apiVersion: v1 kind: Namespace metadata: name: databases --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgres-pvc namespace: databases spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 10Gi limits: storage: 10Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: postgres namespace: databases spec: replicas: 1 strategy: type: Recreate selector: matchLabels: ms: postgres template: metadata: labels: ms: postgres spec: terminationGracePeriodSeconds: 120 containers: - name: postgres image: postgres:16.1 args: [ "-c", "max_connections=200", "-c", "listen_addresses=*", "-c", "shared_preload_libraries=pg_stat_statements,pg_buffercache,auto_explain", ] ports: - containerPort: 5432 volumeMounts: - name: data mountPath: /var/lib/postgresql/data subPath: postgres env: - name: PGDATA value: /var/lib/postgresql/data/pgdata - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: secrets key: POSTGRES_PASSWORD volumes: - name: data persistentVolumeClaim: claimName: postgres-pvc --- apiVersion: v1 kind: Service metadata: name: postgres namespace: databases spec: type: NodePort selector: ms: postgres ports: - port: 5432 targetPort: 5432 --- apiVersion: apps/v1 kind: Deployment metadata: name: postgres-exporter namespace: databases spec: replicas: 1 selector: matchLabels: ms: postgres-exporter template: metadata: labels: ms: postgres-exporter spec: containers: - name: postgres-exporter image: quay.io/prometheuscommunity/postgres-exporter ports: - containerPort: 9187 env: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: secrets key: POSTGRES_PASSWORD - name: DATA_SOURCE_NAME value: postgresql://postgres:$(POSTGRES_PASSWORD)@postgres.databases:5432/postgres?sslmode=disable --- apiVersion: v1 kind: Service metadata: name: postgres-exporter namespace: databases spec: type: NodePort selector: ms: postgres-exporter ports: - port: 9187 targetPort: 9187 --- apiVersion: batch/v1 kind: CronJob metadata: name: postgres-backup namespace: databases spec: schedule: "0 0 * * *" concurrencyPolicy: Forbid successfulJobsHistoryLimit: 1 failedJobsHistoryLimit: 1 jobTemplate: spec: backoffLimit: 0 ttlSecondsAfterFinished: 60 template: spec: restartPolicy: Never containers: - name: test-container image: container-registry.nocodelytics.com/postgres-s3 command: - /bin/sh - -c - > pg_dump -U postgres -h postgres.databases nocodelytics_production | gzip > /backup/nocodelytics_production_$(date +'%Y-%m-%d').sql.gzip && rclone copy /backup/nocodelytics_production_$(date '+%Y-%m-%d').sql.gzip contabo:postgres env: - name: PGPASSWORD valueFrom: secretKeyRef: name: secrets key: POSTGRES_PASSWORD - name: RCLONE_CONFIG_CONTABO_TYPE value: "s3" - name: RCLONE_CONFIG_CONTABO_PROVIDER value: "Other" - name: RCLONE_CONFIG_CONTABO_ENV_AUTH value: "false" - name: RCLONE_CONFIG_CONTABO_ENDPOINT value: "https://eu2.contabostorage.com" - name: RCLONE_CONFIG_CONTABO_ACCESS_KEY_ID valueFrom: secretKeyRef: name: secrets key: AWS_ACCESS_KEY_ID - name: RCLONE_CONFIG_CONTABO_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: secrets key: AWS_SECRET_ACCESS_KEY volumeMounts: - mountPath: /backup name: backup-volume volumes: - name: backup-volume emptyDir: {} --- apiVersion: v1 kind: Pod metadata: name: test-pod namespace: databases spec: containers: - name: test-container image: container-registry.nocodelytics.com/postgres-s3 command: ["sh", "-c", "echo Image pulled successfully && sleep 3600"] env: - name: PGPASSWORD valueFrom: secretKeyRef: name: secrets key: POSTGRES_PASSWORD - name: RCLONE_CONFIG_CONTABO_TYPE value: "s3" - name: RCLONE_CONFIG_CONTABO_PROVIDER value: "Other" - name: RCLONE_CONFIG_CONTABO_ENV_AUTH value: "false" - name: RCLONE_CONFIG_CONTABO_ENDPOINT value: "https://eu2.contabostorage.com" - name: RCLONE_CONFIG_CONTABO_ACCESS_KEY_ID valueFrom: secretKeyRef: name: secrets key: AWS_ACCESS_KEY_ID - name: RCLONE_CONFIG_CONTABO_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: secrets key: AWS_SECRET_ACCESS_KEY volumeMounts: - mountPath: /backup name: backup-volume volumes: - name: backup-volume emptyDir: {}