apiVersion: v1
kind: ConfigMap
metadata:
  name: postgres
data: 
  pg_hba.conf: |+
    # TYPE  DATABASE        USER            ADDRESS                 METHOD
    host     replication     replicationuser         0.0.0.0/0        md5
    # "local" is for Unix domain socket connections only
    local   all             all                                     trust
    # IPv4 local connections:
    host    all             all             127.0.0.1/32            trust
    # IPv6 local connections:
    host    all             all             ::1/128                 trust
    # Allow replication connections from localhost, by a user with the
    # replication privilege.
    local   replication     all                                     trust
    host    replication     all             127.0.0.1/32            trust
    host    replication     all             ::1/128                 trust

    host all all all scram-sha-256
  postgresql.conf: |+
    data_directory = '/data/pgdata'
    hba_file = '/config/pg_hba.conf'
    ident_file = '/config/pg_ident.conf'

    port = 5432
    listen_addresses = '*'
    max_connections = 100
    shared_buffers = 128MB
    dynamic_shared_memory_type = posix
    max_wal_size = 1GB
    min_wal_size = 80MB
    log_timezone = 'Etc/UTC'
    datestyle = 'iso, mdy'
    timezone = 'Etc/UTC'

    #locale settings
    lc_messages = 'en_US.utf8'			# locale for system error message
    lc_monetary = 'en_US.utf8'			# locale for monetary formatting
    lc_numeric = 'en_US.utf8'			# locale for number formatting
    lc_time = 'en_US.utf8'				# locale for time formatting

    default_text_search_config = 'pg_catalog.english'

    #replication
    wal_level = replica
    archive_mode = on
    archive_command = 'test ! -f /data/archive/%f && cp %p /data/archive/%f'
    max_wal_senders = 3
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: postgres
spec:
  selector:
    matchLabels:
      app: postgres
  serviceName: "postgres"
  replicas: 1
  template:
    metadata:
      labels:
        app: postgres
    spec:
      terminationGracePeriodSeconds: 30
      initContainers:
      - name: init
        image: postgres:15.0
        command: [ "bash", "-c" ]
        args:
        - |
          #create archive directory
          mkdir -p /data/archive && chown -R 999:999 /data/archive
        volumeMounts:
        - name: data
          mountPath: /data
          readOnly: false
      containers:
      - name: postgres
        image: postgres:15.0
        args: ["-c", "config_file=/config/postgresql.conf"]
        ports:
        - containerPort: 5432
          name: database
        env:
        - name: PGDATA
          value: "/data/pgdata"
        - name: POSTGRES_USER
          valueFrom:
            secretKeyRef:
              name: postgresql
              key: POSTGRES_USER
              optional: false
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgresql
              key: POSTGRES_PASSWORD
              optional: false
        - name: POSTGRES_DB
          valueFrom:
            secretKeyRef:
              name: postgresql
              key: POSTGRES_DB
              optional: false
        volumeMounts:
        - name: config
          mountPath: /config
          readOnly: false
        - name: data
          mountPath: /data
          readOnly: false
      volumes:
      - name: config
        configMap:
          name: postgres
          defaultMode: 0755
  volumeClaimTemplates:
  - metadata:
      name: data
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: "standard"
      resources:
        requests:
          storage: 100Mi
---
apiVersion: v1
kind: Service
metadata:
  name: postgres
  labels:
    app: postgres
spec:
  ports:
  - port: 5432
    targetPort: 5432
    name: postgres
  clusterIP: None
  selector:
    app: postgres