69 lines
1.6 KiB
YAML
69 lines
1.6 KiB
YAML
server:
|
|
enabled: true
|
|
|
|
image:
|
|
repository: postgres
|
|
tag: "17.9"
|
|
pullPolicy: IfNotPresent
|
|
|
|
auth:
|
|
username: postgres
|
|
database: postgres
|
|
existingSecret: postgresql-auth
|
|
secretKey: postgres-password
|
|
|
|
initScripts:
|
|
enabled: true
|
|
scripts:
|
|
01-core-schemas.sql: |
|
|
DO $$
|
|
BEGIN
|
|
IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'core_prod_user') THEN
|
|
CREATE ROLE core_prod_user LOGIN;
|
|
END IF;
|
|
IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'core_pre_user') THEN
|
|
CREATE ROLE core_pre_user LOGIN;
|
|
END IF;
|
|
END
|
|
$$;
|
|
|
|
CREATE SCHEMA IF NOT EXISTS core_prod AUTHORIZATION postgres;
|
|
CREATE SCHEMA IF NOT EXISTS core_pre AUTHORIZATION postgres;
|
|
|
|
GRANT USAGE ON SCHEMA core_prod TO core_prod_user;
|
|
GRANT USAGE ON SCHEMA core_pre TO core_pre_user;
|
|
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA core_prod
|
|
GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO core_prod_user;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA core_pre
|
|
GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO core_pre_user;
|
|
|
|
persistence:
|
|
enabled: true
|
|
size: 20Gi
|
|
|
|
metrics:
|
|
enabled: false
|
|
|
|
stunnel:
|
|
enabled: false
|
|
|
|
stunnelClient:
|
|
enabled: false
|
|
image:
|
|
repository: dweomer/stunnel
|
|
tag: latest
|
|
pullPolicy: IfNotPresent
|
|
service:
|
|
port: 15432
|
|
config: |
|
|
[postgres-client]
|
|
client = yes
|
|
accept = 0.0.0.0:15432
|
|
connect = postgresql-stunnel-server.database.svc.cluster.local:5433
|
|
verifyChain = no
|
|
sslVersion = TLSv1.2
|
|
options = NO_SSLv2
|
|
options = NO_SSLv3
|
|
ciphers = HIGH:!aNULL:!MD5
|