add cnpg backup key to secrets

2026-03-17 12:38:14 -04:00
parent 27bdb3f674
commit ea27ab3067
4 changed files with 29 additions and 4 deletions
--- a/kubernetes/secrets/cloundativepg/s3-backup-creds.nix
+++ b/kubernetes/secrets/cloundativepg/s3-backup-creds.nix
@@ -0,0 +1,18 @@
+{ config, ... }:
+{
+  sops.templates."omni-etcd-key.yaml" = {
+    mode = "0444";
+    content = ''
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        name: s3-backup-creds
+        namespace: cloudnativepg
+      type: Opaque
+      spec:
+        s3AccessKey: fmRuq5b96EKqQOGR1prs
+        s3SecretKey: ${config.sops.placeholder.cnpg_s3_backup_key}
+    '';
+    path = "/var/lib/rancher/k3s/server/manifests/secrets/cnpg-s3-backup-creds.yaml";
+  };
+}
--- a/kubernetes/secrets/default.nix
+++ b/kubernetes/secrets/default.nix
@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./omni/omni-etcd-key.nix
+  ];
+}