kube/wildduck/mongo.yaml

---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
  name: wildduck-readwrite-password
spec:
  mapping:
    - key: password
      value: "%(plaintext)s"
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
  name: wildduck-readonly-password
spec:
  mapping:
    - key: password
      value: "%(plaintext)s"
---
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
  name: wildduck-mongodb
spec:
  additionalMongodConfig:
    systemLog:
      quiet: true
  members: 2
  arbiters: 1
  type: ReplicaSet
  version: "6.0.3"
  security:
    authentication:
      modes: ["SCRAM"]
  users:
    - name: readwrite
      db: application
      passwordSecretRef:
        name: wildduck-readwrite-password
      roles:
        - name: readWrite
          db: application
      scramCredentialsSecretName: wildduck-readwrite
    - name: readonly
      db: application
      passwordSecretRef:
        name: wildduck-readonly-password
      roles:
        - name: read
          db: application
      scramCredentialsSecretName: wildduck-readonly
  statefulSet:
    spec:
      logLevel: WARN
      template:
        spec:
          containers:
            - name: mongod
              resources:
                requests:
                  cpu: 100m
                  memory: 1Gi
                limits:
                  cpu: 4000m
                  memory: 1Gi
            - name: mongodb-agent
              resources:
                requests:
                  cpu: 1m
                  memory: 100Mi
                limits: {}
          affinity:
            podAntiAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                - labelSelector:
                    matchExpressions:
                      - key: app
                        operator: In
                        values:
                          - wildduck-svc
                  topologyKey: topology.kubernetes.io/zone
      volumeClaimTemplates:
        - metadata:
            name: logs-volume
          spec:
            storageClassName: mongo
            accessModes:
            - ReadWriteOnce
            resources:
              requests:
                storage: 512Mi
        - metadata:
            name: data-volume
          spec:
            storageClassName: mongo
            accessModes:
            - ReadWriteOnce
            resources:
              requests:
                storage: 10Gi