diff --git a/README.md b/README.md index dd78673..ccb4e9f 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,6 @@ Helm charts for wger deployment on Kubernetes - ## TL;DR If you know what you are doing, you can go ahead and run these commands to install wger. Otherwise, keep on reading! @@ -197,9 +196,11 @@ The following settings are declared in the groundhog2k Helm charts. | Name | Description | Type | Default Value | |------|-------------|------|---------------| | `postgres.enabled` | Enable the PostgreSQL chart | Boolean | `True` | -| `postgres.settings.superuser ` | Superuser name | String | `wger` | -| `postgres.settings.superuserPassword` | Password of superuser | String | `wger` | -| `postgres.userDatabase.name` | PostgreSQL database name to use for wger | String | `wger` | +| `postgres.settings.superuser ` | Superuser name | String | `postgres` | +| `postgres.settings.superuserPassword` | Password of superuser | String | `postgres` | +| `postgres.userDatabase.name` | Database name to use for wger | String | `wger` | +| `postgres.userDatabase.user` | Username to use for wger | String | `wger` | +| `postgres.userDatabase.password` | Password for wger user | String | `wger` | | `postgres.service.port` | PostreSQL service port | Integer | `5432` | | `postgres.storage.persistentVolumeClaimName` | PVC name when existing storage volume should be used | String | `Nil` | | `postgres.storage.requestedSize` | Size for new PVC, when no existing PVC is used | Integer | `8Gi` | diff --git a/RELEASENOTES.md b/RELEASENOTES.md new file mode 100644 index 0000000..006b58e --- /dev/null +++ b/RELEASENOTES.md @@ -0,0 +1,35 @@ +## 0.1.6 + +* get the database credentials from the secret, like the postgres chart does + +### Upgrade + +#### postgres superuser + +The superuser was named `wger`, but this seems to lead to a error in the postgres docker image: + +```bash +FATAL: role "postgres" does not exist +``` + +So you need to manually add a `postgres` superuser: + +```bash +kubectl -n wger exec -ti wger-postgres-0 -- bash +psql -U wger + +CREATE ROLE postgres WITH LOGIN SUPERUSER PASSWORD 'postgres'; +``` + +As well set the settings in your `values.yaml`: + +```yaml +postgres: + settings: + superuser: postgres + superuserPassword: postgres + userDatabase: + name: wger + user: wger + password: wger +``` diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index bb77602..7709f53 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.1.5 +version: 0.1.6-rc.1 appVersion: latest name: wger description: A Helm chart for Wger installation on Kubernetes diff --git a/charts/wger/templates/_helpers.tpl b/charts/wger/templates/_helpers.tpl index ebd6292..b2dc75a 100644 --- a/charts/wger/templates/_helpers.tpl +++ b/charts/wger/templates/_helpers.tpl @@ -29,12 +29,6 @@ environment: value: "True" - name: DJANGO_DB_ENGINE value: "django.db.backends.postgresql" - - name: DJANGO_DB_USER - value: {{ .Values.postgres.settings.superuser | quote }} - - name: DJANGO_DB_PASSWORD - value: {{ .Values.postgres.settings.superuserPassword | quote }} - - name: DJANGO_DB_DATABASE - value: {{ .Values.postgres.userDatabase.name | quote }} - name: DJANGO_DB_HOST value: "{{ .Release.Name }}-postgres" - name: DJANGO_DB_PORT diff --git a/charts/wger/templates/configmap.yaml b/charts/wger/templates/configmap.yaml index 3f611f7..924039b 100644 --- a/charts/wger/templates/configmap.yaml +++ b/charts/wger/templates/configmap.yaml @@ -44,3 +44,11 @@ data: } } {{- end }} +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: wger-pg-init +data: + grantSuperuser.sql: | + ALTER USER {{ .Values.postgres.userDatabase.name }} WITH SUPERUSER; diff --git a/charts/wger/templates/deployment.yaml b/charts/wger/templates/deployment.yaml index dcd973d..3eeac74 100644 --- a/charts/wger/templates/deployment.yaml +++ b/charts/wger/templates/deployment.yaml @@ -49,6 +49,21 @@ spec: secretKeyRef: name: {{ .Values.app.jwt.secret.name | default "jwt" | quote }} key: "signing-key" + - name: DJANGO_DB_USER + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_USER" + - name: DJANGO_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_PASSWORD" + - name: