Skip to content

Commit 79779cf

Browse files
committed
Update cluster.yaml
1 parent 101c192 commit 79779cf

1 file changed

Lines changed: 27 additions & 11 deletions

File tree

infrastructure/database/cloudnative-pg/immich/cluster.yaml

Lines changed: 27 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,31 @@ spec:
2525
pg_hba:
2626
- host all all 0.0.0.0/0 md5
2727
# === NORMAL OPERATION ===
28+
# bootstrap:
29+
# initdb:
30+
# database: immich
31+
# owner: immich
32+
# secret:
33+
# name: immich-app-secret
34+
# postInitApplicationSQL:
35+
# - CREATE EXTENSION IF NOT EXISTS vchord CASCADE;
36+
# - CREATE EXTENSION IF NOT EXISTS vector;
37+
# - CREATE EXTENSION IF NOT EXISTS earthdistance CASCADE;
38+
# - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "immich";
39+
# - GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO "immich";
40+
# - ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "immich";
41+
# - ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO "immich";
42+
# === DISASTER RECOVERY ===
43+
# 1. Comment out the initdb bootstrap above
44+
# 2. Uncomment the recovery bootstrap + externalClusters below
45+
# 3. Update serverName in externalClusters to match CURRENT backup.serverName (immich-database-v3)
46+
# 4. Bump backup.serverName to next version (e.g. immich-database-v3)
47+
# 5. Apply directly with: kubectl kustomize ... | kubectl create -f -
48+
# (ArgoCD SSA + CNPG webhook = initdb always wins, must bypass ArgoCD)
49+
# 6. After recovery completes, revert to initdb and push
50+
# IMPORTANT: keep backup.serverName at the bumped value (e.g. v3), do NOT revert to v2.
51+
# For the next DR event, recovery source becomes v3 and backup target becomes v4.
52+
#
2853
bootstrap:
2954
initdb:
3055
database: immich
@@ -39,22 +64,13 @@ spec:
3964
- GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO "immich";
4065
- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO "immich";
4166
- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO "immich";
42-
# === DISASTER RECOVERY ===
43-
# 1. Comment out the initdb bootstrap above
44-
# 2. Uncomment the recovery bootstrap + externalClusters below
45-
# 3. Update serverName in externalClusters to match CURRENT backup.serverName (immich-database-v2)
46-
# 4. Bump backup.serverName to next version (e.g. immich-database-v3)
47-
# 5. Apply directly with: kubectl kustomize ... | kubectl create -f -
48-
# (ArgoCD SSA + CNPG webhook = initdb always wins, must bypass ArgoCD)
49-
# 6. After recovery completes, revert to initdb and push
50-
#
5167
# bootstrap:
5268
# recovery:
5369
# source: immich-backup
5470
# externalClusters:
5571
# - name: immich-backup
5672
# barmanObjectStore:
57-
# serverName: immich-database-v2
73+
# serverName: immich-database-v3
5874
# destinationPath: s3://postgres-backups/cnpg/immich
5975
# endpointURL: http://192.168.10.133:30293
6076
# s3Credentials:
@@ -77,7 +93,7 @@ spec:
7793
enablePodMonitor: true
7894
backup:
7995
barmanObjectStore:
80-
serverName: immich-database-v2
96+
serverName: immich-database-v3
8197
destinationPath: s3://postgres-backups/cnpg/immich
8298
endpointURL: http://192.168.10.133:30293
8399
s3Credentials:

0 commit comments

Comments
 (0)