diff --git a/clusters/cl01tl/helm/authentik/Chart.lock b/clusters/cl01tl/helm/authentik/Chart.lock index 9b850e501..eb6768feb 100644 --- a/clusters/cl01tl/helm/authentik/Chart.lock +++ b/clusters/cl01tl/helm/authentik/Chart.lock @@ -8,8 +8,5 @@ dependencies: - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts version: 6.16.1 -- name: postgres-cluster - repository: oci://harbor.alexlebens.net/helm-charts - version: 6.16.1 -digest: sha256:3baf363781e7b7bfede344a1fc6442c10340eb404b6487d4d84acb8b1bfee75b -generated: "2025-12-11T16:00:06.802366-06:00" +digest: sha256:fdd5cc597cf958ca0f6f43dd403915c89c45718eff80920c2d322264dc8b09e1 +generated: "2025-12-11T16:14:14.729827-06:00" diff --git a/clusters/cl01tl/helm/authentik/Chart.yaml b/clusters/cl01tl/helm/authentik/Chart.yaml index 48b649d1e..c4dbb6b50 100644 --- a/clusters/cl01tl/helm/authentik/Chart.yaml +++ b/clusters/cl01tl/helm/authentik/Chart.yaml @@ -27,10 +27,6 @@ dependencies: alias: cloudflared repository: oci://harbor.alexlebens.net/helm-charts version: 1.23.2 - - name: postgres-cluster - alias: postgres-17-cluster - version: 6.16.1 - repository: oci://harbor.alexlebens.net/helm-charts - name: postgres-cluster alias: postgres-18-cluster version: 6.16.1 diff --git a/clusters/cl01tl/helm/authentik/templates/external-secret.yaml b/clusters/cl01tl/helm/authentik/templates/external-secret.yaml index 7c66a12ce..12f42bd92 100644 --- a/clusters/cl01tl/helm/authentik/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/authentik/templates/external-secret.yaml @@ -43,73 +43,6 @@ spec: metadataPolicy: None property: token ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: authentik-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: authentik-postgresql-17-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/authentik/values.yaml b/clusters/cl01tl/helm/authentik/values.yaml index ccbf7040d..0c842b65a 100644 --- a/clusters/cl01tl/helm/authentik/values.yaml +++ b/clusters/cl01tl/helm/authentik/values.yaml @@ -50,62 +50,6 @@ authentik: enabled: false cloudflared: existingSecretName: authentik-cloudflared-secret -postgres-17-cluster: - mode: recovery - cluster: - storage: - storageClass: local-path - walStorage: - storageClass: local-path - monitoring: - enabled: true - prometheusRule: - enabled: true - recovery: - method: objectStore - objectStore: - destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster - endpointURL: http://garage-main.garage:3900 - index: 1 - endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage - backup: - objectStore: - - name: external - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster - index: 1 - retentionPolicy: "30d" - isWALArchiver: false - - name: garage-local - destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster - index: 1 - endpointURL: http://garage-main.garage:3900 - endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage - endpointCredentialsIncludeRegion: true - retentionPolicy: "3d" - isWALArchiver: true - # - name: garage-remote - # destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-17-cluster - # index: 1 - # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: authentik-postgresql-17-cluster-backup-secret-garage - # retentionPolicy: "30d" - # data: - # compression: bzip2 - # jobs: 2 - scheduledBackups: - - name: daily-backup - suspend: false - schedule: "0 0 0 * * *" - backupName: external - - name: live-backup - suspend: false - immediate: true - schedule: "0 0 0 * * *" - backupName: garage-local - # - name: weekly-backup - # suspend: false - # schedule: "0 0 4 * * SAT" - # backupName: garage-remote postgres-18-cluster: mode: recovery cluster: