Switch to mittwald's secret generator

2025-12-06 03:30:42 +00:00 · 2021-10-29 23:09:29 -07:00 · 2021-10-29 23:09:29 -07:00 · df19b7ca5c
commit df19b7ca5c
parent b79b125e4a
3 changed files with 27 additions and 11 deletions
--- a/deployment.yaml
+++ b/deployment.yaml
@ -34,6 +34,11 @@
          env:
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: gitea-secrets
+                  key: pg_username
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
--- a/kustomization.yaml
+++ b/kustomization.yaml
@ -1,18 +1,19 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: gitea
-secretGenerator:
- literals:
-  - pg_password=some1pass5here9
-  name: gitea-secrets
-generatorOptions:
-  disableNameSuffixHash: true
-  labels:
-    type: generated
+# secretGenerator:
+# - literals:
+#   - pg_password=some1pass5here9
+#   name: gitea-secrets
+# generatorOptions:
+#   disableNameSuffixHash: true
+#   labels:
+#     type: generated
 resources:
 - namespace.yaml
+- secrets.yaml
 - storage.yaml
 - configuration.yaml
- deployment.yaml
- service.yaml
- ingress.yaml
+# - deployment.yaml
+# - service.yaml
+# - ingress.yaml
--- a/secrets.yaml
+++ b/secrets.yaml
@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: gitea-secrets
+  namespace: gitea
+  annotations:
+    secret-generator.v1.mittwald.de/autogenerate: pg_password
+data:
+  pg_username: cG9zdGdyZXM=