# postgresql-ha-values.yaml.template
#
# Standalone PostgreSQL HA for railiance-platform (S3)
# Chart: bitnami/postgresql-ha  version: ~16.x (pin to 16.2.2 or latest stable)
#
# Usage:
#   1. Copy this file:
#        cp helm/postgresql-ha-values.yaml.template helm/postgresql-ha-values.sops.yaml
#   2. Fill in all CHANGEME_ values (passwords, storage class, replica count)
#   3. Encrypt with SOPS (age key must be loaded):
#        sops -e -i helm/postgresql-ha-values.sops.yaml
#   4. Deploy:
#        make pg-deploy
#
# Never commit the plaintext .template file with real passwords.
# The .sops.yaml file (encrypted) is what gets committed.
#
# NOTE: pgpoolPassword MUST match postgresql.pgpoolPassword.
#       This was the root cause of the 2026-03-10 incident (RAIL-BS-WP-0003).
#       Do not omit it.

global:
  postgresql:
    username: postgres
    password: CHANGEME_postgres_password
    database: postgres
    repmgrUsername: repmgr
    repmgrPassword: CHANGEME_repmgr_password

postgresql:
  replicaCount: 3          # all 3 pods on 1 node for now; set anti-affinity when 3 nodes exist
  password: CHANGEME_postgres_password           # must match global.postgresql.password
  postgresPassword: CHANGEME_postgres_superuser_password
  repmgrPassword: CHANGEME_repmgr_password       # must match global.postgresql.repmgrPassword
  # pgpoolPassword is the sr_check_password used by pgpool to probe replicas.
  # It MUST be set here to survive helm upgrade (see incident RAIL-BS-WP-0003).
  pgpoolPassword: CHANGEME_pgpool_sr_check_password

  persistence:
    enabled: true
    storageClass: ""        # use default StorageClass (local-path on single node; longhorn on 3 nodes)
    size: 10Gi

  podAntiAffinityPreset: "soft"   # soft = prefer spread; switch to "hard" when 3 nodes exist

pgpool:
  replicaCount: 1
  adminPassword: CHANGEME_pgpool_admin_password
  # numInitChildren controls max connections; default 32 is fine for single node
  numInitChildren: 32
  maxPool: 4
  # Connection load balancing
  loadBalancingOnWrite: "transaction"

  readinessProbe:
    enabled: true
  livenessProbe:
    enabled: true

# Metrics (optional — enable when Prometheus is deployed)
metrics:
  enabled: false
  serviceMonitor:
    enabled: false