
data:
PGADMIN_DEFAULT_EMAIL: |-
{{ .username }}
PGADMIN_DEFAULT_PASSWORD: |-
{{ .password }}
PGADMIN_CONFIG_OAUTH2_CONFIG: |-
[
{
'OAUTH2_NAME': 'Authentik',
'OAUTH2_DISPLAY_NAME': 'Authentik',
'OAUTH2_CLIENT_ID': '{{ .client_id }}',
'OAUTH2_CLIENT_SECRET': '{{ .client_secret }}',
'OAUTH2_TOKEN_URL': '{{ .pgadmin_url }}/application/o/token/',
'OAUTH2_AUTHORIZATION_URL': '{{ .pgadmin_url }}/application/o/authorize/',
'OAUTH2_SERVER_METADATA_URL': '{{ .pgadmin_url }}/application/o/pgadmin/.well-known/openid-configuration',
'OAUTH2_API_BASE_URL': '{{ .pgadmin_url }}',
'OAUTH2_USERINFO_ENDPOINT': '{{ .pgadmin_url }}/application/o/userinfo/',
'OAUTH2_SCOPE': 'openid profile email',
'OAUTH2_USERNAME_CLAIM': 'email',
'OAUTH2_BUTTON_COLOR': '#000000',
'OAUTH2_SSL_CERT_VERIFICATION': False,
'OAUTH2_LOGOUT_URL': '{{ .pgadmin_url }}/application/o/pgadmin/end-session/'
}
]
data:
- secretKey: username
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 832042b9-7edb-4f4c-9254-3c8884ba9733
property: login.username
- secretKey: password
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 832042b9-7edb-4f4c-9254-3c8884ba9733
property: login.password
- secretKey: client_id
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 832042b9-7edb-4f4c-9254-3c8884ba9733
property: fields[0].value
- secretKey: client_secret
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 832042b9-7edb-4f4c-9254-3c8884ba9733
property: fields[1].value
- secretKey: pgadmin_url
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 832042b9-7edb-4f4c-9254-3c8884ba9733
property: fields[2].value
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: postgres-users
namespace: psql
spec:
target:
name: postgres-users
deletionPolicy: Delete
template:
type: Opaque
data:
USER_authentik: |-
{{ .authentik }}
USER_paperless: |-
{{ .paperless }}
USER_nextcloud: |-
{{ .nextcloud }}
USER_outfleet: |-
{{ .outfleet }}
USER_grafana: |-
{{ .grafana }}
USER_khm: |-
{{ .khm }}
data:
- secretKey: authentik
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[0].value
- secretKey: outfleet
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[1].value
- secretKey: grafana
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[2].value
- secretKey: khm
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[3].value
- secretKey: nextcloud
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[4].value
- secretKey: paperless
sourceRef:
storeRef:
name: vaultwarden-login
kind: ClusterSecretStore
remoteRef:
key: 2a9deb39-ef22-433e-a1be-df1555625e22
property: fields[5].value