Erich Blume
22f418d0dc
## Summary Review session covering 3 docs, plus a codebase-wide cleanup: ### Docs reviewed - **connect-to-postgres** — verified end-to-end (psql connection tested), stamped - **create-release-artifact-workflow** — clarified that `build-blumeops.yaml` is only a version bump example (not a packages API example) - **deploy-k8s-service** — fixed stale repoURL (`indri:2200` → `forge.ops.eblu.me:2222`), wrong Caddy config keys (`upstream` → `backend`, added missing `host`), updated Homepage group to "Services", added Tailscale tag documentation ### Codebase cleanup - Migrated all remaining `op item get --fields` calls to `op read` URI syntax across 7 files (docs, READMEs, YAML comments) - Simplified the `op read` vs `op item get` guidance in CLAUDE.md ## Side findings (not addressed) - New `immich-pg` CNPG cluster not yet documented in the postgresql reference card ## Test plan - [x] `psql` connection to `pg.ops.eblu.me` verified - [x] All pre-commit hooks pass - [x] `docs-check-links`, `docs-check-index`, `docs-check-frontmatter` pass Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/191
1.9 KiB
1.9 KiB
| title | modified | tags | ||
|---|---|---|---|---|
| PostgreSQL | 2026-02-15 |
|
PostgreSQL
Database clusters via CloudNativePG operator.
Quick Reference
| Property | Value |
|---|---|
| URL | tcp://pg.ops.eblu.me:5432 |
| Metrics | http://cnpg-metrics.tail8d86e.ts.net:9187/metrics |
| Namespace | databases |
| Clusters | blumeops-pg, immich-pg |
| Operator | CloudNativePG |
Databases
| Database | Cluster | Owner | Purpose |
|---|---|---|---|
| miniflux | blumeops-pg | miniflux | miniflux feed data |
| teslamate | blumeops-pg | teslamate | teslamate vehicle data |
| immich | immich-pg | immich | immich photo management |
The immich-pg cluster uses a custom image (cloudnative-vectorchord) with vector search extensions (vector, vchord, cube, earthdistance).
Users
| User | Role | Purpose |
|---|---|---|
| postgres | superuser | CNPG internal |
| miniflux | app owner | Owns miniflux database |
| teslamate | superuser | TeslaMate (needs extensions) |
| eblume | superuser | Admin access |
| borgmatic | pg_read_all_data | [[borgmatic |
Backup
Backed up via borgmatic postgresql_databases hook. Streams pg_dump directly to Borg (no intermediate files, no downtime). See backup for overall backup policy.
Credentials
1Password items:
guxu3j7ajhjyey6xxl2ovsl2ui- eblume passwordmw2bv5we7woicjza7hc6s44yvy- borgmatic password
CNPG-managed secrets (blumeops-pg):
blumeops-pg-app- miniflux userblumeops-pg-eblume- eblume superuserblumeops-pg-borgmatic- borgmatic backup userblumeops-pg-teslamate- teslamate user
CNPG-managed secrets (immich-pg):
immich-pg-app- immich user
Related
- connect-to-postgres - How to connect via psql
- miniflux - Feed reader database
- teslamate - Vehicle data database
- immich - Photo management database
- borgmatic - Database backup