mm neue secret definition
This commit is contained in:
titver968
@@ -1,3 +1,27 @@
|
|||||||
|
# 1. Namespace erstellen
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: mattermost
|
||||||
|
labels:
|
||||||
|
pod-security.kubernetes.io/enforce: "privileged"
|
||||||
|
|
||||||
|
---
|
||||||
|
# 2. Manuelles Secret mit KORREKTEM DSN (ohne mysql:// Prefix)
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: mattermost-mattermost-team-edition-mattermost-dbsecret
|
||||||
|
namespace: mattermost
|
||||||
|
annotations:
|
||||||
|
# Verhindert, dass ArgoCD dieses Secret überschreibt
|
||||||
|
argocd.argoproj.io/sync-options: "Prune=false"
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
mattermost.dbsecret: "mmdbuser:mmdbpwd@tcp(mattermost-mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
|
||||||
|
|
||||||
|
---
|
||||||
|
# 3. ArgoCD Application
|
||||||
apiVersion: argoproj.io/v1alpha1
|
apiVersion: argoproj.io/v1alpha1
|
||||||
kind: Application
|
kind: Application
|
||||||
metadata:
|
metadata:
|
||||||
@@ -24,7 +48,7 @@ spec:
|
|||||||
storageClass: "longhorn"
|
storageClass: "longhorn"
|
||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
|
|
||||||
# MySQL SubChart AKTIVIERT (für die Datenbank)
|
# MySQL SubChart
|
||||||
mysql:
|
mysql:
|
||||||
enabled: true
|
enabled: true
|
||||||
mysqlRootPassword: "mmROOT12345"
|
mysqlRootPassword: "mmROOT12345"
|
||||||
@@ -39,14 +63,6 @@ spec:
|
|||||||
accessMode: ReadWriteOnce
|
accessMode: ReadWriteOnce
|
||||||
size: 10Gi
|
size: 10Gi
|
||||||
|
|
||||||
# TRICK: externalDB aktivieren, damit das Chart NICHT das
|
|
||||||
# fehlerhafte MM_CONFIG Secret generiert!
|
|
||||||
# Wir zeigen auf die interne MySQL mit korrektem DSN Format
|
|
||||||
externalDB:
|
|
||||||
enabled: true
|
|
||||||
externalDriverType: "mysql"
|
|
||||||
externalConnectionString: "mmdbuser:mmdbpwd@tcp(mattermost-mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
|
|
||||||
|
|
||||||
# Ingress Konfiguration
|
# Ingress Konfiguration
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
@@ -65,11 +81,19 @@ spec:
|
|||||||
namespace: mattermost
|
namespace: mattermost
|
||||||
|
|
||||||
syncPolicy:
|
syncPolicy:
|
||||||
managedNamespaceMetadata:
|
|
||||||
labels:
|
|
||||||
pod-security.kubernetes.io/enforce: "privileged"
|
|
||||||
automated:
|
automated:
|
||||||
selfHeal: true
|
selfHeal: true
|
||||||
prune: true
|
prune: true
|
||||||
syncOptions:
|
syncOptions:
|
||||||
- CreateNamespace=true
|
- CreateNamespace=false
|
||||||
|
# WICHTIG: Respektiere Ressourcen die nicht vom Chart kommen
|
||||||
|
- RespectIgnoreDifferences=true
|
||||||
|
|
||||||
|
# Ignoriere Änderungen am manuell erstellten Secret
|
||||||
|
ignoreDifferences:
|
||||||
|
- group: ""
|
||||||
|
kind: Secret
|
||||||
|
name: mattermost-mattermost-team-edition-mattermost-dbsecret
|
||||||
|
jsonPointers:
|
||||||
|
- /data
|
||||||
|
- /stringData
|
||||||
Reference in New Issue
Block a user