From 2270144e510332209025bc2de2f8e0defeaa7fb9 Mon Sep 17 00:00:00 2001
From: kisfenyo <kisfenyo@dooplex.local>
Date: Sat, 27 Dec 2025 16:41:41 +0100
Subject: [PATCH] added cnpg operator values

---
 argocd-apps/homelab.yaml         | 22 ++++++++----
 database-system/cnpg/values.yaml | 58 ++++++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+), 7 deletions(-)
 create mode 100644 database-system/cnpg/values.yaml

diff --git a/argocd-apps/homelab.yaml b/argocd-apps/homelab.yaml
index ee1f0dc..b451155 100644
--- a/argocd-apps/homelab.yaml
+++ b/argocd-apps/homelab.yaml
@@ -470,13 +470,21 @@ metadata:
 spec:
   project: default
   
-  source:
-    repoURL: https://cloudnative-pg.github.io/charts
-    chart: cloudnative-pg
-    targetRevision: 0.27.0
-    helm:
-      releaseName: cnpg
-  
+  sources:
+    # Source 1: Helm chart
+    - repoURL: https://cloudnative-pg.github.io/charts
+      chart: cloudnative-pg
+      targetRevision: 0.27.0
+      helm:
+        releaseName: cnpg
+        # Reference values file from git
+        valueFiles:
+          - $values/database-system/cnpg/values.yaml
+    
+    # Source 2: Values file from git
+    - repoURL: http://gitea.gitea-system.svc.cluster.local:3000/admin/homelab-manifests.git
+      targetRevision: main
+      ref: values  
   destination:
     server: https://kubernetes.default.svc
     namespace: cnpg-system
diff --git a/database-system/cnpg/values.yaml b/database-system/cnpg/values.yaml
new file mode 100644
index 0000000..83e5924
--- /dev/null
+++ b/database-system/cnpg/values.yaml
@@ -0,0 +1,58 @@
+---
+# CloudNativePG Operator Helm Values
+# Enable cert-manager for webhook certificates
+
+# Webhook configuration with cert-manager
+webhook:
+  # Port for the webhook server
+  port: 9443
+  # Mutual TLS for the webhook
+  mutualTLS:
+    enabled: false
+  
+  # IMPORTANT: Enable cert-manager for certificate generation
+  # This creates a Certificate resource that cert-manager will fulfill
+  certManager:
+    enabled: true
+    
+    # Certificate issuer (use your existing cluster-issuer)
+    issuer:
+      # Use ClusterIssuer (not namespaced Issuer)
+      kind: ClusterIssuer
+      # This should match your existing cert-manager ClusterIssuer
+      # Common names: letsencrypt-prod, selfsigned-issuer, ca-issuer
+      name: "letsencrypt-prod"  # CHANGE THIS to match your issuer
+    
+    # Certificate configuration
+    certificate:
+      # Certificate duration (default: 2160h = 90 days)
+      duration: 2160h
+      # Renew before expiry (default: 720h = 30 days)
+      renewBefore: 720h
+
+# Monitoring
+monitoring:
+  # Enable PodMonitor for Prometheus
+  podMonitorEnabled: true
+  
+# Resource limits (adjust based on your needs)
+resources:
+  limits:
+    cpu: 200m
+    memory: 512Mi
+  requests:
+    cpu: 100m
+    memory: 256Mi
+
+# Replicas (1 is fine for homelab)
+replicaCount: 1
+
+# Image configuration (optional - use defaults)
+# image:
+#   repository: ghcr.io/cloudnative-pg/cloudnative-pg
+#   tag: 1.28.0
+
+# Service configuration
+service:
+  type: ClusterIP
+  port: 8080