feat: overhaul

2025-09-17 18:24:14 +02:00 · 2025-01-04 00:00:04 +01:00
parent b14022014b
commit 0c9529c7a2
408 changed files with 3187 additions and 2380 deletions
--- a/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/externalsecret.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/externalsecret.yaml
@@ -0,0 +1,20 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: pgadmin
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: pgadmin-secret
+    template:
+      engineVersion: v2
+      data:
+        # App
+        PGADMIN_PASSWORD: "{{ .password }}"
+  dataFrom:
+    - extract:
+        key: pgadmin
--- a/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/ingress.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/ingress.yaml
@@ -0,0 +1,33 @@
+---
+# trunk-ignore(checkov/CKV_K8S_21)
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: pgadmin
+  annotations:
+          hajimari.io/icon: mdi:database
+          gethomepage.dev/enabled: "true"
+          gethomepage.dev/name: pgAdmin
+          gethomepage.dev/description: PostgreSQL management tool.
+          gethomepage.dev/group: Infrrastructure
+          gethomepage.dev/icon: pgadmin.png
+          gethomepage.dev/pod-selector: >-
+            app in (
+              pgadmin
+            )
+spec:
+  ingressClassName: internal
+  tls:
+    - hosts:
+        - &host pgadmin.${SECRET_EXTERNAL_DOMAIN}
+  rules:
+    - host: *host
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: pgadmin
+                port:
+                  number: 5050
--- a/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/kustomization.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/kustomization.yaml
@@ -0,0 +1,9 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./externalsecret.yaml
+  - ./ingress.yaml
+  - ./pgadmin.yaml
+  - ./service.yaml
--- a/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/pgadmin.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/pgadmin.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: postgres-operator.crunchydata.com/v1beta1
+kind: PGAdmin
+metadata:
+  name: pgadmin
+spec:
+  users:
+  - username: admin@homelab.io
+    role: Administrator
+    passwordRef:
+      name: pgadmin-secret
+      key: PGADMIN_PASSWORD
+  dataVolumeClaimSpec:
+    accessModes:
+    - ReadWriteOnce
+    resources:
+      requests:
+        storage: 1Gi
+  serverGroups:
+    - name: supply
+      postgresClusterSelector: {}
+  serviceName: pgadmin
--- a/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/service.yaml
+++ b/kubernetes/apps/database/crunchy-postgres-operator/pgadmin/service.yaml
@@ -0,0 +1,14 @@
+---
+# trunk-ignore(checkov/CKV_K8S_21)
+apiVersion: v1
+kind: Service
+metadata:
+  name: pgadmin
+spec:
+  type: ClusterIP
+  ports:
+  - name: pgadmin-port
+    port: 5050
+    protocol: TCP
+  selector:
+    postgres-operator.crunchydata.com/pgadmin: pgadmin