226 lines
6.0 KiB
YAML
226 lines
6.0 KiB
YAML
apiVersion: storage.k8s.io/v1
|
|
kind: StorageClass
|
|
metadata:
|
|
name: matrix-db
|
|
# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
|
|
provisioner: rook-ceph.cephfs.csi.ceph.com
|
|
parameters:
|
|
# clusterID is the namespace where the rook cluster is running
|
|
# If you change this namespace, also change the namespace below where the secret namespaces are defined
|
|
clusterID: rook-ceph
|
|
|
|
# CephFS filesystem name into which the volume shall be created
|
|
fsName: matrix
|
|
|
|
# Ceph pool into which the volume shall be created
|
|
# Required for provisionVolume: "true"
|
|
pool: matrix-replicated
|
|
|
|
# The secrets contain Ceph admin credentials. These are generated automatically by the operator
|
|
# in the same namespace as the cluster.
|
|
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
|
|
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
|
|
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
|
|
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
|
|
csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
|
|
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
|
|
|
|
reclaimPolicy: Delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: db
|
|
namespace: matrix
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 4Gi
|
|
storageClassName: matrix-db
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: db
|
|
namespace: matrix
|
|
labels:
|
|
app: db
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: db
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: db
|
|
spec:
|
|
containers:
|
|
- name: db
|
|
image: postgres
|
|
imagePullPolicy: "IfNotPresent"
|
|
ports:
|
|
- name: mysql
|
|
containerPort: 5432
|
|
env:
|
|
- name: MARIADB_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: matrix-db
|
|
key: root.pw
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: matrix-db
|
|
key: username
|
|
optional: false
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: matrix-db
|
|
key: user.pw
|
|
optional: false
|
|
- name: POSTGRES_DB
|
|
value: synapse
|
|
- name: POSTGRES_INITDB_ARGS
|
|
value: "--lc-collate=C --lc-ctype=C --encoding=UTF8"
|
|
#livenessProbe:
|
|
# exec:
|
|
# command: ["sh", "-c", "exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD"]
|
|
# initialDelaySeconds: 120
|
|
# periodSeconds: 10
|
|
# timeoutSeconds: 1
|
|
# successThreshold: 1
|
|
# failureThreshold: 3
|
|
#readinessProbe:
|
|
# exec:
|
|
# command: ["sh", "-c", "exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD"]
|
|
# initialDelaySeconds: 30
|
|
# periodSeconds: 10
|
|
# timeoutSeconds: 1
|
|
# successThreshold: 1
|
|
# failureThreshold: 3
|
|
volumeMounts:
|
|
- mountPath: /var/lib/postgresql/data
|
|
name: data
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: db
|
|
readOnly: false
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: db
|
|
namespace: matrix
|
|
spec:
|
|
internalTrafficPolicy: Cluster
|
|
ipFamilies:
|
|
- IPv6
|
|
ipFamilyPolicy: SingleStack
|
|
ports:
|
|
- name: postgres
|
|
port: 5432
|
|
protocol: TCP
|
|
targetPort: 5432
|
|
selector:
|
|
app: db
|
|
sessionAffinity: None
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: storage.k8s.io/v1
|
|
kind: StorageClass
|
|
metadata:
|
|
name: matrix-db-backup
|
|
# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
|
|
provisioner: rook-ceph.cephfs.csi.ceph.com
|
|
parameters:
|
|
# clusterID is the namespace where the rook cluster is running
|
|
# If you change this namespace, also change the namespace below where the secret namespaces are defined
|
|
clusterID: rook-ceph
|
|
|
|
# CephFS filesystem name into which the volume shall be created
|
|
fsName: matrix
|
|
|
|
# Ceph pool into which the volume shall be created
|
|
# Required for provisionVolume: "true"
|
|
pool: matrix-replicated
|
|
|
|
# The secrets contain Ceph admin credentials. These are generated automatically by the operator
|
|
# in the same namespace as the cluster.
|
|
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
|
|
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
|
|
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
|
|
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
|
|
csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
|
|
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
|
|
|
|
reclaimPolicy: Delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: db-backup
|
|
namespace: matrix
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 4Gi
|
|
storageClassName: matrix-db-backup
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: db-backup
|
|
namespace: matrix
|
|
labels:
|
|
app: db-backup
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: db-backup
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: db-backup
|
|
spec:
|
|
containers:
|
|
- name: db-backup
|
|
image: prodrigestivill/postgres-backup-local
|
|
imagePullPolicy: "IfNotPresent"
|
|
env:
|
|
- name: SCHEDULE
|
|
value: "@daily"
|
|
- name: BACKUP_KEEP_DAYS
|
|
value: "7"
|
|
- name: POSTGRES_DB
|
|
value: "synapse"
|
|
- name: POSTGRES_HOST
|
|
value: db
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: matrix-db
|
|
key: root.pw
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: matrix-db
|
|
key: username
|
|
optional: false
|
|
- name: HEALTHCHECK_PORT
|
|
value: "8080"
|
|
volumeMounts:
|
|
- mountPath: /backups
|
|
name: backup
|
|
volumes:
|
|
- name: backup
|
|
persistentVolumeClaim:
|
|
claimName: db-backup
|
|
readOnly: false |