2024-11-26 09:56:42 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
2024-11-26 15:16:05 +01:00
|
|
|
export PGUSER=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-username}" | base64 --decode`
|
|
|
|
export PGHOST=`kubectl get services traefik -n system -o jsonpath="{.status.loadBalancer.ingress[0].ip}"`
|
|
|
|
export PGPASSWORD=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-password}" | base64 --decode`
|
|
|
|
export PGSSLMODE=require
|
2024-11-26 09:56:42 +01:00
|
|
|
|
|
|
|
DATABASE=zabbix
|
|
|
|
LOGIN=zabbix
|
|
|
|
PASSWORD=`openssl rand -base64 24`
|
|
|
|
NAMESPACE=$(cat namespace)
|
|
|
|
|
|
|
|
ARG1=$1
|
|
|
|
|
|
|
|
if [ "$ARG1" = "initial" ]; then
|
|
|
|
psql <<EOF
|
2024-11-26 15:16:05 +01:00
|
|
|
CREATE USER $LOGIN;
|
|
|
|
COMMIT;
|
|
|
|
CREATE DATABASE $DATABASE WITH OWNER $LOGIN;
|
2024-11-26 09:56:42 +01:00
|
|
|
EOF
|
|
|
|
fi
|
|
|
|
|
|
|
|
psql <<EOF
|
2024-11-26 15:16:05 +01:00
|
|
|
ALTER USER $LOGIN WITH PASSWORD '$PASSWORD';
|
|
|
|
GRANT ALL PRIVILEGES ON DATABASE $DATABASE TO $LOGIN;
|
2024-11-26 09:56:42 +01:00
|
|
|
commit;
|
|
|
|
EOF
|
|
|
|
|
|
|
|
kubectl create secret generic database-cred \
|
|
|
|
--dry-run=client \
|
|
|
|
-o yaml \
|
|
|
|
--save-config \
|
|
|
|
--from-literal=POSTGRES_USER="$LOGIN" \
|
2024-11-26 15:16:05 +01:00
|
|
|
--from-literal=POSTGRES_PASSWORD="$PASSWORD" \
|
|
|
|
--from-literal=POSTGRES_DB="$DATABASE" \
|
2024-11-26 09:56:42 +01:00
|
|
|
--from-literal=DB_SERVER_HOST="timescaledb.database.svc.cluster.local" | \
|
|
|
|
kubectl apply -f - -n $NAMESPACE
|
|
|
|
|
|
|
|
|