44 lines
1.5 KiB
YAML
44 lines
1.5 KiB
YAML
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: vaultwarden-db-init-v3
|
|
namespace: pg-init
|
|
spec:
|
|
ttlSecondsAfterFinished: 300
|
|
template:
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
containers:
|
|
- name: db-init
|
|
image: postgres:17
|
|
env:
|
|
- name: PGHOST
|
|
value: pgbouncer.default.svc.cluster.local
|
|
- name: PGPORT
|
|
value: "6432"
|
|
- name: PGUSER
|
|
value: pginit
|
|
- name: PGDATABASE
|
|
value: postgres
|
|
- name: PGPASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pg-init-secret
|
|
key: password
|
|
- name: VW_DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: vaultwarden-db-bootstrap-secret
|
|
key: password
|
|
command:
|
|
- bash
|
|
- -ec
|
|
- |
|
|
psql -c "SELECT 1 FROM pg_roles WHERE rolname='vaultwarden'" | grep -q 1 || \
|
|
psql -c "CREATE USER vaultwarden WITH PASSWORD '${VW_DB_PASSWORD}';"
|
|
psql -c "GRANT vaultwarden TO pginit;"
|
|
psql -c "SELECT 1 FROM pg_database WHERE datname='vaultwarden'" | grep -q 1 || \
|
|
psql -c "CREATE DATABASE vaultwarden OWNER vaultwarden;"
|
|
psql -c "GRANT ALL PRIVILEGES ON DATABASE vaultwarden TO vaultwarden;"
|
|
psql -d vaultwarden -c "GRANT ALL ON SCHEMA public TO vaultwarden;"
|