bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-19 11:55:17 +01:00
parent 21d35ea92b
commit 35f164f0cd
311 changed files with 13241 additions and 3700 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/database-security.md
View File

@@ -324,12 +324,12 @@ log_line_prefix = '%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '
**Renewal Process:**
```bash
# 1. Regenerate certificates (90 days before expiry)
cd infrastructure/tls && ./generate-certificates.sh
cd infrastructure/security/certificates && ./generate-certificates.sh
# 2. Update Kubernetes secrets
kubectl delete secret postgres-tls redis-tls -n bakery-ia
kubectl apply -f infrastructure/kubernetes/base/secrets/postgres-tls-secret.yaml
kubectl apply -f infrastructure/kubernetes/base/secrets/redis-tls-secret.yaml
kubectl apply -f infrastructure/environments/dev/k8s-manifests/base/secrets/postgres-tls-secret.yaml
kubectl apply -f infrastructure/environments/dev/k8s-manifests/base/secrets/redis-tls-secret.yaml
# 3. Restart database pods (automatic)
kubectl rollout restart deployment -l app.kubernetes.io/component=database -n bakery-ia
@@ -351,7 +351,7 @@ kubectl rollout restart deployment -l app.kubernetes.io/component=database -n ba
./scripts/update-k8s-secrets.sh
# 4. Apply secrets
kubectl apply -f infrastructure/kubernetes/base/secrets.yaml
kubectl apply -f infrastructure/environments/common/configs/secrets.yaml
# 5. Restart databases and services
kubectl rollout restart deployment -n bakery-ia