diff --git a/clusters/cl01tl/platform/stalwart/templates/elasticsearch.yaml b/clusters/cl01tl/platform/stalwart/templates/elasticsearch.yaml new file mode 100644 index 000000000..dd69b480c --- /dev/null +++ b/clusters/cl01tl/platform/stalwart/templates/elasticsearch.yaml @@ -0,0 +1,29 @@ +apiVersion: elasticsearch.k8s.elastic.co/v1 +kind: Elasticsearch +metadata: + name: elasticsearch-stalwart + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: elasticsearch-stalwart + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + version: 8.16.1 + auth: + fileRealm: + - secretName: stalwart-elasticsearch-secret + nodeSets: + - name: default + count: 1 + config: + node.store.allow_mmap: false + volumeClaimTemplates: + - metadata: + name: elasticsearch-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: ceph-block diff --git a/clusters/cl01tl/platform/stalwart/templates/external-secret.yaml b/clusters/cl01tl/platform/stalwart/templates/external-secret.yaml index 9595ec647..5ff58199e 100644 --- a/clusters/cl01tl/platform/stalwart/templates/external-secret.yaml +++ b/clusters/cl01tl/platform/stalwart/templates/external-secret.yaml @@ -19,6 +19,27 @@ spec: key: /cl01tl/stalwart/config metadataPolicy: None property: ELASTIC_PASSWORD + - secretKey: username + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/stalwart/elasticsearch + metadataPolicy: None + property: username + - secretKey: password + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/stalwart/elasticsearch + metadataPolicy: None + property: password + - secretKey: roles + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/stalwart/elasticsearch + metadataPolicy: None + property: roles --- apiVersion: external-secrets.io/v1