Update k8s manifests

2026-03-10 14:26:37 +08:00 · 2026-03-10 14:26:37 +08:00 · f2f354c131
commit f2f354c131
parent 8fc481e1e2
2 changed files with 20 additions and 12 deletions
--- a/k8s/pg-init/keycloak-db.yaml
+++ b/k8s/pg-init/keycloak-db.yaml
@ -1,7 +1,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: keycloak-db-init
+  name: keycloak-db-init-v2
  namespace: pg-init
 spec:
  ttlSecondsAfterFinished: 300
@ -18,6 +18,8 @@ spec:
              value: "6432"
            - name: PGUSER
              value: pginit
+            - name: PGDATABASE
+              value: postgres
            - name: PGPASSWORD
              valueFrom:
                secretKeyRef:
@ -30,9 +32,11 @@ spec:
                  key: password
          command:
            - bash
-            - -c
+            - -ec
            - |
-              psql -c "CREATE DATABASE keycloak;" || true
-              psql -c "CREATE USER keycloak WITH PASSWORD '${KC_DB_PASSWORD}';" || true
-              psql -c "GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak;" || true
-              psql -d keycloak -c "GRANT ALL ON SCHEMA public TO keycloak;" || true
+              psql -c "SELECT 1 FROM pg_roles WHERE rolname='keycloak'" | grep -q 1 || \
+                psql -c "CREATE USER keycloak WITH PASSWORD '${KC_DB_PASSWORD}';"
+              psql -c "SELECT 1 FROM pg_database WHERE datname='keycloak'" | grep -q 1 || \
+                psql -c "CREATE DATABASE keycloak OWNER keycloak;"
+              psql -c "GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak;"
+              psql -d keycloak -c "GRANT ALL ON SCHEMA public TO keycloak;"
--- a/k8s/pg-init/vaultwarden-db.yaml
+++ b/k8s/pg-init/vaultwarden-db.yaml
@ -1,7 +1,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: vaultwarden-db-init
+  name: vaultwarden-db-init-v2
  namespace: pg-init
 spec:
  ttlSecondsAfterFinished: 300
@ -18,6 +18,8 @@ spec:
              value: "6432"
            - name: PGUSER
              value: pginit
+            - name: PGDATABASE
+              value: postgres
            - name: PGPASSWORD
              valueFrom:
                secretKeyRef:
@ -30,9 +32,11 @@ spec:
                  key: password
          command:
            - bash
-            - -c
+            - -ec
            - |
-              psql -c "CREATE DATABASE vaultwarden;" || true
-              psql -c "CREATE USER vaultwarden WITH PASSWORD '${VW_DB_PASSWORD}';" || true
-              psql -c "GRANT ALL PRIVILEGES ON DATABASE vaultwarden TO vaultwarden;" || true
-              psql -d vaultwarden -c "GRANT ALL ON SCHEMA public TO vaultwarden;" || true
+              psql -c "SELECT 1 FROM pg_roles WHERE rolname='vaultwarden'" | grep -q 1 || \
+                psql -c "CREATE USER vaultwarden WITH PASSWORD '${VW_DB_PASSWORD}';"
+              psql -c "SELECT 1 FROM pg_database WHERE datname='vaultwarden'" | grep -q 1 || \
+                psql -c "CREATE DATABASE vaultwarden OWNER vaultwarden;"
+              psql -c "GRANT ALL PRIVILEGES ON DATABASE vaultwarden TO vaultwarden;"
+              psql -d vaultwarden -c "GRANT ALL ON SCHEMA public TO vaultwarden;"