first db deployment script

ci/prod/compose/vault/templates/backup/pass.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/ops/db/backup" -}}
+{{ .Data.data.user }}
+{{- end }}

ci/prod/compose/vault/templates/backup/user.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/ops/db/backup" -}}
+{{ .Data.data.user }}
+{{- end }}

ci/prod/compose/vault/templates/mongo/keyfile.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/sendico/db" -}}
+{{ .Data.data.key }}
+{{- end }}

ci/prod/compose/vault/templates/mongo/pass.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/sendico/db" -}}
+{{ .Data.data.password }}
+{{- end }}

ci/prod/compose/vault/templates/mongo/user.ctmpl

@@ -0,0 +1,3 @@
+{{ with secret "kv/data/sendico/db" -}}
+{{ .Data.data.user }}
+{{- end }}

ci/prod/compose/vault/templates/pbm/config.ctmpl

@@ -0,0 +1,16 @@
+# Rendered by Vault Agent; contains no secrets.
+storage:
+  type: s3
+  s3:
+    endpointUrl: "{{ env "PBM_S3_ENDPOINT" }}"
+    region: "{{ env "PBM_S3_REGION" }}"
+    bucket: "{{ env "PBM_S3_BUCKET" }}"
+    forcePathStyle: true
+
+pitr:
+  enabled: true
+  oplogSpanMin: 10
+  compression: "s2"
+
+backup:
+  compression: "s2"

ci/prod/compose/vault/templates/pbm/env.ctmpl

@@ -0,0 +1,3 @@
+# Rendered by Vault Agent. Contains only secrets.
+AWS_ACCESS_KEY_ID={{ with secret "kv/data/s3/backup" -}}{{ .Data.data.access_key_id }}{{- end }}
+AWS_SECRET_ACCESS_KEY={{ with secret "kv/data/s3/backup" -}}{{ .Data.data.secret_access_key }}{{- end }}