infrastructure/black-start
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
33f0e30229062a99386803721b63a396069a50ce
black-start/kubernetes/manifests/cnpg.nix

108 lines
3.9 KiB
Nix
Raw Blame History

{
services.k3s.manifests = {
"objectstore.yaml".content = {
apiVersion = "barmancloud.cnpg.io/v1";
kind = "ObjectStore";
metadata.name = "truenas-s3";
metadata.namespace = "cloudnativepg";
spec = {
configuration = {
destinationPath = "s3://weyma-talos-shared-pgsql-new/";
endpointURL = "http://10.105.15.20:9000";
s3Credentials = {
accessKeyId = {
key = "s3AccessKey";
name = "s3-backup-creds";
};
secretAccessKey = {
key = "s3SecretKey";
name = "s3-backup-creds";
};
};
};
};
};
"pg-cluster.yaml".content = {
apiVersion = "postgresql.cnpg.io/v1";
kind = "Cluster";
metadata.name = "weyma-bs-pgsql";
metadata.namespace = "cloudnativepg";
spec = {
instances = 1;
imageName = "ghcr.io/cloudnative-pg/postgresql:16.9-5-bullseye";
storage = {
size = "50Gi";
storageClass = "local-path";
};
plugins = [
{
name = "barman-cloud.cloudnative-pg.io";
parameters.barmanObjectName = "truenas-s3";
}
];
bootstrap.recovery.source = "weyma-pgsql";
externalClusters = [
{
name = "weyma-bs-pgsql";
plugin = {
name = "barman-cloud.cloudnative-pg.io";
parameters = {
barmanObjectName = "truenas-s3";
serverName = "weyma-bs-pgsql";
};
};
}
{
name = "weyma-pgsql";
connectionParameters = {
host = "10.105.10.24";
user = "streaming_replica";
dbname = "postgres";
sslmode = "require";
};
plugin = {
name = "barman-cloud.cloudnative-pg.io";
parameters = {
barmanObjectName = "truenas-s3";
serverName = "weyma-pgsql";
};
};
sslKey = {
name = "weyma-pgsql-replication";
key = "tls.key";
};
sslCert = {
name = "weyma-pgsql-replication";
key = "tls.crt";
};
sslRootCert = {
name = "weyma-pgsql-ca";
key = "ca.crt";
};
}
];
replica = {
primary = "weyma-pgsql";
source = "weyma-pgsql";
};
managed.services.additional = [
{
selectorType = "rw";
serviceTemplate = {
metadata.name = "weyma-bs-pgsql-ext";
spec.type = "LoadBalancer";
};
}
];
};
};
"weyma-pgsql-ca.yaml".content = {
apiVersion = "v1";
kind = "Secret";
metadata.name = "weyma-pgsql-ca";
metadata.namespace = "cloudnativepg";
# this is fine to be in plaintext since it's just a cert and contains no key
data."ca.crt" = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJtekNDQVVLZ0F3SUJBZ0lRUjMzT3F3OTJKbDlmeXFzMkZyREd0akFLQmdncWhrak9QUVFEQWpBdU1SWXcKRkFZRFZRUUxFdzFqYkc5MVpHNWhkR2wyWlhCbk1SUXdFZ1lEVlFRREV3dDNaWGx0WVMxd1ozTnhiREFlRncweQpOVEV5TWpnd01URTROVEZhRncweU5qQXpNamd3TVRFNE5URmFNQzR4RmpBVUJnTlZCQXNURFdOc2IzVmtibUYwCmFYWmxjR2N4RkRBU0JnTlZCQU1UQzNkbGVXMWhMWEJuYzNGc01Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMEQKQVFjRFFnQUU5c1R4R0tLNWdRVnhmZzNkZWtlbHpFSGlMbG5GaHBZa1hTMzJSYlphV0llZ3ZWWk11cC9TRmU4YQoyai92TWdETldpZVJWcHBTVElBeml0YUxQYXdvSktOQ01FQXdEZ1lEVlIwUEFRSC9CQVFEQWdJRU1BOEdBMVVkCkV3RUIvd1FGTUFNQkFmOHdIUVlEVlIwT0JCWUVGRysxclg2aUgwaG50bE0yaEpXdnpGaW9peTZGTUFvR0NDcUcKU000OUJBTUNBMGNBTUVRQ0lBeXhPS3VGVFhhQUJwaGhJZDI0VXZkU0FLTytPanpIZStvbVJYeDdqbTJOQWlCbAo1TVc0MDZzU3haTDgydTFtL2J3V0JXQWZPTWhLNXVlYmIyemR3QzE0Vmc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==";
};
};
}
Reference in New Issue View Git Blame Copy Permalink