Erich Blume
d75fdfdad6
- Create blumeops-pg Cluster with CloudNativePG - Add eblume superuser role (matches current brew pg setup) - Configure pg_hba for password auth from any IP (Tailscale handles security) - Add secret template for eblume password from 1Password - Create ArgoCD Application with manual sync policy - Update Phase 1 plan with implementation notes Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
24 lines
796 B
YAML
24 lines
796 B
YAML
# PostgreSQL Cluster for blumeops services
|
|
# Requires: CloudNativePG operator (cloudnative-pg app) and manual secret setup
|
|
#
|
|
# Before syncing, create the eblume password secret:
|
|
# kubectl create namespace databases
|
|
# op inject -i argocd/manifests/databases/secret-eblume.yaml.tpl | kubectl apply -f -
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: blumeops-pg
|
|
namespace: argocd
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: ssh://forgejo@indri.tail8d86e.ts.net:2200/eblume/blumeops.git
|
|
targetRevision: feature/k8s-phase1-kickoff
|
|
path: argocd/manifests/databases
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: databases
|
|
syncPolicy:
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
# Manual sync only - no automated sync on git push
|