The new tasks PWA (Reminders-style front-end over Nextcloud CalDAV, per tasks/docs/2026-07-03-tasks-pwa-design.md) needs its own Postgres database for Connected Accounts and sync state. Follows the tripit/job_hunter pattern exactly: idempotent null_resource creates role+db on the CNPG primary with a placeholder password, and the Vault database engine static role pg-tasks (added to the postgresql connection allowed_roles) rotates the real password every 7 days, consumed by the tasks stack via a vault-database ExternalSecret. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| postgres | ||
| chart_values.tpl | ||
| cluster.yaml | ||
| main.tf | ||
| mysql_chart_values.yaml | ||
| versions.tf | ||