From b8557ab57162119aa8bdd4cdd4bb9fe775bff999 Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Sun, 30 Jul 2023 18:43:37 +0200 Subject: [PATCH] feat(db): Migrate database and rework configuration Add configuration entry for the new database paradigm, and reword the configuration pipeline to allow for better configuration maintainability and secret management. --- manifests/configmap.yaml | 30 ++++++++++++++++++++++++++++ manifests/database.yaml | 38 +++++++++++++++++++----------------- manifests/deployment.yaml | 29 ++++++++++++++++++++++----- manifests/kustomization.yaml | 2 ++ manifests/pvc.yaml | 12 ++++++++++++ 5 files changed, 88 insertions(+), 23 deletions(-) create mode 100644 manifests/configmap.yaml create mode 100644 manifests/pvc.yaml diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml new file mode 100644 index 0000000..ca314b4 --- /dev/null +++ b/manifests/configmap.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: homeassistant-config + namespace: home-automation +data: + configuration.yaml: | + default_config: + http: + ip_ban_enabled: false + login_attempts_threshold: -1 + use_x_forwarded_for: true + trusted_proxies: + - 10.42.0.0/16 + - 10.20.0.0/16 + - 10.10.0.0/16 + - 10.18.242.163/32 + homeassistant: + name: Home + latitude: 55.656428 + longitude: 12.552433 + elevation: 4 + unit_system: metric + time_zone: Europe/Copenhagen + external_url: http://hassio.beta.entos + internal_url: http://homeassistant-svc.home-automation.svc.cluster.local + frontend: + themes: !include_dir_merge_named themes + prometheus: + recorder: !include recorder.yaml diff --git a/manifests/database.yaml b/manifests/database.yaml index 2914038..3c92401 100644 --- a/manifests/database.yaml +++ b/manifests/database.yaml @@ -1,25 +1,27 @@ -kind: "postgresql" -apiVersion: "acid.zalan.do/v1" - +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster metadata: - name: "homeassistant" - namespace: "home-automation" - labels: - teams: acid + name: homeassistant-db + namespace: home-automation spec: - teamId: "acid" + instances: 1 + + storage: + size: 1Gi + storageClass: flat-storage-class + + bootstrap: + initdb: + database: homeassistant + owner: homeassistant + secret: + name: homeassistant-db + postgresql: - version: "15" - numberOfInstances: 1 - volume: - size: "1Gi" - storageClass: "flat-storage-class" - users: - hassio: [] - databases: - hassio: hassio - allowedSourceRanges: + pg_hba: + - host all all all md5 + resources: requests: cpu: 100m diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml index 17c8977..6a0da4b 100644 --- a/manifests/deployment.yaml +++ b/manifests/deployment.yaml @@ -14,13 +14,32 @@ spec: labels: app: homeassistant spec: + initContainers: + - name: config-binder + image: alpine + command: ["sh", "-c", "cp /binder/configuration.yaml /config/configuration.yaml"] + volumeMounts: + - mountPath: /binder/configuration.yaml + name: homeassistant-config + subPath: configuration.yaml + - mountPath: /config + name: homeassistant-data containers: - name: homeassistant image: ghcr.io/home-assistant/home-assistant:stable volumeMounts: - - mountPath: "/config" - name: hassio-storage + - mountPath: /config + name: homeassistant-data + - mountPath: /config/recorder.yaml + name: homeassistant-recorder + subPath: recorder.yaml volumes: - - name: hassio-storage - hostPath: - path: "/mnt/hassio/data" + - name: homeassistant-config + configMap: + name: homeassistant-config + - name: homeassistant-data + persistentVolumeClaim: + claimName: homeassistant-pvc + - name: homeassistant-recorder + secret: + secretName: homeassistant-recorder diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml index 1a71c84..1072c7e 100644 --- a/manifests/kustomization.yaml +++ b/manifests/kustomization.yaml @@ -3,5 +3,7 @@ kind: Kustomization resources: - namespace.yaml + - configmap.yaml + - pvc.yaml - database.yaml - deployment.yaml diff --git a/manifests/pvc.yaml b/manifests/pvc.yaml new file mode 100644 index 0000000..4f0ebed --- /dev/null +++ b/manifests/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: homeassistant-pvc + namespace: home-automation +spec: + accessModes: + - ReadWriteOnce + storageClassName: flat-storage-class + resources: + requests: + storage: 1Gi