diff --git a/services/database/postgresql/README.md b/services/database/postgresql/README.md index 3620f64..10d9706 100644 --- a/services/database/postgresql/README.md +++ b/services/database/postgresql/README.md @@ -22,5 +22,5 @@ directory. Otherwise the ExternalSecrets controller will report Use `scripts/seed-vault-postgresql.sh` from a trusted admin shell to write the expected Vault keys from local environment variables or existing K8s Secrets. The shared TLS Secret for `postgresql-vultr.svc.plus` is synchronized by the -`k3s-platform` Helm chart into `database/postgresql-vultr-tls`, which +`k3s-platform` Helm chart into `database/postgresql-tls`, which `stunnel-server` consumes directly. Do not commit the secret values to Git. diff --git a/services/database/postgresql/stunnel-server-deployment.yaml b/services/database/postgresql/stunnel-server-deployment.yaml index 2d9dab0..907b30f 100644 --- a/services/database/postgresql/stunnel-server-deployment.yaml +++ b/services/database/postgresql/stunnel-server-deployment.yaml @@ -38,13 +38,13 @@ spec: name: postgresql-stunnel-server - name: stunnel-cert secret: - secretName: postgresql-vultr-tls + secretName: postgresql-tls items: - key: tls.crt path: server-cert.pem - name: stunnel-key secret: - secretName: postgresql-vultr-tls + secretName: postgresql-tls items: - key: tls.key path: server-key.pem diff --git a/services/database/stunnel-server/stunnel-server-deployment.yaml b/services/database/stunnel-server/stunnel-server-deployment.yaml index c0fb3df..583a66b 100644 --- a/services/database/stunnel-server/stunnel-server-deployment.yaml +++ b/services/database/stunnel-server/stunnel-server-deployment.yaml @@ -37,13 +37,13 @@ spec: name: postgresql-stunnel-server - name: stunnel-cert secret: - secretName: postgresql-vultr-tls + secretName: postgresql-tls items: - key: tls.crt path: server-cert.pem - name: stunnel-key secret: - secretName: postgresql-vultr-tls + secretName: postgresql-tls items: - key: tls.key path: server-key.pem