infrastructure/black-start
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix cnpg secret

Browse Source
This commit is contained in:
William Peebles
2026-03-17 13:16:57 -04:00
parent ea27ab3067
commit 37fdf43abe
4 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
kubernetes/kubernetes.nix
View File

@@ -2,6 +2,7 @@
imports = [ imports = [
./charts ./charts
./manifests ./manifests
./secrets
]; ];
networking.firewall.allowedTCPPorts = [6443]; networking.firewall.allowedTCPPorts = [6443];

4
kubernetes/secrets/cloundativepg/s3-backup-creds.nix → kubernetes/secrets/cloudnativepg/s3-backup-creds.nix
View File

@@ -1,6 +1,6 @@
{ config, ... }: { config, ... }:
{ {
sops.templates."omni-etcd-key.yaml" = { sops.templates."cnpg-s3-backup-creds.yaml" = {
mode = "0444"; mode = "0444";
content = '' content = ''
apiVersion: v1 apiVersion: v1
@@ -9,7 +9,7 @@
name: s3-backup-creds name: s3-backup-creds
namespace: cloudnativepg namespace: cloudnativepg
type: Opaque type: Opaque
spec: stringData:
s3AccessKey: fmRuq5b96EKqQOGR1prs s3AccessKey: fmRuq5b96EKqQOGR1prs
s3SecretKey: ${config.sops.placeholder.cnpg_s3_backup_key} s3SecretKey: ${config.sops.placeholder.cnpg_s3_backup_key}
''; '';

2
kubernetes/secrets/default.nix
View File

@@ -1,5 +1,5 @@
{ {
imports = [ imports = [
./omni/omni-etcd-key.nix ./cloudnativepg/s3-backup-creds.nix
]; ];
} }

1
security/sops.nix
View File

@@ -18,6 +18,7 @@
pw_williamp = { pw_williamp = {
neededForUsers = true; neededForUsers = true;
}; };
cnpg_s3_backup_key = {};
}; };
}; };
} }