From f4612d96b39c9a00f15c04161e910f5456a598ae Mon Sep 17 00:00:00 2001 From: Erki Aas Date: Tue, 23 Dec 2025 00:16:55 +0200 Subject: [PATCH] Run inventory mongo as rs --- hackerspace/mongo.yaml | 39 ++++++++++++++++++++++++++++++++++++--- 1 file changed, 36 insertions(+), 3 deletions(-) diff --git a/hackerspace/mongo.yaml b/hackerspace/mongo.yaml index 4e1e1b8..a835792 100644 --- a/hackerspace/mongo.yaml +++ b/hackerspace/mongo.yaml @@ -15,12 +15,28 @@ spec: app: mongodb spec: terminationGracePeriodSeconds: 10 + initContainers: + - name: app + image: busybox + command: ["sh", "-c"] + args: + - | + cp /keyfile/keyfile /data/db/keyfile && chmod 400 /data/db/keyfile + volumeMounts: + - name: data + mountPath: /data/db + - name: mongodb-keyfile + readOnly: true + mountPath: "/keyfile" containers: - name: mongodb image: mongo:8 ports: - containerPort: 27017 name: mongo + args: + - "--replSet=rs0" + - "--keyFile=/data/db/keyfile" env: - name: MONGO_INITDB_ROOT_USERNAME value: "root" @@ -39,10 +55,17 @@ spec: name: mongodb-user-password key: MONGO_PASS - name: MONGO_AUTHSOURCE - value: "admin" + value: "admin" volumeMounts: - name: data mountPath: /data/db + - name: mongodb-keyfile + readOnly: true + mountPath: "/keyfile" + volumes: + - name: mongodb-keyfile + secret: + secretName: mongodb-keyfile volumeClaimTemplates: - metadata: name: data @@ -65,6 +88,16 @@ spec: --- apiVersion: codemowers.cloud/v1beta1 kind: SecretClaim +metadata: + name: mongodb-keyfile +spec: + size: 64 + mapping: + - key: keyfile + value: "%(plaintext)s" +--- +apiVersion: codemowers.cloud/v1beta1 +kind: SecretClaim metadata: name: mongodb-user-password spec: @@ -73,12 +106,12 @@ spec: - key: MONGO_PASS value: "%(plaintext)s" - key: MONGO_URI - value: "mongodb://application:%(plaintext)s@mongodb/application&authSource=admin" + value: "mongodb://application:%(plaintext)s@mongodb-0/application&authSource=admin" --- apiVersion: v1 kind: Service metadata: - name: mongodb + name: mongodb-0 spec: ports: - port: 27017