fix: Add Rancher DB password ExternalSecret

2026-03-28 22:42:05 +00:00
parent 4c002a870c
commit 0f4f0b09fb
2 changed files with 22 additions and 0 deletions
--- a/infrastructure/addons/rancher/kustomization.yaml
+++ b/infrastructure/addons/rancher/kustomization.yaml
@@ -5,4 +5,5 @@ resources:
  - helmrepository-rancher.yaml
  - helmrelease-rancher.yaml
  - rancher-bootstrap-password-externalsecret.yaml
+  - rancher-db-password-externalsecret.yaml
  - rancher-tailscale-service.yaml
--- a/infrastructure/addons/rancher/rancher-db-password-externalsecret.yaml
+++ b/infrastructure/addons/rancher/rancher-db-password-externalsecret.yaml
@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: rancher-db-password
+  namespace: cattle-system
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: doppler-hetznerterra
+    kind: ClusterSecretStore
+  target:
+    name: rancher-db-password
+    creationPolicy: Owner
+    template:
+      type: Opaque
+      data:
+        password: "{{ .RANCHER_DB_PASSWORD }}"
+  data:
+    - secretKey: RANCHER_DB_PASSWORD
+      remoteRef:
+        key: RANCHER_DB_PASSWORD