feat(db): Migrate database and rework configuration

Add configuration entry for the new database paradigm, and reword the configuration pipeline to allow for better configuration maintainability and secret management.
This commit is contained in:
Tanguy Herbron 2023-07-30 18:43:37 +02:00
parent 347b1c79eb
commit b8557ab571
5 changed files with 88 additions and 23 deletions

30
manifests/configmap.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: homeassistant-config
namespace: home-automation
data:
configuration.yaml: |
default_config:
http:
ip_ban_enabled: false
login_attempts_threshold: -1
use_x_forwarded_for: true
trusted_proxies:
- 10.42.0.0/16
- 10.20.0.0/16
- 10.10.0.0/16
- 10.18.242.163/32
homeassistant:
name: Home
latitude: 55.656428
longitude: 12.552433
elevation: 4
unit_system: metric
time_zone: Europe/Copenhagen
external_url: http://hassio.beta.entos
internal_url: http://homeassistant-svc.home-automation.svc.cluster.local
frontend:
themes: !include_dir_merge_named themes
prometheus:
recorder: !include recorder.yaml

View File

@ -1,25 +1,27 @@
kind: "postgresql"
apiVersion: "acid.zalan.do/v1"
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: "homeassistant"
namespace: "home-automation"
labels:
teams: acid
name: homeassistant-db
namespace: home-automation
spec:
teamId: "acid"
instances: 1
storage:
size: 1Gi
storageClass: flat-storage-class
bootstrap:
initdb:
database: homeassistant
owner: homeassistant
secret:
name: homeassistant-db
postgresql:
version: "15"
numberOfInstances: 1
volume:
size: "1Gi"
storageClass: "flat-storage-class"
users:
hassio: []
databases:
hassio: hassio
allowedSourceRanges:
pg_hba:
- host all all all md5
resources:
requests:
cpu: 100m

View File

@ -14,13 +14,32 @@ spec:
labels:
app: homeassistant
spec:
initContainers:
- name: config-binder
image: alpine
command: ["sh", "-c", "cp /binder/configuration.yaml /config/configuration.yaml"]
volumeMounts:
- mountPath: /binder/configuration.yaml
name: homeassistant-config
subPath: configuration.yaml
- mountPath: /config
name: homeassistant-data
containers:
- name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
volumeMounts:
- mountPath: "/config"
name: hassio-storage
- mountPath: /config
name: homeassistant-data
- mountPath: /config/recorder.yaml
name: homeassistant-recorder
subPath: recorder.yaml
volumes:
- name: hassio-storage
hostPath:
path: "/mnt/hassio/data"
- name: homeassistant-config
configMap:
name: homeassistant-config
- name: homeassistant-data
persistentVolumeClaim:
claimName: homeassistant-pvc
- name: homeassistant-recorder
secret:
secretName: homeassistant-recorder

View File

@ -3,5 +3,7 @@ kind: Kustomization
resources:
- namespace.yaml
- configmap.yaml
- pvc.yaml
- database.yaml
- deployment.yaml

12
manifests/pvc.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: homeassistant-pvc
namespace: home-automation
spec:
accessModes:
- ReadWriteOnce
storageClassName: flat-storage-class
resources:
requests:
storage: 1Gi