From 601b81e466837b9a0b1761354bb9500d5367d813 Mon Sep 17 00:00:00 2001
From: titver968 <vermesan@hotmail.com>
Date: Thu, 27 Nov 2025 09:19:19 +0100
Subject: [PATCH] mm neuer versuch

---
 argocd/apps/mattermost/mattermnost.yaml | 92 +++++++++++++------------
 1 file changed, 47 insertions(+), 45 deletions(-)

diff --git a/argocd/apps/mattermost/mattermnost.yaml b/argocd/apps/mattermost/mattermnost.yaml
index 8e12eea..929285a 100644
--- a/argocd/apps/mattermost/mattermnost.yaml
+++ b/argocd/apps/mattermost/mattermnost.yaml
@@ -1,27 +1,42 @@
-# 1. Namespace erstellen
-apiVersion: v1
-kind: Namespace
+apiVersion: argoproj.io/v1alpha1
+kind: Application
 metadata:
-  name: mattermost
-  labels:
-    pod-security.kubernetes.io/enforce: "privileged"
+  name: mattermost-postgres
+spec:
+  project: default
+  source:
+    repoURL: 'https://charts.bitnami.com/bitnami'
+    targetRevision: 16.*.*
+    chart: postgresql
+    helm:
+      valuesObject:
+        auth:
+          postgresPassword: "mmROOT12345"
+          database: "mattermost"
+          username: "mmdbuser"
+          password: "mmdbpwd"
+        
+        primary:
+          persistence:
+            enabled: true
+            storageClass: "longhorn"
+            size: 10Gi
+
+        # Service Name für Kompatibilität
+        fullnameOverride: "mattermost-postgresql"
+
+  destination:
+    server: 'https://kubernetes.default.svc'
+    namespace: mattermost
+
+  syncPolicy:
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true
 
 ---
-# 2. Manuelles Secret mit KORREKTEM DSN (ohne mysql:// Prefix)
-apiVersion: v1
-kind: Secret
-metadata:
-  name: mattermost-mattermost-team-edition-mattermost-dbsecret
-  namespace: mattermost
-  annotations:
-    # Verhindert, dass ArgoCD dieses Secret überschreibt
-    argocd.argoproj.io/sync-options: "Prune=false"
-type: Opaque
-stringData:
-  mattermost.dbsecret: "mmdbuser:mmdbpwd@tcp(mattermost-mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
-
----
-# 3. ArgoCD Application
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
@@ -48,20 +63,15 @@ spec:
             storageClass: "longhorn"
             accessMode: ReadWriteOnce
 
-        # MySQL SubChart
+        # MySQL SubChart DEAKTIVIEREN
         mysql:
+          enabled: false
+
+        # PostgreSQL als externe Datenbank
+        externalDB:
           enabled: true
-          mysqlRootPassword: "mmROOT12345"
-          mysqlUser: "mmdbuser"
-          mysqlPassword: "mmdbpwd"
-          mysqlDatabase: mattermost
-          testFramework:
-            enabled: false
-          persistence:
-            enabled: true
-            storageClass: "longhorn"
-            accessMode: ReadWriteOnce
-            size: 10Gi
+          externalDriverType: "postgres"
+          externalConnectionString: "mmdbuser:mmdbpwd@mattermost-postgresql:5432/mattermost?sslmode=disable&connect_timeout=10"
 
         # Ingress Konfiguration
         ingress:
@@ -81,19 +91,11 @@ spec:
     namespace: mattermost
 
   syncPolicy:
+    managedNamespaceMetadata:
+      labels: 
+        pod-security.kubernetes.io/enforce: "privileged"
     automated:
       selfHeal: true
       prune: true
     syncOptions:
-      - CreateNamespace=false
-      # WICHTIG: Respektiere Ressourcen die nicht vom Chart kommen
-      - RespectIgnoreDifferences=true
-  
-  # Ignoriere Änderungen am manuell erstellten Secret
-  ignoreDifferences:
-    - group: ""
-      kind: Secret
-      name: mattermost-mattermost-team-edition-mattermost-dbsecret
-      jsonPointers:
-        - /data
-        - /stringData
\ No newline at end of file
+      - CreateNamespace=true
\ No newline at end of file