apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: postgresql namespace: postgresql spec: chart: spec: version: "13.0.8" values: global: security: allowInsecureImages: true image: registry: cr.yandex/crp3ccidau046kdj8g9q repository: contour/postgresql tag: "13.0.8" pullPolicy: IfNotPresent postgresqlSharedPreloadLibraries: "timescaledb,pg_stat_statements" primary: containerSecurityContext: readOnlyRootFilesystem: false extendedConfiguration: |- fsync = off full_page_writes = off synchronous_commit = off shared_buffers = 8GB effective_cache_size = 18GB work_mem = 256MB maintenance_work_mem = 2GB temp_buffers = 256MB max_wal_size = 32GB checkpoint_timeout = 1h checkpoint_completion_target = 0.9 wal_level = minimal max_wal_senders = 0 archive_mode = off random_page_cost = 1.1 resources: requests: cpu: "6" memory: 25Gi limits: cpu: "6" memory: 25Gi nodeSelector: dedicated: sts tolerations: - key: dedicated operator: Equal value: sts effect: NoSchedule persistence: storageClass: database-storage size: 500Gi metrics: containerSecurityContext: readOnlyRootFilesystem: false contour: enabled: true vault: enabled: true role: postgresql-contour authPath: auth/kubernetes secretPath: secrets/data/yc-infra-prod/infra/postgresql_contour/postgresql_contour_secret secretKey: postgres-password usersSecretPath: secrets/data/yc-infra-prod/infra/postgresql_contour/postgresql_users_secret sharedPreloadLibraries: "timescaledb,pg_stat_statements" "s3-proxy": endpointUrl: "s3-proxy-service.postgresql.svc.cluster.local" databases: - name: sanitizer user: sanitizer passwordKey: sanitizer extensions: - ltree - pg_stat_statements - postgis - timescaledb - uuid-ossp - pg_trgm - btree_gin - btree_gist - hstore - pg_partman - vector restoreFromDump: false