♻️ migrate postgresql to truenas jail + minio https

2025-10-03 01:00:54 +02:00 · 2024-01-13 17:47:18 +01:00
parent badd042d50
commit 7fd3c78db8
111 changed files with 785 additions and 266 deletions
--- a/kubernetes/apps/default/authelia/app/externalsecret.yaml
+++ b/kubernetes/apps/default/authelia/app/externalsecret.yaml
@@ -22,12 +22,13 @@ spec:
        AUTHELIA_SESSION_SECRET: "{{ .AUTHELIA_SESSION_SECRET }}"
        AUTHELIA_STORAGE_ENCRYPTION_KEY: "{{ .AUTHELIA_STORAGE_ENCRYPTION_KEY }}"
        AUTHELIA_STORAGE_POSTGRES_DATABASE: &dbName authelia
-        AUTHELIA_STORAGE_POSTGRES_HOST: &dbHost postgres-rw.default.svc.cluster.local
+        AUTHELIA_STORAGE_POSTGRES_HOST: &dbHost postgres.${SECRET_DOMAIN}
        AUTHELIA_STORAGE_POSTGRES_USERNAME: &dbUser "{{ .AUTHELIA_STORAGE_POSTGRES_USERNAME }}"
        AUTHELIA_STORAGE_POSTGRES_PASSWORD: &dbPass "{{ .AUTHELIA_STORAGE_POSTGRES_PASSWORD }}"
+        AUTHELIA_STORAGE_POSTGRES_TLS_SERVER_NAME: *dbHost
+        AUTHELIA_STORAGE_POSTGRES_TLS_SKIP_VERIFY: "false"
        GRAFANA_OAUTH_CLIENT_SECRET: "{{ .GRAFANA_OAUTH_CLIENT_SECRET }}"
        IMMICH_OAUTH_CLIENT_SECRET: "{{ .IMMICH_OAUTH_CLIENT_SECRET }}"
-        MINIFLUX_OAUTH_CLIENT_SECRET: "{{ .MINIFLUX_OAUTH_CLIENT_SECRET }}"
        WEAVEGITOPS_OAUTH_CLIENT_SECRET: "{{ .WEAVEGITOPS_OAUTH_CLIENT_SECRET }}"
        GITEA_OAUTH_CLIENT_SECRET: "{{ .GITEA_OAUTH_CLIENT_SECRET }}"
        # Postgres Init
@@ -39,7 +40,7 @@ spec:
  dataFrom:
    - extract:
        key: authelia
-    - extract:
-        key: cloudnative-pg
    - extract:
        key: lldap
+    - extract:
+        key: generic
--- a/kubernetes/apps/default/authelia/app/helmrelease.yaml
+++ b/kubernetes/apps/default/authelia/app/helmrelease.yaml
@@ -51,10 +51,10 @@ spec:
          reloader.stakater.com/auto: "true"
        initContainers:
          init-db:
+            order: 1
            image:
-              repository: ghcr.io/auricom/postgres-init
-              tag: 15.5@sha256:9b1b80d8101d3f1c73ef13b90dff2ab3bc855bd79ebcd334cba57db391ce6db0
-              pullPolicy: IfNotPresent
+              repository: ghcr.io/onedr0p/postgres-init
+              tag: 16
            envFrom: &envFrom
              - secretRef:
                  name: authelia-secret
@@ -94,8 +94,6 @@ spec:
              AUTHELIA_SESSION_NAME: authelia-home-ops
              AUTHELIA_SESSION_REDIS_HOST: authelia-redis.default.svc.cluster.local.
              AUTHELIA_SESSION_REDIS_PORT: 6379
-              AUTHELIA_STORAGE_POSTGRES_DATABASE: authelia
-              AUTHELIA_STORAGE_POSTGRES_HOST: ${POSTGRES_HOST}
              AUTHELIA_TELEMETRY_METRICS_ADDRESS: tcp://0.0.0.0:8080
              AUTHELIA_TELEMETRY_METRICS_ENABLED: "true"
              AUTHELIA_THEME: dark
--- a/kubernetes/apps/default/authelia/ks.yaml
+++ b/kubernetes/apps/default/authelia/ks.yaml
@@ -8,7 +8,6 @@ metadata:
 spec:
  dependsOn:
    - name: cluster-apps-authelia-redis
-    - name: cluster-apps-cloudnative-pg-cluster
    - name: cluster-apps-external-secrets-stores
  path: ./kubernetes/apps/default/authelia/app
  prune: true