homelab/k8s/core/postgresql/main-db.yaml

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: psql
  namespace: psql
  labels:
    app: psql
    app.kubernetes.io/name: psql
    reloader.stakater.com/auto: "true"
spec:
  selector:
    matchLabels:
      app: psql
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: psql
    spec:
      nodeSelector:
        kubernetes.io/hostname: master.tail2fe2d.ts.net
      volumes:
        - name: storage
          hostPath:
            path: /k8s/psql
            type: DirectoryOrCreate
      containers:
        - name: psql
          image: 'bitnami/postgresql:17'
          env:
            - name: POSTGRESQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD
          #         command:
          #           - pg_resetwal
          #           - /bitnami/postgresql/data

          ports:
            - name: http
              containerPort: 5432
              protocol: TCP
          volumeMounts:
            - name: storage
              mountPath: /bitnami/postgresql
        - name: psql-exporter
          image: 'quay.io/prometheuscommunity/postgres-exporter:latest'
          env:
            - name: DATA_SOURCE_URI
              value: "localhost:5432/postgres?sslmode=disable"
            - name: DATA_SOURCE_USER
              value: "postgres"
            - name: DATA_SOURCE_PASS
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD
          ports:
            - name: metrics
              containerPort: 9187
              protocol: TCP
        - name: user-creation
          image: 'bitnami/postgresql:17'
          command:
            - /bin/bash
            - -c
            - |
              until pg_isready -h 127.0.0.1 -p 5432 -U postgres; do
                echo "Waiting for database to be ready..."
                sleep 2
              done

              for var in $(printenv | grep "^USER_" | awk -F '=' '{print $1}'); do
                USERNAME=${var#"USER_"}
                PASSWORD=$(printenv "$var")
                echo "Creating user $USERNAME"
                psql -h 127.0.0.1 -p 5432 -U postgres -d postgres -c "CREATE USER $USERNAME WITH PASSWORD '$PASSWORD';"
                echo "Creating database $USERNAME"
                psql -h 127.0.0.1 -p 5432 -U postgres -d postgres -c "CREATE DATABASE $USERNAME WITH OWNER = $USERNAME ENCODING = 'UTF8';"
              done
              echo All done
              tail -f /dev/null
          envFrom:
            - secretRef:
                name: postgres-users
          env:
            - name: PGPASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: PGADMIN_DEFAULT_PASSWORD
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: psql-monitor
  namespace: psql
spec:
  endpoints:
    - interval: 30s
      #metricRelabelings:

      #- action: keep
      #  regex: lm-api
      #  sourceLabels:
      #  - service
      #- action: replace
      #  replacement: "true"
      #  targetLabel: global
      path: /metrics
      port: metrics
      scheme: http
  namespaceSelector:
    matchNames:
      - psql
  selector:
    matchLabels:
      app: psql
---
apiVersion: v1
kind: Service
metadata:
  name: psql
  namespace: psql
spec:
  selector:
    app: psql
  ports:
    - protocol: TCP
      port: 5432
      targetPort: 5432
---
apiVersion: v1
kind: Service
metadata:
  name: psql-exporter
  namespace: psql
  labels:
    app.kubernetes.io/name: psql-exporter
spec:
  selector:
    app: psql
  ports:
    - protocol: TCP
      name: metrics
      port: 9187
      targetPort: 9187