feat(db): Migrate database and rework configuration

Add configuration entry for the new database paradigm, and reword the configuration pipeline to allow for better configuration maintainability and secret management.
2023-07-30 18:43:37 +02:00 · 2023-07-30 18:43:37 +02:00 · b8557ab571
commit b8557ab571
parent 347b1c79eb
5 changed files with 88 additions and 23 deletions
--- a/manifests/configmap.yaml
+++ b/manifests/configmap.yaml
@ -0,0 +1,30 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: homeassistant-config
  namespace: home-automation
 data:
  configuration.yaml: |
    default_config:
    http:
      ip_ban_enabled: false
      login_attempts_threshold: -1
      use_x_forwarded_for: true
      trusted_proxies:
        - 10.42.0.0/16
        - 10.20.0.0/16
        - 10.10.0.0/16
        - 10.18.242.163/32
    homeassistant:
      name: Home
      latitude: 55.656428
      longitude: 12.552433
      elevation: 4
      unit_system: metric
      time_zone: Europe/Copenhagen
      external_url: http://hassio.beta.entos
      internal_url: http://homeassistant-svc.home-automation.svc.cluster.local
    frontend:
      themes: !include_dir_merge_named themes
    prometheus:
    recorder: !include recorder.yaml
--- a/manifests/database.yaml
+++ b/manifests/database.yaml
@ -1,25 +1,27 @@
-kind: "postgresql"
+apiVersion: postgresql.cnpg.io/v1
-apiVersion: "acid.zalan.do/v1"
+kind: Cluster
 metadata:
-  name: "homeassistant"
+  name: homeassistant-db
-  namespace: "home-automation"
+  namespace: home-automation
  labels:
    teams: acid
 spec:
-  teamId: "acid"
+  instances: 1
  storage: 
    size: 1Gi
    storageClass: flat-storage-class
  bootstrap:
    initdb:
      database: homeassistant
      owner: homeassistant
      secret:
        name: homeassistant-db
  postgresql:
-    version: "15"
+    pg_hba:
-  numberOfInstances: 1
+      - host all all all md5
-  volume:
+
    size: "1Gi"
    storageClass: "flat-storage-class"
  users:
    hassio: []
  databases:
    hassio: hassio
  allowedSourceRanges:
  resources:
    requests:
      cpu: 100m
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@ -14,13 +14,32 @@ spec:
      labels:
        app: homeassistant
    spec:
      initContainers:
        - name: config-binder
          image: alpine
          command: ["sh", "-c", "cp /binder/configuration.yaml /config/configuration.yaml"]
          volumeMounts:
            - mountPath: /binder/configuration.yaml
              name: homeassistant-config
              subPath: configuration.yaml
            - mountPath: /config
              name: homeassistant-data
      containers:
        - name: homeassistant
          image: ghcr.io/home-assistant/home-assistant:stable
          volumeMounts:
-            - mountPath: "/config"
+            - mountPath: /config
-              name: hassio-storage
+              name: homeassistant-data
            - mountPath: /config/recorder.yaml
              name: homeassistant-recorder
              subPath: recorder.yaml
      volumes:
-        - name: hassio-storage
+        - name: homeassistant-config
-          hostPath:
+          configMap:
-            path: "/mnt/hassio/data"
+            name: homeassistant-config
        - name: homeassistant-data
          persistentVolumeClaim:
            claimName: homeassistant-pvc
        - name: homeassistant-recorder
          secret:
            secretName: homeassistant-recorder
--- a/manifests/kustomization.yaml
+++ b/manifests/kustomization.yaml
@ -3,5 +3,7 @@ kind: Kustomization
 resources:
  - namespace.yaml
  - configmap.yaml
  - pvc.yaml
  - database.yaml
  - deployment.yaml
--- a/manifests/pvc.yaml
+++ b/manifests/pvc.yaml
@ -0,0 +1,12 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: homeassistant-pvc
  namespace: home-automation
 spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: flat-storage-class
  resources:
    requests:
      storage: 1Gi