sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://158-160-253-227.nip.io:2222/infra/iac

Browse Source
This commit is contained in:
Kochetkov S 2026-04-14 11:46:55 +03:00
commit 46bb7f6c81
3 changed files with 117 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
apps/attachments/base/deployment.yaml
View File

@ -40,30 +40,18 @@ spec:
- name: YANDEX_S3_USE_SSL
value: "false"
- name: DATABASE_HOST
valueFrom:
secretKeyRef:
name: postgres-secret
key: host
value: "postgresql.attachments"
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
name: postgres-secret
key: port
value: "5432"
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
name: postgres-secret
key: database
value: attachments_db
- name: DATABASE_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: username
value: attachments
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: password
name: postgresql-secret
key: user-password
volumeMounts:
- mountPath: /etc/sarex/yc-s3-storage
name: yc-s3

1
apps/attachments/yc-k8s-test/kustomization.yaml
View File

@ -3,6 +3,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../base
- postgresql.yaml
patches:
- path: replicas.yaml
target:

110
apps/attachments/yc-k8s-test/postgresql.yaml Normal file
View File

@ -0,0 +1,110 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: postgresql
namespace: attachments
spec:
interval: 5m
timeout: 2h
chart:
spec:
chart: postgresql-contour
version: "17.0.2"
sourceRef:
kind: HelmRepository
name: yc-oci-charts
namespace: flux-system
install:
timeout: 2h
remediation:
retries: 3
upgrade:
timeout: 2h
remediation:
retries: 3
values:
global:
security:
allowInsecureImages: true
defaultStorageClass: local-path
postgresql:
auth:
username: ""
database: ""
secretKeys:
userPasswordKey: "postgres-password"
auth:
username: ""
database: ""
secretKeys:
userPasswordKey: "postgres-password"
image:
registry: cr.yandex/crp3ccidau046kdj8g9q
repository: contour/postgresql
tag: 17.0.2
pullPolicy: Always
metrics:
enabled: false
prometheusRule:
enabled: false
primary:
containerSecurityContext:
readOnlyRootFilesystem: false
persistence:
storageClass: local-path
size: 20Gi
customLivenessProbe:
exec:
command:
- /bin/sh
- -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
customReadinessProbe:
exec:
command:
- /bin/sh
- -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
customStartupProbe:
exec:
command:
- /bin/sh
- -c
- exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
nodeSelector:
dedicated: db
tolerations:
- key: dedicated
operator: Equal
value: db
effect: NoSchedule
contour:
enabled: true
adminUser: ""
adminPasswordSecretKey: ""
sharedPreloadLibraries: "pg_stat_statements"
databases:
- name: attachments_db
user: attachments
extensions: []
restoreFromDump: false
s3-proxy:
endpointUrl: "s3-proxy-service.postgresql.svc.cluster.local"