9c93e74318
- Drop @supabase/supabase-js entirely; add drizzle-orm + postgres (porsager) driver - New packages/db: schema (pgSchema ordinarthur_os), client factory, migrate runner, drizzle-kit config - SQL migrations: 0000_init (pgcrypto + schema), 0001_jobs (jobs + job_search_criteria, no RLS) - Rewrite apps/api db module with DI symbols DB/DB_HANDLE + @InjectDb() decorator - Rewrite jobs.service.ts with Drizzle queries (upsert via onConflictDoUpdate, arrayOverlaps for stack filter) - Replace SUPABASE_* env vars with DATABASE_URL in env config + .env.example - Add docker-compose.yml (Postgres 16-alpine, dev only) - Add deploy/k8s/postgres.yaml (StatefulSet + PVC), migrate.job.yaml, updated secrets.template.yaml - Update all docs (README, PLAN, ARCHITECTURE, CLAUDE.md, AGENTS.md, packages/db/README.md) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
67 lines
2.0 KiB
YAML
67 lines
2.0 KiB
YAML
# Postgres standalone pour ordinarthur-os.
|
|
# Single-user, faible volume → 1 replica + PVC. Backup via backup.cronjob.yaml.
|
|
#
|
|
# Secrets attendus dans `ordinarthur-os-db-secrets` (cf. secrets.template.yaml) :
|
|
# POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB
|
|
#
|
|
# `DATABASE_URL` consommé par l'API est injecté depuis `ordinarthur-os-secrets`
|
|
# et doit pointer vers `postgres.ordinarthur-os.svc.cluster.local:5432/<POSTGRES_DB>`.
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: postgres
|
|
namespace: ordinarthur-os
|
|
spec:
|
|
clusterIP: None
|
|
selector: { app: postgres }
|
|
ports:
|
|
- name: postgres
|
|
port: 5432
|
|
targetPort: 5432
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: postgres
|
|
namespace: ordinarthur-os
|
|
spec:
|
|
serviceName: postgres
|
|
replicas: 1
|
|
selector: { matchLabels: { app: postgres } }
|
|
template:
|
|
metadata: { labels: { app: postgres } }
|
|
spec:
|
|
containers:
|
|
- name: postgres
|
|
image: postgres:16-alpine
|
|
ports:
|
|
- containerPort: 5432
|
|
name: postgres
|
|
envFrom:
|
|
- secretRef: { name: ordinarthur-os-db-secrets }
|
|
env:
|
|
- { name: PGDATA, value: /var/lib/postgresql/data/pgdata }
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /var/lib/postgresql/data
|
|
readinessProbe:
|
|
exec: { command: ["pg_isready", "-U", "$(POSTGRES_USER)", "-d", "$(POSTGRES_DB)"] }
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
livenessProbe:
|
|
exec: { command: ["pg_isready", "-U", "$(POSTGRES_USER)", "-d", "$(POSTGRES_DB)"] }
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 30
|
|
resources:
|
|
requests: { cpu: 50m, memory: 128Mi }
|
|
limits: { cpu: 1000m, memory: 512Mi }
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: data
|
|
spec:
|
|
accessModes: ["ReadWriteOnce"]
|
|
resources:
|
|
requests: { storage: 5Gi }
|
|
# storageClassName: à définir selon le cluster (local-path par défaut sur k3s)
|