From 75dacabc72877414ad3156276c027266a06816ef Mon Sep 17 00:00:00 2001
From: Erki Aas <erki@veebkolm.ee>
Date: Thu, 27 Nov 2025 19:34:08 +0200
Subject: [PATCH] Add mariadb for freescout

---
 freescout/mariadb.yml | 109 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 109 insertions(+)
 create mode 100644 freescout/mariadb.yml

diff --git a/freescout/mariadb.yml b/freescout/mariadb.yml
new file mode 100644
index 0000000..b58ed2b
--- /dev/null
+++ b/freescout/mariadb.yml
@@ -0,0 +1,109 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: mariadb
+spec:
+  revisionHistoryLimit: 0
+  serviceName: mariadb
+  selector:
+    matchLabels:
+      app: mariadb
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: mariadb
+      annotations:
+        prometheus.io/port: '9104'
+        prometheus.io/scrape: 'true'
+    spec:
+      containers:
+      - name: exporter
+        image: mirror.gcr.io/prom/mysqld-exporter:latest
+        env:
+        - name: DATA_SOURCE_NAME
+          value: exporter@tcp(127.0.0.1)/
+      - name: mariadb
+        image: mirror.gcr.io/library/mariadb:12.1
+        imagePullPolicy: Always
+        env:
+        - name: MYSQL_ROOT_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: mariadb-secrets
+              key: MYSQL_ROOT_PASSWORD
+        - name: MYSQL_USER
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: MYSQL_DATABASE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: MYSQL_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: mariadb-secrets
+              key: MYSQL_PASSWORD
+        volumeMounts:
+        - name: mariadb-data
+          mountPath: /var/lib/mysql
+        - name: mariadb-init
+          mountPath: /docker-entrypoint-initdb.d
+      volumes:
+        - name: mariadb-init
+          configMap:
+            name: mariadb-init-config
+
+      # Make sure MariaDB instances run on storage{1..3} nodes, as close
+      # as possible to Longhorn instances
+      tolerations:
+      - key: dedicated
+        operator: Equal
+        value: storage
+        effect: NoSchedule
+      nodeSelector:
+        dedicated: storage
+  volumeClaimTemplates:
+  - metadata:
+      name: mariadb-data
+    spec:
+      storageClassName: ceph-rdb
+      accessModes:
+        - ReadWriteOnce
+      resources:
+        requests:
+          storage: 2Gi
+---
+apiVersion: codemowers.cloud/v1beta1
+kind: SecretClaim
+metadata:
+  name: mariadb-secrets
+spec:
+  size: 32
+  mapping:
+    - key: MYSQL_ROOT_PASSWORD
+      value: "%(plaintext)s"
+    - key: MYSQL_PASSWORD
+      value: "%(plaintext)s"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mariadb
+spec:
+  ports:
+    - protocol: TCP
+      port: 3306
+  selector:
+    app: mariadb
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: mariadb-init-config
+data:
+  initdb.sql: |
+    CREATE USER 'exporter'@'127.0.0.1' WITH MAX_USER_CONNECTIONS 3;
+    GRANT PROCESS, REPLICATION CLIENT, SLAVE MONITOR, SELECT ON *.* TO 'exporter'@'127.0.0.1';