Skip to content

Commit

Permalink
feat(db): better db credentials handling, added max conns and connect…
Browse files Browse the repository at this point in the history
…ion retries
  • Loading branch information
guerzon committed Jun 7, 2023
1 parent eacec7c commit 66bdf00
Show file tree
Hide file tree
Showing 4 changed files with 58 additions and 16 deletions.
38 changes: 29 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,22 @@ database:
uriOverride: "postgresql://appuser:[email protected]:5433/qualdb"
```

Alternatively, you could create a Kubernetes secret containing the database URI:

```bash
DB_STRING_B64=$(echo -n 'postgresql://appuser:[email protected]:5433/qualdb' | base64 -w 0)
kubectl -n vaultwarden create secret generic prod-db-creds --from-literal=secret-uri=$DB_STRING_B64
```

Then pass the name of the secret and the key to the chart:

```yaml
database:
type: postgresql
existingSecret: "prod-db-creds"
existingSecretKey: "secret-uri"
```

Detailed configuration options can be found in the [Database Configuration](#database-configuration) section below.

### SSL and Ingress
Expand Down Expand Up @@ -268,15 +284,19 @@ Detailed configuration options can be found in the [Storage Configuration](#stor

### Database Configuration

| Name | Description | Value |
| ---------------------- | ----------------------------------------- | --------- |
| `database.type` | Database type, either mysql or postgresql | `default` |
| `database.host` | Database hostname or IP address | `""` |
| `database.port` | Database port | `""` |
| `database.username` | Database username | `""` |
| `database.password` | Database password | `""` |
| `database.dbName` | Database name | `""` |
| `database.uriOverride` | Manually specify the DB connection string | `""` |
| Name | Description | Value |
| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | --------- |
| `database.type` | Database type, either mysql or postgresql | `default` |
| `database.host` | Database hostname or IP address | `""` |
| `database.port` | Database port | `""` |
| `database.username` | Database username | `""` |
| `database.password` | Database password | `""` |
| `database.dbName` | Database name | `""` |
| `database.uriOverride` | Manually specify the DB connection string | `""` |
| `database.existingSecret` | Name of an existing secret containing the database URI | `""` |
| `database.existingSecretKey` | Key in the existing secret | `""` |
| `database.connectionRetries` | Number of times to retry the database connection during startup, with 1 second delay between each retry, set to 0 to retry indefinitely. | `15` |
| `database.maxConnections` | Define the size of the connection pool used for connecting to the database. | `10` |

### SMTP Configuration

Expand Down
9 changes: 2 additions & 7 deletions templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,6 @@ metadata:
{{- include "vaultwarden.labels" . | nindent 4 }}
data:
DOMAIN: {{ .Values.domain | quote }}
{{- if ne "default" .Values.database.type }}
{{- if .Values.database.uriOverride }}
DATABASE_URL: {{ .Values.database.uriOverride }}
{{- else }}
DATABASE_URL: {{ include "dbString" . | quote }}
{{- end }}
{{- end }}
{{- if and .Values.smtp.host .Values.smtp.from | quote }}
SMTP_HOST: {{ .Values.smtp.host | quote }}
SMTP_SECURITY: {{ .Values.smtp.security | quote }}
Expand Down Expand Up @@ -46,3 +39,5 @@ data:
LOG_FILE: {{ .Values.logging.logfile | quote }}
LOG_LEVEL: {{ .Values.logging.loglevel | quote }}
{{- end }}
DB_CONNECTION_RETRIES: {{ .Values.database.connectionRetries }}
DATABASE_MAX_CONNS: {{ .Values.database.maxConnections }}
15 changes: 15 additions & 0 deletions templates/statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,21 @@ spec:
secretKeyRef:
name: {{ default (include "vaultwarden.fullname" .) .Values.adminToken.existingSecret }}
key: {{ default "ADMIN_TOKEN" .Values.adminToken.existingSecretKey }}
{{- if ne "default" .Values.database.type }}
- name: DATABASE_URL
{{- if .Values.database.existingSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.database.existingSecret }}
key: {{ .Values.database.existingSecretKey }}
{{- else }}
{{- if .Values.database.uriOverride }}
value: {{ .Values.database.uriOverride }}
{{- else }}
value: {{ include "dbString" . | quote }}
{{- end }}
{{- end }}
{{- end }}
ports:
- containerPort: 8080
name: http
Expand Down
12 changes: 12 additions & 0 deletions values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,18 @@ database:
## @param database.uriOverride Manually specify the DB connection string
##
uriOverride: ""
## @param database.existingSecret Name of an existing secret containing the database URI
##
existingSecret: ""
## @param database.existingSecretKey Key in the existing secret
##
existingSecretKey: ""
## @param database.connectionRetries Number of times to retry the database connection during startup, with 1 second delay between each retry, set to 0 to retry indefinitely.
##
connectionRetries: 15
## @param database.maxConnections Define the size of the connection pool used for connecting to the database.
##
maxConnections: 10

## @section SMTP Configuration
##
Expand Down

0 comments on commit 66bdf00

Please sign in to comment.