From a07cfd7c56dbfae2adee2b8c39266029ea862217 Mon Sep 17 00:00:00 2001
From: Remy Moll <me@moll.re>
Date: Tue, 19 Nov 2024 17:23:54 +0100
Subject: [PATCH] gitea auth fix?

---
 infrastructure/gitea/gitea.values.yaml |  1 +
 infrastructure/pg-ha/README.md         | 22 +++++++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/infrastructure/gitea/gitea.values.yaml b/infrastructure/gitea/gitea.values.yaml
index e11fa65..744e534 100644
--- a/infrastructure/gitea/gitea.values.yaml
+++ b/infrastructure/gitea/gitea.values.yaml
@@ -125,6 +125,7 @@ gitea:
       existingSecret: gitea-oauth
       required-claim-name: groups
       required-claim-value: gitea
+      group-claim-name: groups
       admin-group: apps_admin
 
   
diff --git a/infrastructure/pg-ha/README.md b/infrastructure/pg-ha/README.md
index 6486ea9..00887c6 100644
--- a/infrastructure/pg-ha/README.md
+++ b/infrastructure/pg-ha/README.md
@@ -1,3 +1,23 @@
 # Rebuilding the kluster
 
-When rebuilding the kluster from scratch, the CNPG containers 
\ No newline at end of file
+When rebuilding the kluster from scratch, the CNPG containers will be considered as new and will be set up according to their `initdb` config.
+
+Since most of the clusters here are formally defined as a fresh clusters, the following will happen:
+- in the relevant PVC the `pgdata` folder will be renamed to `pgdata-old`
+- a fresh `pgdata` folder will be created
+- a database with RBAC as defined in the `initdb` config will be created
+
+This is problematic since the PVC content is the actual state of the database in the present setup. In order to get back to a functional state, some manual intervention is therefore required.
+
+1. Bootstrap the kubernetes cluster
+2. Wait for the CNPG containers to be up and running - they will be setup fresh at this point
+3. follow the procedure from [https://cloudnative-pg.io/documentation/1.20/declarative_hibernation/](https://cloudnative-pg.io/documentation/1.20/declarative_hibernation/):
+    - hibernate the postgresql cluster
+    - wait for the pod to be shut down
+    - copy the `pgdata-old` content to the `pgdata` folder
+    - de-hibernate the postgresql cluster
+4. The database should now be in a functional state
+
+
+
+Also see https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#preserving-changes-made-to-an-applications-annotations-and-labels
\ No newline at end of file