From 0ae7cd24b57f66f9465398bfac7c9a76b2021ce7 Mon Sep 17 00:00:00 2001
From: GeorgeRaven <GeorgeRavenCommunity@pm.me>
Date: Tue, 20 Jan 2026 00:29:42 +0000
Subject: [PATCH] Added cnpg blue restore

Changelog: added
Signed-off-by: GeorgeRaven <GeorgeRavenCommunity@pm.me>
---
 .../keycloak/templates/cnpg/cluster-blue.yaml | 55 +++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 charts/keycloak/templates/cnpg/cluster-blue.yaml

diff --git a/charts/keycloak/templates/cnpg/cluster-blue.yaml b/charts/keycloak/templates/cnpg/cluster-blue.yaml
new file mode 100644
index 00000000..669b9fb1
--- /dev/null
+++ b/charts/keycloak/templates/cnpg/cluster-blue.yaml
@@ -0,0 +1,55 @@
+{{- if .Values.psql.enabled }}
+# https://blog.palark.com/cloudnativepg-and-other-kubernetes-operators-for-postgresql/
+# https://cloudnative-pg.io/documentation/current/rolling_update/#automated-updates-unsupervised
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: psql-blue
+spec:
+
+  instances: 2
+  imageName: ghcr.io/cloudnative-pg/postgresql:17.5 # renovate: datasource=docker depName=ghcr.io/cloudnative-pg/postgresql
+  primaryUpdateStrategy: unsupervised # enables automated updates
+  primaryUpdateMethod: switchover # how to handle updates switch to new or restart old primary
+  enablePDB: false
+  storage:
+    size: 8Gi
+
+  bootstrap:
+    recovery:
+      backup:
+        name: psql-daily-backup-20260118000000
+
+    initdb:
+      database: keycloak
+      owner: keycloak
+      secret:
+        name: psql
+      dataChecksums: true
+      #encoding: 'LATIN1'
+      encoding: 'UTF8'
+
+  managed:
+    roles:
+    - name: keycloak
+      ensure: present
+      comment: keycloak database user
+      login: true
+      superuser: true
+      passwordSecret:
+        name: psql
+
+  resources:
+    requests:
+      cpu: 150m
+    limits:
+      memory: 400Mi
+
+  backup:
+    retentionPolicy: "10d"
+    volumeSnapshot:
+      online: true
+      onlineConfiguration:
+        immediateCheckpoint: true
+      snapshotOwnerReference: backup
+{{- end }}