From 058d1d52dc1b47d0c09b3ac406f8245a78e3c4ad Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Sat, 27 Dec 2025 23:47:54 +0000 Subject: [PATCH] chore: Update manifests after change --- ...ecret-actual-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ource-actual-data-backup-source-local.yaml | 29 ++++++++++ ...obookshelf-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ookshelf-metadata-backup-secret-local.yaml | 58 +++++++++++++++++++ ...obookshelf-config-backup-source-local.yaml | 29 ++++++++++ ...ookshelf-metadata-backup-source-local.yaml | 29 ++++++++++ ...t-backrest-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ret-backrest-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-backrest-config-backup-source-local.yaml | 29 ++++++++++ ...rce-backrest-data-backup-source-local.yaml | 29 ++++++++++ ...ret-bazarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rce-bazarr-config-backup-source-local.yaml | 34 +++++++++++ ...t-booklore-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-booklore-config-backup-source-local.yaml | 29 ++++++++++ ...ode-server-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ode-server-config-backup-source-local.yaml | 34 +++++++++++ ...alSecret-ephemera-backup-secret-local.yaml | 58 +++++++++++++++++++ ...onSource-ephemera-backup-source-local.yaml | 29 ++++++++++ ...luster-freshrss-postgresql-18-cluster.yaml | 4 +- ...ret-freshrss-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...reshrss-postgresql-18-recovery-secret.yaml | 4 +- ...rss-postgresql-18-backup-garage-local.yaml | 4 +- ...Store-freshrss-postgresql-18-recovery.yaml | 4 +- ...le-freshrss-postgresql-18-alert-rules.yaml | 14 ++--- ...rce-freshrss-data-backup-source-local.yaml | 39 +++++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- .../Cluster-gatus-postgresql-18-cluster.yaml | 4 +- ...ernalSecret-gatus-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...t-gatus-postgresql-18-recovery-secret.yaml | 4 +- ...tus-postgresql-18-backup-garage-local.yaml | 4 +- ...ectStore-gatus-postgresql-18-recovery.yaml | 4 +- ...sRule-gatus-postgresql-18-alert-rules.yaml | 14 ++--- ...ationSource-gatus-backup-source-local.yaml | 29 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...-assistant-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...-assistant-config-backup-source-local.yaml | 34 +++++++++++ ...et-huntarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ce-huntarr-config-backup-source-local.yaml | 29 ++++++++++ ...t-jellyfin-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-jellyfin-config-backup-source-local.yaml | 29 ++++++++++ ...uster-jellystat-postgresql-18-cluster.yaml | 4 +- ...et-jellystat-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...llystat-postgresql-18-recovery-secret.yaml | 4 +- ...tat-postgresql-18-backup-garage-local.yaml | 4 +- ...tore-jellystat-postgresql-18-recovery.yaml | 4 +- ...e-jellystat-postgresql-18-alert-rules.yaml | 14 ++--- ...ce-jellystat-data-backup-source-local.yaml | 29 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...alSecret-karakeep-backup-secret-local.yaml | 58 +++++++++++++++++++ ...onSource-karakeep-backup-source-local.yaml | 29 ++++++++++ ...alSecret-libation-backup-secret-local.yaml | 58 +++++++++++++++++++ ...onSource-libation-backup-source-local.yaml | 29 ++++++++++ .../Cluster-lidarr-postgresql-18-cluster.yaml | 4 +- ...ret-lidarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...-lidarr-postgresql-18-recovery-secret.yaml | 4 +- ...arr-postgresql-18-backup-garage-local.yaml | 4 +- ...ctStore-lidarr-postgresql-18-recovery.yaml | 4 +- ...Rule-lidarr-postgresql-18-alert-rules.yaml | 14 ++--- ...rce-lidarr-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...t-lidatube-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-lidatube-config-backup-source-local.yaml | 34 +++++++++++ ...lSecret-listenarr-backup-secret-local.yaml | 58 +++++++++++++++++++ ...nSource-listenarr-backup-source-local.yaml | 34 +++++++++++ ...-matrix-synapse-postgresql-18-cluster.yaml | 4 +- ...ostgresql-18-database-mautrix-discord.yaml | 4 +- ...stgresql-18-database-mautrix-whatsapp.yaml | 4 +- ...t-matrix-hookshot-backup-secret-local.yaml | 58 +++++++++++++++++++ ...et-matrix-synapse-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...synapse-postgresql-18-recovery-secret.yaml | 4 +- ...t-mautrix-discord-backup-secret-local.yaml | 58 +++++++++++++++++++ ...-mautrix-whatsapp-backup-secret-local.yaml | 58 +++++++++++++++++++ ...pse-postgresql-18-backup-garage-local.yaml | 4 +- ...matrix-synapse-postgresql-18-recovery.yaml | 4 +- ...rix-synapse-postgresql-18-alert-rules.yaml | 14 ++--- ...e-matrix-hookshot-backup-source-local.yaml | 29 ++++++++++ ...ce-matrix-synapse-backup-source-local.yaml | 29 ++++++++++ ...e-mautrix-discord-backup-source-local.yaml | 32 ++++++++++ ...-mautrix-whatsapp-backup-source-local.yaml | 32 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...et-navidrome-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ce-navidrome-data-backup-source-local.yaml | 34 +++++++++++ ...ster-ollama-web-postgresql-18-cluster.yaml | 4 +- ...t-ollama-web-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...ama-web-postgresql-18-recovery-secret.yaml | 4 +- ...web-postgresql-18-backup-garage-local.yaml | 4 +- ...ore-ollama-web-postgresql-18-recovery.yaml | 4 +- ...-ollama-web-postgresql-18-alert-rules.yaml | 14 ++--- ...e-ollama-web-data-backup-source-local.yaml | 32 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- .../Cluster-postiz-postgresql-18-cluster.yaml | 4 +- ...ret-postiz-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...-postiz-postgresql-18-recovery-secret.yaml | 4 +- ...et-postiz-uploads-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tiz-postgresql-18-backup-garage-local.yaml | 4 +- ...ctStore-postiz-postgresql-18-recovery.yaml | 4 +- ...Rule-postiz-postgresql-18-alert-rules.yaml | 14 ++--- ...rce-postiz-config-backup-source-local.yaml | 29 ++++++++++ ...ce-postiz-uploads-backup-source-local.yaml | 29 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...t-prowlarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-prowlarr-config-backup-source-local.yaml | 39 +++++++++++++ ...rrent-config-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...anage-config-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...t-qui-config-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rrent-config-data-backup-source-local.yaml | 34 +++++++++++ ...anage-config-data-backup-source-local.yaml | 29 ++++++++++ ...t-qui-config-data-backup-source-local.yaml | 29 ++++++++++ ...uster-radarr-4k-postgresql-18-cluster.yaml | 4 +- ...-radarr-4k-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...darr-4k-postgresql-18-recovery-secret.yaml | 4 +- ...-4k-postgresql-18-backup-garage-local.yaml | 4 +- ...tore-radarr-4k-postgresql-18-recovery.yaml | 4 +- ...e-radarr-4k-postgresql-18-alert-rules.yaml | 14 ++--- ...-radarr-4k-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...er-radarr-anime-postgresql-18-cluster.yaml | 4 +- ...darr-anime-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...r-anime-postgresql-18-recovery-secret.yaml | 4 +- ...ime-postgresql-18-backup-garage-local.yaml | 4 +- ...e-radarr-anime-postgresql-18-recovery.yaml | 4 +- ...adarr-anime-postgresql-18-alert-rules.yaml | 14 ++--- ...darr-anime-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...-radarr-standup-postgresql-18-cluster.yaml | 4 +- ...rr-standup-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...standup-postgresql-18-recovery-secret.yaml | 4 +- ...dup-postgresql-18-backup-garage-local.yaml | 4 +- ...radarr-standup-postgresql-18-recovery.yaml | 4 +- ...arr-standup-postgresql-18-alert-rules.yaml | 14 ++--- ...rr-standup-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- .../Cluster-radarr-postgresql-18-cluster.yaml | 4 +- ...ret-radarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...-radarr-postgresql-18-recovery-secret.yaml | 4 +- ...arr-postgresql-18-backup-garage-local.yaml | 4 +- ...ctStore-radarr-postgresql-18-recovery.yaml | 4 +- ...Rule-radarr-postgresql-18-alert-rules.yaml | 14 ++--- ...rce-radarr-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...ret-rayflume-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rce-rayflume-data-backup-source-local.yaml | 29 ++++++++++ ...uster-roundcube-postgresql-18-cluster.yaml | 4 +- ...et-roundcube-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...undcube-postgresql-18-recovery-secret.yaml | 4 +- ...ube-postgresql-18-backup-garage-local.yaml | 4 +- ...tore-roundcube-postgresql-18-recovery.yaml | 4 +- ...e-roundcube-postgresql-18-alert-rules.yaml | 14 ++--- ...ce-roundcube-data-backup-source-local.yaml | 29 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...rxng-browser-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rxng-browser-data-backup-source-local.yaml | 29 ++++++++++ ...eerr-chart-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...eerr-chart-config-backup-source-local.yaml | 29 ++++++++++ ...uster-sonarr-4k-postgresql-18-cluster.yaml | 4 +- ...-sonarr-4k-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...narr-4k-postgresql-18-recovery-secret.yaml | 4 +- ...-4k-postgresql-18-backup-garage-local.yaml | 4 +- ...tore-sonarr-4k-postgresql-18-recovery.yaml | 4 +- ...e-sonarr-4k-postgresql-18-alert-rules.yaml | 14 ++--- ...-sonarr-4k-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...er-sonarr-anime-postgresql-18-cluster.yaml | 4 +- ...narr-anime-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...r-anime-postgresql-18-recovery-secret.yaml | 4 +- ...ime-postgresql-18-backup-garage-local.yaml | 4 +- ...e-sonarr-anime-postgresql-18-recovery.yaml | 4 +- ...onarr-anime-postgresql-18-alert-rules.yaml | 14 ++--- ...narr-anime-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- .../Cluster-sonarr-postgresql-18-cluster.yaml | 4 +- ...ret-sonarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...