homelab/apps
1
0
Fork 0
mirror of https://github.com/morten-olsen/homelab-apps.git synced 2026-02-08 01:36:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f42a16765326c7804f1ab1783c28a600dd8f795b
apps/scripts/fix_immich_db_config.sh
Morten Olsen 71feab50b1 add database to immich
2026-01-03 12:50:00 +01:00

80 lines
2.3 KiB
Bash
Raw Blame History

#!/bin/bash
set -e
RELEASE_NAME="immich"
NAMESPACE=""
# Try to find the namespace
for ns in immich default apps; do
if kubectl get configmap "${RELEASE_NAME}-db-config" -n "$ns" &>/dev/null; then
NAMESPACE="$ns"
break
fi
done
if [ -z "$NAMESPACE" ]; then
# Try to find from pod
POD_NAME="immich-server-6759ddb46c-c2cmq"
for ns in immich default apps; do
if kubectl get pod "$POD_NAME" -n "$ns" &>/dev/null; then
NAMESPACE="$ns"
break
fi
done
fi
if [ -z "$NAMESPACE" ]; then
echo "Error: Could not find immich resources. Please specify namespace manually."
echo "Usage: $0 <namespace>"
exit 1
fi
# Allow manual namespace override
if [ -n "$1" ]; then
NAMESPACE="$1"
fi
echo "Using namespace: $NAMESPACE"
# Get the password from the secret (double base64 decode)
echo "Getting password from secret..."
SECRET_B64=$(kubectl get secret "${RELEASE_NAME}-postgres-secret" -n "$NAMESPACE" -o jsonpath='{.data.password}')
if [ -z "$SECRET_B64" ]; then
echo "Error: Could not find secret ${RELEASE_NAME}-postgres-secret in namespace $NAMESPACE"
exit 1
fi
# Decode twice: Kubernetes base64 -> External Secrets base64 -> actual password
EXTERNAL_SECRETS_B64=$(echo "$SECRET_B64" | base64 -d)
PASSWORD=$(echo "$EXTERNAL_SECRETS_B64" | base64 -d)
if [ -z "$PASSWORD" ]; then
echo "Error: Failed to decode password"
exit 1
fi
echo "Password retrieved successfully"
# URL encode the password using Python (same as the Helm hook job does)
ENCODED_PASSWORD=$(python3 -c "import urllib.parse; import sys; print(urllib.parse.quote(sys.stdin.read().strip(), safe=''))" <<< "$PASSWORD")
# Construct the DB URL
DB_URL="postgresql://immich:${ENCODED_PASSWORD}@${RELEASE_NAME}-postgres.${NAMESPACE}.svc.cluster.local:5432/immich"
echo "Updating ConfigMap ${RELEASE_NAME}-db-config..."
# Update the ConfigMap
kubectl create configmap "${RELEASE_NAME}-db-config" \
--from-literal=url="${DB_URL}" \
--namespace="$NAMESPACE" \
--dry-run=client -o yaml | kubectl apply -f -
echo "ConfigMap updated successfully!"
# Restart the immich-server deployment to pick up the new ConfigMap
echo "Restarting immich-server deployment..."
kubectl rollout restart deployment "${RELEASE_NAME}-server" -n "$NAMESPACE"
echo "Done! The immich-server pod will restart with the correct database password."
Reference in New Issue View Git Blame Copy Permalink