ai-workspace-infra/gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(gitops): add stunnel client config and clean server config

Browse Source
This commit is contained in:
Haitao Pan 2026-04-02 19:21:36 +08:00
parent d13351f845
commit 50401d47e7
4 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
databases/postgresql/kustomization.yaml
View File

@ -8,6 +8,7 @@ resources:
- ghcr-pull-externalsecret.yaml
- stunnel-externalsecret.yaml
- stunnel-server-configmap.yaml
- stunnel-client-configmap.yaml
- stunnel-server-deployment.yaml
- stunnel-server-service.yaml
- stunnel-client-deployment.yaml

18
databases/postgresql/stunnel-client-configmap.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: postgresql-stunnel-client
namespace: database
data:
stunnel.conf: |
foreground = yes
debug = 5
[postgres-client]
client = yes
accept = 0.0.0.0:15432
connect = postgresql-stunnel-server.database.svc.cluster.local:5433
verifyChain = no
sslVersionMin = TLSv1.2
options = NO_SSLv2
options = NO_SSLv3
TIMEOUTclose = 0

17
databases/postgresql/stunnel-client-deployment.yaml
View File

@ -24,14 +24,13 @@ spec:
- name: stunnel-client
image: ghcr.io/x-evor/postgresql.svc.plus/stunnel-client:latest
imagePullPolicy: IfNotPresent
env:
- name: STUNNEL_SERVICE
value: postgres-client
- name: STUNNEL_ACCEPT
value: "15432"
- name: STUNNEL_CONNECT
value: postgresql-stunnel-server.database.svc.cluster.local:5433
- name: STUNNEL_CRONTAB
value: ""
ports:
- containerPort: 15432
volumeMounts:
- name: stunnel-config
mountPath: /etc/stunnel/stunnel.conf
subPath: stunnel.conf
volumes:
- name: stunnel-config
configMap:
name: postgresql-stunnel-client

1
databases/postgresql/stunnel-server-configmap.yaml
View File

@ -19,6 +19,5 @@ data:
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
socket = l:SO_KEEPALIVE=1
socket = r:TCP_KEEPALIVE=1
TIMEOUTclose = 0
TIMEOUTidle = 43200