-sonarr-postgresql-18-recovery-secret.yaml | 4 +- ...arr-postgresql-18-backup-garage-local.yaml | 4 +- ...ctStore-sonarr-postgresql-18-recovery.yaml | 4 +- ...Rule-sonarr-postgresql-18-alert-rules.yaml | 14 ++--- ...rce-sonarr-config-backup-source-local.yaml | 34 +++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...t-soulsync-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...soulsync-database-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-soulsync-config-backup-source-local.yaml | 29 ++++++++++ ...soulsync-database-backup-source-local.yaml | 29 ++++++++++ ...luster-stalwart-postgresql-18-cluster.yaml | 4 +- ...t-stalwart-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...tgresql-18-backup-garage-local-secret.yaml | 4 +- ...talwart-postgresql-18-recovery-secret.yaml | 4 +- ...art-postgresql-18-backup-garage-local.yaml | 4 +- ...Store-stalwart-postgresql-18-recovery.yaml | 4 +- ...le-stalwart-postgresql-18-alert-rules.yaml | 14 ++--- ...e-stalwart-config-backup-source-local.yaml | 29 ++++++++++ ...resql-18-scheduled-backup-live-backup.yaml | 4 +- ...t-tautulli-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-tautulli-config-backup-source-local.yaml | 29 ++++++++++ ...cret-tdarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...cret-tdarr-server-backup-secret-local.yaml | 58 +++++++++++++++++++ ...urce-tdarr-config-backup-source-local.yaml | 29 ++++++++++ ...urce-tdarr-server-backup-source-local.yaml | 29 ++++++++++ 212 files changed, 4675 insertions(+), 308 deletions(-) create mode 100644 clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/huntarr/ExternalSecret-huntarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/huntarr/ReplicationSource-huntarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/lidatube/ExternalSecret-lidatube-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/lidatube/ReplicationSource-lidatube-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/listenarr/ExternalSecret-listenarr-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/listenarr/ReplicationSource-listenarr-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-config-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-config-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-4k/ReplicationSource-radarr-4k-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-anime/ReplicationSource-radarr-anime-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr-standup/ReplicationSource-radarr-standup-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/radarr/ReplicationSource-radarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/rayflume/ExternalSecret-rayflume-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/rayflume/ReplicationSource-rayflume-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/tautulli/ExternalSecret-tautulli-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/tautulli/ReplicationSource-tautulli-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml diff --git a/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml new file mode 100644 index 000000000..d3c1a872e --- /dev/null +++ b/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: actual-data-backup-secret-local + namespace: actual + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: actual + app.kubernetes.io/part-of: actual + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: actual-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/actual/actual-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml b/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml new file mode 100644 index 000000000..ef0ccb681 --- /dev/null +++ b/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: actual-data-backup-source-local + namespace: actual + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: actual + app.kubernetes.io/part-of: actual + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: actual-data-backup +spec: + sourcePVC: actual-data + trigger: + schedule: 0 8 * * * + restic: + pruneIntervalDays: 7 + repository: actual-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml new file mode 100644 index 000000000..062476eab --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: audiobookshelf-config-backup-secret-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/audiobookshelf/audiobookshelf-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml new file mode 100644 index 000000000..05f06b014 --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: audiobookshelf-metadata-backup-secret-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-metadata-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-metadata-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/audiobookshelf/audiobookshelf-metadata" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml new file mode 100644 index 000000000..dd561e6c2 --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: audiobookshelf-config-backup-source-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-config-backup +spec: + sourcePVC: audiobookshelf-config + trigger: + schedule: 2 8 * * * + restic: + pruneIntervalDays: 7 + repository: audiobookshelf-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml new file mode 100644 index 000000000..38274073b --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: audiobookshelf-metadata-backup-source-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-metadata-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-metadata-backup +spec: + sourcePVC: audiobookshelf-metadata + trigger: + schedule: 4 8 * * * + restic: + pruneIntervalDays: 7 + repository: audiobookshelf-metadata-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml new file mode 100644 index 000000000..23afedb62 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: backrest-config-backup-secret-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/backrest/backrest-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml new file mode 100644 index 000000000..4680836a5 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: backrest-data-backup-secret-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/backrest/backrest-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml new file mode 100644 index 000000000..5ec7906c5 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: backrest-config-backup-source-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-config-backup +spec: + sourcePVC: backrest-config + trigger: + schedule: 8 8 * * * + restic: + pruneIntervalDays: 7 + repository: backrest-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml new file mode 100644 index 000000000..cb645b087 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: backrest-data-backup-source-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-data-backup +spec: + sourcePVC: backrest-data + trigger: + schedule: 6 8 * * * + restic: + pruneIntervalDays: 7 + repository: backrest-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..12cfbede7 --- /dev/null +++ b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: bazarr-config-backup-secret-local + namespace: bazarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: bazarr + app.kubernetes.io/part-of: bazarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bazarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/bazarr/bazarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml new file mode 100644 index 000000000..20d97d88f --- /dev/null +++ b/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: bazarr-config-backup-source-local + namespace: bazarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: bazarr + app.kubernetes.io/part-of: bazarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bazarr-config-backup +spec: + sourcePVC: bazarr-config + trigger: + schedule: 10 8 * * * + restic: + pruneIntervalDays: 7 + repository: bazarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml new file mode 100644 index 000000000..b35e2e683 --- /dev/null +++ b/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: booklore-config-backup-secret-local + namespace: booklore + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: booklore + app.kubernetes.io/part-of: booklore + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: booklore-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml b/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml new file mode 100644 index 000000000..5d97428b3 --- /dev/null +++ b/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: booklore-config-backup-source-local + namespace: booklore + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: booklore + app.kubernetes.io/part-of: booklore + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: booklore-config-backup +spec: + sourcePVC: booklore-config + trigger: + schedule: 12 8 * * * + restic: + pruneIntervalDays: 7 + repository: booklore-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml new file mode 100644 index 000000000..c1a6db0ae --- /dev/null +++ b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: code-server-config-backup-secret-local + namespace: code-server + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: code-server + app.kubernetes.io/part-of: code-server + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: code-server-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/code-server/code-server-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml new file mode 100644 index 000000000..6dcde832a --- /dev/null +++ b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: code-server-config-backup-source-local + namespace: code-server + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: code-server + app.kubernetes.io/part-of: code-server + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: code-server-config-backup +spec: + sourcePVC: code-server-config + trigger: + schedule: 16 8 * * * + restic: + pruneIntervalDays: 7 + repository: code-server-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml b/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml new file mode 100644 index 000000000..4dcdbbec9 --- /dev/null +++ b/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ephemera-backup-secret-local + namespace: ephemera + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: ephemera + app.kubernetes.io/part-of: ephemera + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ephemera-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ephemera/ephemera" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml b/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml new file mode 100644 index 000000000..74dae1af5 --- /dev/null +++ b/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ephemera-backup-source-local + namespace: ephemera + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: ephemera + app.kubernetes.io/part-of: ephemera + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ephemera-backup +spec: + sourcePVC: ephemera + trigger: + schedule: 16 8 * * * + restic: + pruneIntervalDays: 7 + repository: ephemera-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/freshrss/Cluster-freshrss-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/freshrss/Cluster-freshrss-postgresql-18-cluster.yaml index 12e07e256..fc70296f4 100644 --- a/clusters/cl01tl/manifests/freshrss/Cluster-freshrss-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/freshrss/Cluster-freshrss-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: freshrss-postgresql-18-cluster namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml new file mode 100644 index 000000000..ffb082de4 --- /dev/null +++ b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: freshrss-data-backup-secret-local + namespace: freshrss + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: freshrss + app.kubernetes.io/part-of: freshrss + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: freshrss-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/freshrss/freshrss-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-backup-garage-local-secret.yaml index fa8f4ebd6..31b46ad45 100644 --- a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: freshrss-postgresql-18-backup-garage-local-secret namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: freshrss-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-recovery-secret.yaml index 518df8840..d49e4b665 100644 --- a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: freshrss-postgresql-18-recovery-secret namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: freshrss-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-backup-garage-local.yaml index afa01d367..09943c829 100644 --- a/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: freshrss-postgresql-18-backup-garage-local namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: freshrss-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-recovery.yaml index 9a499e62d..4dc0a6698 100644 --- a/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/freshrss/ObjectStore-freshrss-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "freshrss-postgresql-18-recovery" namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "freshrss-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/freshrss/PrometheusRule-freshrss-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/freshrss/PrometheusRule-freshrss-postgresql-18-alert-rules.yaml index 59982b80c..8de805248 100644 --- a/clusters/cl01tl/manifests/freshrss/PrometheusRule-freshrss-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/freshrss/PrometheusRule-freshrss-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: freshrss-postgresql-18-alert-rules namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="freshrss"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="freshrss"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="freshrss"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="freshrss"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="freshrss"} > cnpg_pg_replication_is_wal_receiver_up{namespace="freshrss"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml b/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml new file mode 100644 index 000000000..c66c60a26 --- /dev/null +++ b/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml @@ -0,0 +1,39 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: freshrss-data-backup-source-local + namespace: freshrss + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: freshrss + app.kubernetes.io/part-of: freshrss + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: freshrss-data-backup +spec: + sourcePVC: freshrss-data + trigger: + schedule: 18 8 * * * + restic: + pruneIntervalDays: 7 + repository: freshrss-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 + supplementalGroups: + - 44 + - 100 + - 109 + - 65539 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml index 1a192be3e..6fdc2e7c0 100644 --- a/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "freshrss-postgresql-18-scheduled-backup-live-backup" namespace: freshrss labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: freshrss-postgresql-18 app.kubernetes.io/instance: freshrss app.kubernetes.io/part-of: freshrss - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "freshrss-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/gatus/Cluster-gatus-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/gatus/Cluster-gatus-postgresql-18-cluster.yaml index 62c79e627..98d5a0854 100644 --- a/clusters/cl01tl/manifests/gatus/Cluster-gatus-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/gatus/Cluster-gatus-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: gatus-postgresql-18-cluster namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml new file mode 100644 index 000000000..10c5dad89 --- /dev/null +++ b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: gatus-backup-secret-local + namespace: gatus + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: gatus + app.kubernetes.io/part-of: gatus + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gatus-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/gatus/gatus" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-backup-garage-local-secret.yaml index 7245d1607..1d56e1a48 100644 --- a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: gatus-postgresql-18-backup-garage-local-secret namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: gatus-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-recovery-secret.yaml index 475576210..9d0972f68 100644 --- a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: gatus-postgresql-18-recovery-secret namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: gatus-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-backup-garage-local.yaml index 2946f8000..6be81d881 100644 --- a/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: gatus-postgresql-18-backup-garage-local namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: gatus-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-recovery.yaml index fdd142dfd..03e307e4e 100644 --- a/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/gatus/ObjectStore-gatus-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "gatus-postgresql-18-recovery" namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "gatus-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/gatus/PrometheusRule-gatus-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/gatus/PrometheusRule-gatus-postgresql-18-alert-rules.yaml index c905b0842..5800e79e5 100644 --- a/clusters/cl01tl/manifests/gatus/PrometheusRule-gatus-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/gatus/PrometheusRule-gatus-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: gatus-postgresql-18-alert-rules namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="gatus"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="gatus"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="gatus"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="gatus"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="gatus"} > cnpg_pg_replication_is_wal_receiver_up{namespace="gatus"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml b/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml new file mode 100644 index 000000000..297f58f6a --- /dev/null +++ b/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: gatus-backup-source-local + namespace: gatus + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: gatus + app.kubernetes.io/part-of: gatus + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gatus-backup +spec: + sourcePVC: gatus + trigger: + schedule: 22 8 * * * + restic: + pruneIntervalDays: 7 + repository: gatus-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml index ef6bc0d08..e83e36121 100644 --- a/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "gatus-postgresql-18-scheduled-backup-live-backup" namespace: gatus labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: gatus-postgresql-18 app.kubernetes.io/instance: gatus app.kubernetes.io/part-of: gatus - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "gatus-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-local.yaml new file mode 100644 index 000000000..ee140a6a4 --- /dev/null +++ b/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: home-assistant-config-backup-secret-local + namespace: home-assistant + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: home-assistant + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: home-assistant-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/home-assistant/home-assistant-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml new file mode 100644 index 000000000..f9230c8e0 --- /dev/null +++ b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: home-assistant-config-backup-source-local + namespace: home-assistant + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: home-assistant + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: home-assistant-config-backup +spec: + sourcePVC: home-assistant-config + trigger: + schedule: 24 8 * * * + restic: + pruneIntervalDays: 7 + repository: home-assistant-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/huntarr/ExternalSecret-huntarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/huntarr/ExternalSecret-huntarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..3c4a3d4eb --- /dev/null +++ b/clusters/cl01tl/manifests/huntarr/ExternalSecret-huntarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: huntarr-config-backup-secret-local + namespace: huntarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: huntarr + app.kubernetes.io/part-of: huntarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: huntarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/huntarr/huntarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/huntarr/ReplicationSource-huntarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/huntarr/ReplicationSource-huntarr-config-backup-source-local.yaml new file mode 100644 index 000000000..a3753255c --- /dev/null +++ b/clusters/cl01tl/manifests/huntarr/ReplicationSource-huntarr-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: huntarr-config-backup-source-local + namespace: huntarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: huntarr + app.kubernetes.io/part-of: huntarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: huntarr-config-backup +spec: + sourcePVC: huntarr-config + trigger: + schedule: 26 8 * * * + restic: + pruneIntervalDays: 7 + repository: huntarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-local.yaml new file mode 100644 index 000000000..c27f41319 --- /dev/null +++ b/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jellyfin-config-backup-secret-local + namespace: jellyfin + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: jellyfin + app.kubernetes.io/part-of: jellyfin + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellyfin-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/jellyfin/jellyfin-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml new file mode 100644 index 000000000..3c2f95e22 --- /dev/null +++ b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: jellyfin-config-backup-source-local + namespace: jellyfin + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: jellyfin + app.kubernetes.io/part-of: jellyfin + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellyfin-config-backup +spec: + sourcePVC: jellyfin-config + trigger: + schedule: 30 8 * * * + restic: + pruneIntervalDays: 7 + repository: jellyfin-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 10Gi diff --git a/clusters/cl01tl/manifests/jellystat/Cluster-jellystat-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/jellystat/Cluster-jellystat-postgresql-18-cluster.yaml index 1207905f5..8549e7a38 100644 --- a/clusters/cl01tl/manifests/jellystat/Cluster-jellystat-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/jellystat/Cluster-jellystat-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: jellystat-postgresql-18-cluster namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-local.yaml new file mode 100644 index 000000000..bdd6c1f59 --- /dev/null +++ b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jellystat-data-backup-secret-local + namespace: jellystat + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: jellystat + app.kubernetes.io/part-of: jellystat + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellystat-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/jellystat/jellystat-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-backup-garage-local-secret.yaml index 31dbbe90e..de7f6d70b 100644 --- a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: jellystat-postgresql-18-backup-garage-local-secret namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: jellystat-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-recovery-secret.yaml index 50b315e17..530387bf3 100644 --- a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: jellystat-postgresql-18-recovery-secret namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: jellystat-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-backup-garage-local.yaml index 919fb1f90..3a095b64c 100644 --- a/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: jellystat-postgresql-18-backup-garage-local namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: jellystat-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-recovery.yaml index 23ba46bd0..15e916506 100644 --- a/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/jellystat/ObjectStore-jellystat-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "jellystat-postgresql-18-recovery" namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "jellystat-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/jellystat/PrometheusRule-jellystat-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/jellystat/PrometheusRule-jellystat-postgresql-18-alert-rules.yaml index 50bce0e97..2d88307d8 100644 --- a/clusters/cl01tl/manifests/jellystat/PrometheusRule-jellystat-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/jellystat/PrometheusRule-jellystat-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: jellystat-postgresql-18-alert-rules namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="jellystat"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="jellystat"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="jellystat"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="jellystat"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="jellystat"} > cnpg_pg_replication_is_wal_receiver_up{namespace="jellystat"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml new file mode 100644 index 000000000..b8814586f --- /dev/null +++ b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: jellystat-data-backup-source-local + namespace: jellystat + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: jellystat + app.kubernetes.io/part-of: jellystat + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellystat-data-backup +spec: + sourcePVC: jellystat-data + trigger: + schedule: 32 8 * * * + restic: + pruneIntervalDays: 7 + repository: jellystat-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml index 5a8a8486f..9edec361e 100644 --- a/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "jellystat-postgresql-18-scheduled-backup-live-backup" namespace: jellystat labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: jellystat-postgresql-18 app.kubernetes.io/instance: jellystat app.kubernetes.io/part-of: jellystat - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "jellystat-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-local.yaml b/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-local.yaml new file mode 100644 index 000000000..d9bfbb618 --- /dev/null +++ b/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: karakeep-backup-secret-local + namespace: karakeep + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: karakeep + app.kubernetes.io/part-of: karakeep + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: karakeep-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/karakeep/karakeep" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml new file mode 100644 index 000000000..b1449a21e --- /dev/null +++ b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: karakeep-backup-source-local + namespace: karakeep + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: karakeep + app.kubernetes.io/part-of: karakeep + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: karakeep-backup +spec: + sourcePVC: karakeep + trigger: + schedule: 34 8 * * * + restic: + pruneIntervalDays: 7 + repository: karakeep-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-local.yaml b/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-local.yaml new file mode 100644 index 000000000..c113c930e --- /dev/null +++ b/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: libation-backup-secret-local + namespace: libation + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: libation + app.kubernetes.io/part-of: libation + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: libation-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/libation/libation" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml new file mode 100644 index 000000000..9b2493b8f --- /dev/null +++ b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: libation-backup-source-local + namespace: libation + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: libation + app.kubernetes.io/part-of: libation + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: libation-backup +spec: + sourcePVC: libation + trigger: + schedule: 36 8 * * * + restic: + pruneIntervalDays: 7 + repository: libation-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/lidarr/Cluster-lidarr-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/lidarr/Cluster-lidarr-postgresql-18-cluster.yaml index 8aa218c34..841c815bb 100644 --- a/clusters/cl01tl/manifests/lidarr/Cluster-lidarr-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/lidarr/Cluster-lidarr-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: lidarr-postgresql-18-cluster namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..f98e31a44 --- /dev/null +++ b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: lidarr-config-backup-secret-local + namespace: lidarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: lidarr + app.kubernetes.io/part-of: lidarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/lidarr/lidarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-backup-garage-local-secret.yaml index b43bb32cd..2811a5f89 100644 --- a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: lidarr-postgresql-18-backup-garage-local-secret namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: lidarr-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-recovery-secret.yaml index e3f0bf1bf..535230478 100644 --- a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: lidarr-postgresql-18-recovery-secret namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: lidarr-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-backup-garage-local.yaml index 34ebd70d5..f8e98fa71 100644 --- a/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: lidarr-postgresql-18-backup-garage-local namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: lidarr-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-recovery.yaml index c2b66b5a2..2538c228e 100644 --- a/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/lidarr/ObjectStore-lidarr-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "lidarr-postgresql-18-recovery" namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "lidarr-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/lidarr/PrometheusRule-lidarr-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/lidarr/PrometheusRule-lidarr-postgresql-18-alert-rules.yaml index 7e18208b2..b41d8e76f 100644 --- a/clusters/cl01tl/manifests/lidarr/PrometheusRule-lidarr-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/lidarr/PrometheusRule-lidarr-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: lidarr-postgresql-18-alert-rules namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="lidarr"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="lidarr"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="lidarr"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="lidarr"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="lidarr"} > cnpg_pg_replication_is_wal_receiver_up{namespace="lidarr"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml new file mode 100644 index 000000000..7d9afc85b --- /dev/null +++ b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: lidarr-config-backup-source-local + namespace: lidarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: lidarr + app.kubernetes.io/part-of: lidarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidarr-config-backup +spec: + sourcePVC: lidarr-config + trigger: + schedule: 38 8 * * * + restic: + pruneIntervalDays: 7 + repository: lidarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml index 165530be0..472fefbbb 100644 --- a/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "lidarr-postgresql-18-scheduled-backup-live-backup" namespace: lidarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: lidarr-postgresql-18 app.kubernetes.io/instance: lidarr app.kubernetes.io/part-of: lidarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "lidarr-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/lidatube/ExternalSecret-lidatube-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/lidatube/ExternalSecret-lidatube-config-backup-secret-local.yaml new file mode 100644 index 000000000..2dea3bd8b --- /dev/null +++ b/clusters/cl01tl/manifests/lidatube/ExternalSecret-lidatube-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: lidatube-config-backup-secret-local + namespace: lidatube + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: lidatube + app.kubernetes.io/part-of: lidatube + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidatube-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/lidatube/lidatube-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/lidatube/ReplicationSource-lidatube-config-backup-source-local.yaml b/clusters/cl01tl/manifests/lidatube/ReplicationSource-lidatube-config-backup-source-local.yaml new file mode 100644 index 000000000..b9bdf5768 --- /dev/null +++ b/clusters/cl01tl/manifests/lidatube/ReplicationSource-lidatube-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: lidatube-config-backup-source-local + namespace: lidatube + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: lidatube + app.kubernetes.io/part-of: lidatube + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidatube-config-backup +spec: + sourcePVC: lidatube-config + trigger: + schedule: 40 8 * * * + restic: + pruneIntervalDays: 7 + repository: lidatube-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/listenarr/ExternalSecret-listenarr-backup-secret-local.yaml b/clusters/cl01tl/manifests/listenarr/ExternalSecret-listenarr-backup-secret-local.yaml new file mode 100644 index 000000000..95976c7f2 --- /dev/null +++ b/clusters/cl01tl/manifests/listenarr/ExternalSecret-listenarr-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: listenarr-backup-secret-local + namespace: listenarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: listenarr + app.kubernetes.io/part-of: listenarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: listenarr-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/listenarr/listenarr" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/listenarr/ReplicationSource-listenarr-backup-source-local.yaml b/clusters/cl01tl/manifests/listenarr/ReplicationSource-listenarr-backup-source-local.yaml new file mode 100644 index 000000000..f6e6610a7 --- /dev/null +++ b/clusters/cl01tl/manifests/listenarr/ReplicationSource-listenarr-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: listenarr-backup-source-local + namespace: listenarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: listenarr + app.kubernetes.io/part-of: listenarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: listenarr-backup +spec: + sourcePVC: listenarr + trigger: + schedule: 42 8 * * * + restic: + pruneIntervalDays: 7 + repository: listenarr-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/Cluster-matrix-synapse-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/matrix-synapse/Cluster-matrix-synapse-postgresql-18-cluster.yaml index 360fe84f5..3afc91e70 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/Cluster-matrix-synapse-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/Cluster-matrix-synapse-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-cluster namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-discord.yaml b/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-discord.yaml index 68472c3c5..f19df1cdd 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-discord.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-discord.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-database-mautrix-discord namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: name: mautrix-discord diff --git a/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-whatsapp.yaml b/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-whatsapp.yaml index a118e227f..77870d46f 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-whatsapp.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/Database-matrix-synapse-postgresql-18-database-mautrix-whatsapp.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-database-mautrix-whatsapp namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: name: mautrix-whatsapp diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-local.yaml new file mode 100644 index 000000000..6cbb8b9a9 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: matrix-hookshot-backup-secret-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-hookshot-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-hookshot-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/matrix-hookshot" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-local.yaml new file mode 100644 index 000000000..90524271d --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: matrix-synapse-backup-secret-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-synapse-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-synapse-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/matrix-synapse" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-backup-garage-local-secret.yaml index a2a31695b..1f635fbb2 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-backup-garage-local-secret namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: matrix-synapse-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-recovery-secret.yaml index ad0cda431..4d065aea7 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-recovery-secret namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: matrix-synapse-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-local.yaml new file mode 100644 index 000000000..b35f86887 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: mautrix-discord-backup-secret-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-discord-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-discord-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/mautrix-discord" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-local.yaml new file mode 100644 index 000000000..c68f7b745 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: mautrix-whatsapp-backup-secret-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-whatsapp-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-whatsapp-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/mautrix-whatsapp" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-backup-garage-local.yaml index c6aa6b676..597f659ee 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-backup-garage-local namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: matrix-synapse-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-recovery.yaml index c53faeb80..d36280fe0 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ObjectStore-matrix-synapse-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "matrix-synapse-postgresql-18-recovery" namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "matrix-synapse-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/matrix-synapse/PrometheusRule-matrix-synapse-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/matrix-synapse/PrometheusRule-matrix-synapse-postgresql-18-alert-rules.yaml index 43e62be73..c016f4910 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/PrometheusRule-matrix-synapse-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/PrometheusRule-matrix-synapse-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: matrix-synapse-postgresql-18-alert-rules namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="matrix-synapse"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="matrix-synapse"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="matrix-synapse"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="matrix-synapse"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="matrix-synapse"} > cnpg_pg_replication_is_wal_receiver_up{namespace="matrix-synapse"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml new file mode 100644 index 000000000..bb5ae3ad4 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: matrix-hookshot-backup-source-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-hookshot-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-hookshot-backup +spec: + sourcePVC: matrix-hookshot + trigger: + schedule: 46 8 * * * + restic: + pruneIntervalDays: 7 + repository: matrix-hookshot-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml new file mode 100644 index 000000000..3c274057b --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: matrix-synapse-backup-source-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-synapse-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-synapse-backup +spec: + sourcePVC: matrix-synapse + trigger: + schedule: 44 8 * * * + restic: + pruneIntervalDays: 7 + repository: matrix-synapse-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml new file mode 100644 index 000000000..28eef1fa7 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: mautrix-discord-backup-source-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-discord-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-discord-backup +spec: + sourcePVC: mautrix-discord + trigger: + schedule: 48 8 * * * + restic: + pruneIntervalDays: 7 + repository: mautrix-discord-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml new file mode 100644 index 000000000..875b70bd3 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: mautrix-whatsapp-backup-source-local + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-whatsapp-0.7.