DJANGO_DB_DATABASE + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "POSTGRES_DB" {{- if .Values.celery.flower.enabled }} - name: CELERY_FLOWER_PASSWORD valueFrom: @@ -191,6 +206,21 @@ spec: secretKeyRef: name: {{ .Values.app.jwt.secret.name | default "jwt" | quote }} key: "signing-key" + - name: DJANGO_DB_USER + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_USER" + - name: DJANGO_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_PASSWORD" + - name: DJANGO_DB_DATABASE + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "POSTGRES_DB" {{- if .Values.celery.flower.enabled }} - name: CELERY_FLOWER_PASSWORD valueFrom: @@ -225,6 +255,21 @@ spec: secretKeyRef: name: {{ .Values.app.jwt.secret.name | default "jwt" | quote }} key: "signing-key" + - name: DJANGO_DB_USER + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_USER" + - name: DJANGO_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_PASSWORD" + - name: DJANGO_DB_DATABASE + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "POSTGRES_DB" - name: CELERY_FLOWER_PASSWORD valueFrom: secretKeyRef: @@ -239,6 +284,15 @@ spec: mountPath: /home/wger/src readOnly: false {{- end }} + initContainers: + - name: init-container + image: docker.io/busybox:latest + command: + - /bin/sh + - -c + - until nc -zvw10 {{.Release.Name}}-postgres {{ .Values.postgres.service.port }}; do echo "Waiting for postgres service ({{.Release.Name}}-postgres:{{ .Values.postgres.service.port }}) "; sleep 2; done && + until nc -zvw10 {{.Release.Name}}-redis {{ .Values.redis.service.serverPort }}; do echo "Waiting for redis service ({{.Release.Name}}-redis:{{ .Values.redis.service.serverPort }})"; sleep 2; done && + until wget --spider http://{{.Release.Name}}-http:8000; do echo "Waiting for wger app service ({{.Release.Name}}-http:8000)"; sleep 2; done {{- end }} volumes: - name: wger-media @@ -311,6 +365,21 @@ spec: secretKeyRef: name: {{ .Values.app.jwt.secret.name | default "jwt" | quote }} key: "signing-key" + - name: DJANGO_DB_USER + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_USER" + - name: DJANGO_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "USERDB_PASSWORD" + - name: DJANGO_DB_DATABASE + valueFrom: + secretKeyRef: + name: "{{.Release.Name}}-postgres" + key: "POSTGRES_DB" {{- if .Values.celery.flower.enabled }} - name: CELERY_FLOWER_PASSWORD valueFrom: @@ -328,6 +397,15 @@ spec: mountPath: /home/wger/src readOnly: false {{- end }} + initContainers: + - name: init-container + image: docker.io/busybox:latest + command: + - /bin/sh + - -c + - until nc -zvw10 {{.Release.Name}}-postgres {{ .Values.postgres.service.port }}; do echo "Waiting for postgres service ({{.Release.Name}}-postgres:{{ .Values.postgres.service.port }}) "; sleep 2; done && + until nc -zvw10 {{.Release.Name}}-redis {{ .Values.redis.service.serverPort }}; do echo "Waiting for redis service ({{.Release.Name}}-redis:{{ .Values.redis.service.serverPort }})"; sleep 2; done && + until wget --spider http://{{.Release.Name}}-http:8000; do echo "Waiting for wger app service ({{.Release.Name}}-http:8000)"; sleep 2; done volumes: - name: wger-media persistentVolumeClaim: diff --git a/charts/wger/values.yaml b/charts/wger/values.yaml index e0f10e7..e1942e7 100644 --- a/charts/wger/values.yaml +++ b/charts/wger/values.yaml @@ -113,13 +113,19 @@ service: # PostgreSQL Settings for groundhog2k chart. Only a minimum has been specified below. # For more options, see https://github.com/groundhog2k/helm-charts/tree/master/charts/postgres postgres: - # Note: keep these variables present as the chart uses them for the Deployment + # Note: keep these variables present as the wger chart uses them for the deployment + # the superuser and user settings will be saved into a secret enabled: true + # after the first installation the superuser and userDatabase settings will be ignored + # they will be taken from the secret settings: - superuser: wger - superuserPassword: wger + superuser: postgres + superuserPassword: postgres userDatabase: name: wger + user: wger + password: wger + extraScripts: wger-pg-init service: port: 5432 resources: