From 018de589be5b65ffdf50c31c5b102ef39c4acdc4 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Tue, 16 Dec 2025 22:51:23 -0600 Subject: [PATCH] replace with chart --- clusters/cl01tl/helm/immich/Chart.lock | 7 +- clusters/cl01tl/helm/immich/Chart.yaml | 4 + .../immich/templates/external-secrets.yaml | 171 ------------------ .../immich/templates/replication-source.yaml | 82 --------- clusters/cl01tl/helm/immich/values.yaml | 12 ++ 5 files changed, 21 insertions(+), 255 deletions(-) delete mode 100644 clusters/cl01tl/helm/immich/templates/replication-source.yaml diff --git a/clusters/cl01tl/helm/immich/Chart.lock b/clusters/cl01tl/helm/immich/Chart.lock index 1b1ad630d..ee0015573 100644 --- a/clusters/cl01tl/helm/immich/Chart.lock +++ b/clusters/cl01tl/helm/immich/Chart.lock @@ -8,5 +8,8 @@ dependencies: - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:f0fb98c302e8749494c4ebe612cd9ea69e9b11d062dc5a16710dffd13802f475 -generated: "2025-12-15T15:31:14.966284-06:00" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:b7a63486b9e51b2eda855b18a884f5c73e6c8c195f23e002d06ffe5f3030c559 +generated: "2025-12-16T22:50:30.467522-06:00" diff --git a/clusters/cl01tl/helm/immich/Chart.yaml b/clusters/cl01tl/helm/immich/Chart.yaml index d1557b686..4f67e7242 100644 --- a/clusters/cl01tl/helm/immich/Chart.yaml +++ b/clusters/cl01tl/helm/immich/Chart.yaml @@ -25,5 +25,9 @@ dependencies: - name: redis-replication version: 0.5.0 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-data + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/immich.png appVersion: v2.3.1 diff --git a/clusters/cl01tl/helm/immich/templates/external-secrets.yaml b/clusters/cl01tl/helm/immich/templates/external-secrets.yaml index 8229e7e3d..418f75a44 100644 --- a/clusters/cl01tl/helm/immich/templates/external-secrets.yaml +++ b/clusters/cl01tl/helm/immich/templates/external-secrets.yaml @@ -20,177 +20,6 @@ spec: metadataPolicy: None property: immich.json ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: immich-data-backup-secret-local - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-secret-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: immich-data-backup-secret-remote - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-secret-remote - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: immich-data-backup-secret-external - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-secret-external - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/immich/immich" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/immich/templates/replication-source.yaml b/clusters/cl01tl/helm/immich/templates/replication-source.yaml deleted file mode 100644 index 78758f1ed..000000000 --- a/clusters/cl01tl/helm/immich/templates/replication-source.yaml +++ /dev/null @@ -1,82 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: immich-data-backup-source-local - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-source-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: immich - trigger: - schedule: 0 2 * * * - restic: - pruneIntervalDays: 7 - repository: immich-data-backup-secret-local - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 50Gi - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: immich-data-backup-source-remote - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-source-remote - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: immich - trigger: - schedule: 0 3 * * * - restic: - pruneIntervalDays: 7 - repository: immich-data-backup-secret-remote - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 50Gi - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: immich-data-backup-source-external - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: immich-data-backup-source-external - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: immich - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: immich-data-backup-secret-external - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 50Gi diff --git a/clusters/cl01tl/helm/immich/values.yaml b/clusters/cl01tl/helm/immich/values.yaml index 829076ee0..760f896d5 100644 --- a/clusters/cl01tl/helm/immich/values.yaml +++ b/clusters/cl01tl/helm/immich/values.yaml @@ -117,6 +117,7 @@ immich: mountPropagation: None subPath: immich.json data: + forceRename: immich storageClass: ceph-block accessMode: ReadWriteOnce size: 50Gi @@ -202,3 +203,14 @@ redis-replication: redisSentinel: enabled: true clusterSize: 3 +volsync-target-config: + pvcTarget: immich + local: + restic: + cacheCapacity: 10Gi + remote: + restic: + cacheCapacity: 10Gi + external: + restic: + cacheCapacity: 10Gi