black-start cnpg replication config

2026-03-17 20:08:03 -04:00
parent d26192d28e
commit 425f9ee792
6 changed files with 133 additions and 2 deletions
--- a/kubernetes/secrets/cloudnativepg/weyma-pgsql-replication.nix
+++ b/kubernetes/secrets/cloudnativepg/weyma-pgsql-replication.nix
@@ -0,0 +1,18 @@
+{ config, ... }:
+{
+  sops.templates."weyma-pgsql-replication.yaml" = {
+    mode = "0444";
+    content = ''
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        name: weyma-pgsql-replication
+        namespace: cloudnativepg
+      type: Opaque
+      data:
+        tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJuVENDQVVTZ0F3SUJBZ0lRVEcvaEhOSG5IeGxQVzdtTGI5akIxekFLQmdncWhrak9QUVFEQWpBdU1SWXcKRkFZRFZRUUxFdzFqYkc5MVpHNWhkR2wyWlhCbk1SUXdFZ1lEVlFRREV3dDNaWGx0WVMxd1ozTnhiREFlRncweQpOVEV5TWpnd01URTROVEZhRncweU5qQXpNamd3TVRFNE5URmFNQnd4R2pBWUJnTlZCQU1NRVhOMGNtVmhiV2x1CloxOXlaWEJzYVdOaE1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRWVRQzVjb2pzUDMwUTZGcnMKS1draTBjRHpDSkk1eVNoS25PaURRR24yQ1FtNEhmaWRGd3V6cFBOdWlaUHk4TjFmNFRzRlJwNy8ybDhSeUd0OQovWjhUMWFOV01GUXdEZ1lEVlIwUEFRSC9CQVFEQWdPSU1CTUdBMVVkSlFRTU1Bb0dDQ3NHQVFVRkJ3TUNNQXdHCkExVWRFd0VCL3dRQ01BQXdId1lEVlIwakJCZ3dGb0FVYjdXdGZxSWZTR2UyVXphRWxhL01XS2lMTG9Vd0NnWUkKS29aSXpqMEVBd0lEUndBd1JBSWdWeG5OeEVBM3lGYVdRZk1JTDAxKzB2RXBiZVBGcElNdkkxVkNTT3Z2QzhvQwpJR3k4MVVwYmFucVVRdUd6alJjZmxYWDdrSjRqcUlhUWFWUUE0SmRNNzFpQQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+        tls.key: ${config.sops.placeholder.weyma_pgsql_replication_tls_key}
+    '';
+    path = "/var/lib/rancher/k3s/server/manifests/secrets/weyma-pgsql-replication.yaml";
+  };
+}