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-whatsapp-backup +spec: + sourcePVC: mautrix-whatsapp + trigger: + schedule: 50 8 * * * + restic: + pruneIntervalDays: 7 + repository: mautrix-whatsapp-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml index 7a75abd8e..0db63ba52 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "matrix-synapse-postgresql-18-scheduled-backup-live-backup" namespace: matrix-synapse labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: matrix-synapse-postgresql-18 app.kubernetes.io/instance: matrix-synapse app.kubernetes.io/part-of: matrix-synapse - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "matrix-synapse-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-local.yaml new file mode 100644 index 000000000..c1326cf4f --- /dev/null +++ b/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: navidrome-data-backup-secret-local + namespace: navidrome + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: navidrome + app.kubernetes.io/part-of: navidrome + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: navidrome-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/navidrome/navidrome-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml new file mode 100644 index 000000000..f87dff534 --- /dev/null +++ b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: navidrome-data-backup-source-local + namespace: navidrome + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: navidrome + app.kubernetes.io/part-of: navidrome + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: navidrome-data-backup +spec: + sourcePVC: navidrome-data + trigger: + schedule: 52 8 * * * + restic: + pruneIntervalDays: 7 + repository: navidrome-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ollama/Cluster-ollama-web-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/ollama/Cluster-ollama-web-postgresql-18-cluster.yaml index e39d51778..dd091856a 100644 --- a/clusters/cl01tl/manifests/ollama/Cluster-ollama-web-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/ollama/Cluster-ollama-web-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: ollama-web-postgresql-18-cluster namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml new file mode 100644 index 000000000..9de30f4d1 --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ollama-web-data-backup-secret-local + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-backup-garage-local-secret.yaml index e4ed9333b..f4ad4afda 100644 --- a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: ollama-web-postgresql-18-backup-garage-local-secret namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: ollama-web-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-recovery-secret.yaml index 4dddbed94..4a7410167 100644 --- a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: ollama-web-postgresql-18-recovery-secret namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: ollama-web-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-backup-garage-local.yaml index ffe9617ac..c92166ab9 100644 --- a/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: ollama-web-postgresql-18-backup-garage-local namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: ollama-web-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-recovery.yaml index febb90c81..9a7dcc6f6 100644 --- a/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/ollama/ObjectStore-ollama-web-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "ollama-web-postgresql-18-recovery" namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "ollama-web-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/ollama/PrometheusRule-ollama-web-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/ollama/PrometheusRule-ollama-web-postgresql-18-alert-rules.yaml index b865041a5..28edc50ab 100644 --- a/clusters/cl01tl/manifests/ollama/PrometheusRule-ollama-web-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/ollama/PrometheusRule-ollama-web-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: ollama-web-postgresql-18-alert-rules namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="ollama"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="ollama"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="ollama"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="ollama"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="ollama"} > cnpg_pg_replication_is_wal_receiver_up{namespace="ollama"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml new file mode 100644 index 000000000..e88f1fa77 --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ollama-web-data-backup-source-local + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup +spec: + sourcePVC: ollama-web-data + trigger: + schedule: 54 8 * * * + restic: + pruneIntervalDays: 7 + repository: ollama-web-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml index e3a8ea810..a12bbc6b5 100644 --- a/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "ollama-web-postgresql-18-scheduled-backup-live-backup" namespace: ollama labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: ollama-web-postgresql-18 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "ollama-web-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/postiz/Cluster-postiz-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/postiz/Cluster-postiz-postgresql-18-cluster.yaml index f35b78ac7..af1d3dc8e 100644 --- a/clusters/cl01tl/manifests/postiz/Cluster-postiz-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/postiz/Cluster-postiz-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: postiz-postgresql-18-cluster namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml new file mode 100644 index 000000000..73272d14a --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-config-backup-secret-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-backup-garage-local-secret.yaml index 10b820b89..02bafb62d 100644 --- a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: postiz-postgresql-18-backup-garage-local-secret namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postiz-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-recovery-secret.yaml index 5be902d2f..1b4c31a98 100644 --- a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: postiz-postgresql-18-recovery-secret namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postiz-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml new file mode 100644 index 000000000..0db0fd855 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-uploads-backup-secret-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.7.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-uploads" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-backup-garage-local.yaml index 16dc77a71..fff3f264b 100644 --- a/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: postiz-postgresql-18-backup-garage-local namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postiz-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-recovery.yaml index c0e76228e..83511c4b4 100644 --- a/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/postiz/ObjectStore-postiz-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "postiz-postgresql-18-recovery" namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "postiz-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/postiz/PrometheusRule-postiz-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/postiz/PrometheusRule-postiz-postgresql-18-alert-rules.yaml index d8843bd8f..46729bb22 100644 --- a/clusters/cl01tl/manifests/postiz/PrometheusRule-postiz-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/postiz/PrometheusRule-postiz-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: postiz-postgresql-18-alert-rules namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="postiz"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="postiz"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="postiz"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="postiz"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="postiz"} > cnpg_pg_replication_is_wal_receiver_up{namespace="postiz"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml new file mode 100644 index 000000000..9d217ec39 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-config-backup-source-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup +spec: + sourcePVC: postiz-config + trigger: + schedule: 56 8 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml new file mode 100644 index 000000000..298284a6d --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-uploads-backup-source-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.7.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup +spec: + sourcePVC: postiz-uploads + trigger: + schedule: 58 8 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-uploads-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml index 0a672d2d6..84595dc0f 100644 --- a/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "postiz-postgresql-18-scheduled-backup-live-backup" namespace: postiz labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: postiz-postgresql-18 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "postiz-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..913b3db2b --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: prowlarr-config-backup-secret-local + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/prowlarr/prowlarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml new file mode 100644 index 000000000..1aaacc0f3 --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml @@ -0,0 +1,39 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: prowlarr-config-backup-source-local + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup +spec: + sourcePVC: prowlarr-config + trigger: + schedule: 0 11 * * * + restic: + pruneIntervalDays: 7 + repository: prowlarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 + supplementalGroups: + - 44 + - 100 + - 109 + - 65539 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-config-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-config-data-backup-secret-local.yaml new file mode 100644 index 000000000..4e22f5905 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-config-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-config-data-backup-secret-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-config-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml new file mode 100644 index 000000000..6c4dab5e3 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qbit-manage-config-data-backup-secret-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qbit-manage-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml new file mode 100644 index 000000000..ebb3aee74 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qui-config-data-backup-secret-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qui-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-config-data-backup-source-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-config-data-backup-source-local.yaml new file mode 100644 index 000000000..ea5a9489f --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-config-data-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-config-data-backup-source-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-config-data-backup +spec: + sourcePVC: qbittorrent-config-data + trigger: + schedule: 2 11 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-config-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-filesystem + volumeSnapshotClassName: ceph-filesystem-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml new file mode 100644 index 000000000..5d39ec2d6 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qbit-manage-config-data-backup-source-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup +spec: + sourcePVC: qbittorrent-qbit-manage-config-data + trigger: + schedule: 4 11 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qbit-manage-config-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml new file mode 100644 index 000000000..dadfda14b --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qui-config-data-backup-source-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.7.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup +spec: + sourcePVC: qbittorrent-qui-config-data + trigger: + schedule: 6 11 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qui-config-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/radarr-4k/Cluster-radarr-4k-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/radarr-4k/Cluster-radarr-4k-postgresql-18-cluster.yaml index 7f8e7c3aa..16a412447 100644 --- a/clusters/cl01tl/manifests/radarr-4k/Cluster-radarr-4k-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/Cluster-radarr-4k-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-4k-postgresql-18-cluster namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-config-backup-secret-local.yaml new file mode 100644 index 000000000..c73023112 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: radarr-4k-config-backup-secret-local + namespace: radarr-4k + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-4k + app.kubernetes.io/part-of: radarr-4k + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-4k-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/radarr-4k/radarr-4k-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-backup-garage-local-secret.yaml index 6fea6e65a..eabddfdb1 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-4k-postgresql-18-backup-garage-local-secret namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-4k-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-recovery-secret.yaml index 56db93639..8046a20b4 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ExternalSecret-radarr-4k-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-4k-postgresql-18-recovery-secret namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-4k-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-backup-garage-local.yaml index cab012f55..ad1489604 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-4k-postgresql-18-backup-garage-local namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-4k-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-recovery.yaml index a28be0e6e..03034448b 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ObjectStore-radarr-4k-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-4k-postgresql-18-recovery" namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-4k-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/radarr-4k/PrometheusRule-radarr-4k-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/radarr-4k/PrometheusRule-radarr-4k-postgresql-18-alert-rules.yaml index 9a3de7baa..1567a8ec6 100644 --- a/clusters/cl01tl/manifests/radarr-4k/PrometheusRule-radarr-4k-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/PrometheusRule-radarr-4k-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-4k-postgresql-18-alert-rules namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="radarr-4k"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="radarr-4k"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="radarr-4k"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="radarr-4k"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="radarr-4k"} > cnpg_pg_replication_is_wal_receiver_up{namespace="radarr-4k"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/radarr-4k/ReplicationSource-radarr-4k-config-backup-source-local.yaml b/clusters/cl01tl/manifests/radarr-4k/ReplicationSource-radarr-4k-config-backup-source-local.yaml new file mode 100644 index 000000000..1078b0032 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-4k/ReplicationSource-radarr-4k-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: radarr-4k-config-backup-source-local + namespace: radarr-4k + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-4k + app.kubernetes.io/part-of: radarr-4k + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-4k-config-backup +spec: + sourcePVC: radarr-4k-config + trigger: + schedule: 10 11 * * * + restic: + pruneIntervalDays: 7 + repository: radarr-4k-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml index 27959ab0d..290be038c 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-4k-postgresql-18-scheduled-backup-live-backup" namespace: radarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-4k-postgresql-18 app.kubernetes.io/instance: radarr-4k app.kubernetes.io/part-of: radarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-4k-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/radarr-anime/Cluster-radarr-anime-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/radarr-anime/Cluster-radarr-anime-postgresql-18-cluster.yaml index 980480e9b..ce9d3ae8a 100644 --- a/clusters/cl01tl/manifests/radarr-anime/Cluster-radarr-anime-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/Cluster-radarr-anime-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-anime-postgresql-18-cluster namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-config-backup-secret-local.yaml new file mode 100644 index 000000000..a3e9dd7c4 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: radarr-anime-config-backup-secret-local + namespace: radarr-anime + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-anime + app.kubernetes.io/part-of: radarr-anime + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-anime-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/radarr-anime/radarr-anime-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-backup-garage-local-secret.yaml index fbe9ae506..688dedbd7 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-anime-postgresql-18-backup-garage-local-secret namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-anime-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-recovery-secret.yaml index 68670125a..ff19cb2ac 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ExternalSecret-radarr-anime-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-anime-postgresql-18-recovery-secret namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-anime-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-backup-garage-local.yaml index f95eef74a..e6be3f7f9 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-anime-postgresql-18-backup-garage-local namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-anime-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-recovery.yaml index 80e0a770c..86aed23db 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ObjectStore-radarr-anime-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-anime-postgresql-18-recovery" namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-anime-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/radarr-anime/PrometheusRule-radarr-anime-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/radarr-anime/PrometheusRule-radarr-anime-postgresql-18-alert-rules.yaml index 206375d57..2108623ae 100644 --- a/clusters/cl01tl/manifests/radarr-anime/PrometheusRule-radarr-anime-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/PrometheusRule-radarr-anime-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-anime-postgresql-18-alert-rules namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="radarr-anime"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="radarr-anime"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="radarr-anime"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="radarr-anime"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="radarr-anime"} > cnpg_pg_replication_is_wal_receiver_up{namespace="radarr-anime"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/radarr-anime/ReplicationSource-radarr-anime-config-backup-source-local.yaml b/clusters/cl01tl/manifests/radarr-anime/ReplicationSource-radarr-anime-config-backup-source-local.yaml new file mode 100644 index 000000000..680bd4048 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-anime/ReplicationSource-radarr-anime-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: radarr-anime-config-backup-source-local + namespace: radarr-anime + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-anime + app.kubernetes.io/part-of: radarr-anime + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-anime-config-backup +spec: + sourcePVC: radarr-anime-config + trigger: + schedule: 12 11 * * * + restic: + pruneIntervalDays: 7 + repository: radarr-anime-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml index ba721775f..566df0434 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-anime-postgresql-18-scheduled-backup-live-backup" namespace: radarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-anime-postgresql-18 app.kubernetes.io/instance: radarr-anime app.kubernetes.io/part-of: radarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-anime-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/radarr-standup/Cluster-radarr-standup-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/radarr-standup/Cluster-radarr-standup-postgresql-18-cluster.yaml index 4f8eac377..674bbb9bd 100644 --- a/clusters/cl01tl/manifests/radarr-standup/Cluster-radarr-standup-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/Cluster-radarr-standup-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-standup-postgresql-18-cluster namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-config-backup-secret-local.yaml new file mode 100644 index 000000000..486d6b073 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: radarr-standup-config-backup-secret-local + namespace: radarr-standup + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-standup + app.kubernetes.io/part-of: radarr-standup + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-standup-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/radarr-standup/radarr-standup-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-backup-garage-local-secret.yaml index 6a04ca3d4..a2cbadd83 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-standup-postgresql-18-backup-garage-local-secret namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-standup-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-recovery-secret.yaml index c2d395a8b..85baf318c 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ExternalSecret-radarr-standup-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-standup-postgresql-18-recovery-secret namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-standup-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-backup-garage-local.yaml index 552a341f1..ada3b6ebb 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-standup-postgresql-18-backup-garage-local namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-standup-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-recovery.yaml index 4b9c23fbd..e5f7a36c4 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ObjectStore-radarr-standup-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-standup-postgresql-18-recovery" namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-standup-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/radarr-standup/PrometheusRule-radarr-standup-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/radarr-standup/PrometheusRule-radarr-standup-postgresql-18-alert-rules.yaml index 734604009..5d40c4b82 100644 --- a/clusters/cl01tl/manifests/radarr-standup/PrometheusRule-radarr-standup-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/PrometheusRule-radarr-standup-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-standup-postgresql-18-alert-rules namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="radarr-standup"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="radarr-standup"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="radarr-standup"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="radarr-standup"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="radarr-standup"} > cnpg_pg_replication_is_wal_receiver_up{namespace="radarr-standup"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/radarr-standup/ReplicationSource-radarr-standup-config-backup-source-local.yaml b/clusters/cl01tl/manifests/radarr-standup/ReplicationSource-radarr-standup-config-backup-source-local.yaml new file mode 100644 index 000000000..c07ec50fd --- /dev/null +++ b/clusters/cl01tl/manifests/radarr-standup/ReplicationSource-radarr-standup-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: radarr-standup-config-backup-source-local + namespace: radarr-standup + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr-standup + app.kubernetes.io/part-of: radarr-standup + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-standup-config-backup +spec: + sourcePVC: radarr-standup-config + trigger: + schedule: 14 11 * * * + restic: + pruneIntervalDays: 7 + repository: radarr-standup-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml index 5df173f16..c65185450 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-standup-postgresql-18-scheduled-backup-live-backup" namespace: radarr-standup labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-standup-postgresql-18 app.kubernetes.io/instance: radarr-standup app.kubernetes.io/part-of: radarr-standup - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-standup-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/radarr/Cluster-radarr-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/radarr/Cluster-radarr-postgresql-18-cluster.yaml index 713835ddc..62fdb74b1 100644 --- a/clusters/cl01tl/manifests/radarr/Cluster-radarr-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/radarr/Cluster-radarr-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-postgresql-18-cluster namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..fa01ea8a5 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: radarr-config-backup-secret-local + namespace: radarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr + app.kubernetes.io/part-of: radarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/radarr/radarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-backup-garage-local-secret.yaml index 15ae096e2..2faff78f2 100644 --- a/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-postgresql-18-backup-garage-local-secret namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-recovery-secret.yaml index a55f12d55..2d76432d5 100644 --- a/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/radarr/ExternalSecret-radarr-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-postgresql-18-recovery-secret namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-backup-garage-local.yaml index e858c0fe1..e9a7c45da 100644 --- a/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-postgresql-18-backup-garage-local namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: radarr-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-recovery.yaml index fbcdffc6c..a1f30a53e 100644 --- a/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/radarr/ObjectStore-radarr-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-postgresql-18-recovery" namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/radarr/PrometheusRule-radarr-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/radarr/PrometheusRule-radarr-postgresql-18-alert-rules.yaml index 4785ed0d4..85da84da8 100644 --- a/clusters/cl01tl/manifests/radarr/PrometheusRule-radarr-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/radarr/PrometheusRule-radarr-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: radarr-postgresql-18-alert-rules namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="radarr"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="radarr"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="radarr"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="radarr"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="radarr"} > cnpg_pg_replication_is_wal_receiver_up{namespace="radarr"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/radarr/ReplicationSource-radarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/radarr/ReplicationSource-radarr-config-backup-source-local.yaml new file mode 100644 index 000000000..0fb0a62b0 --- /dev/null +++ b/clusters/cl01tl/manifests/radarr/ReplicationSource-radarr-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: radarr-config-backup-source-local + namespace: radarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: radarr + app.kubernetes.io/part-of: radarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: radarr-config-backup +spec: + sourcePVC: radarr-config + trigger: + schedule: 8 11 * * * + restic: + pruneIntervalDays: 7 + repository: radarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml index 27fa2f197..c577f9852 100644 --- a/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "radarr-postgresql-18-scheduled-backup-live-backup" namespace: radarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: radarr-postgresql-18 app.kubernetes.io/instance: radarr app.kubernetes.io/part-of: radarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "radarr-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/rayflume/ExternalSecret-rayflume-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/rayflume/ExternalSecret-rayflume-data-backup-secret-local.yaml new file mode 100644 index 000000000..463506dd0 --- /dev/null +++ b/clusters/cl01tl/manifests/rayflume/ExternalSecret-rayflume-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: rayflume-data-backup-secret-local + namespace: rayflume + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: rayflume + app.kubernetes.io/part-of: rayflume + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rayflume-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/rayflume/rayflume-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/rayflume/ReplicationSource-rayflume-data-backup-source-local.yaml b/clusters/cl01tl/manifests/rayflume/ReplicationSource-rayflume-data-backup-source-local.yaml new file mode 100644 index 000000000..59cff47b8 --- /dev/null +++ b/clusters/cl01tl/manifests/rayflume/ReplicationSource-rayflume-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: rayflume-data-backup-source-local + namespace: rayflume + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: rayflume + app.kubernetes.io/part-of: rayflume + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rayflume-data-backup +spec: + sourcePVC: rayflume-data + trigger: + schedule: 16 11 * * * + restic: + pruneIntervalDays: 7 + repository: rayflume-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml index 963d2fff2..0446066f6 100644 --- a/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/roundcube/Cluster-roundcube-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: roundcube-postgresql-18-cluster namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-local.yaml new file mode 100644 index 000000000..c341eaf7c --- /dev/null +++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: roundcube-data-backup-secret-local + namespace: roundcube + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: roundcube + app.kubernetes.io/part-of: roundcube + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: roundcube-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/roundcube/roundcube-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml index eebff848f..ebb568495 100644 --- a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: roundcube-postgresql-18-backup-garage-local-secret namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: roundcube-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-recovery-secret.yaml index ae3a3cefa..165dbabc3 100644 --- a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: roundcube-postgresql-18-recovery-secret namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: roundcube-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml index 22f04db6e..babb38806 100644 --- a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: roundcube-postgresql-18-backup-garage-local namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: roundcube-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml index db6a25524..bd060d69b 100644 --- a/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/roundcube/ObjectStore-roundcube-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "roundcube-postgresql-18-recovery" namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "roundcube-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml index ec61ef9bc..4b2d5d47a 100644 --- a/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/roundcube/PrometheusRule-roundcube-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: roundcube-postgresql-18-alert-rules namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="roundcube"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="roundcube"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="roundcube"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="roundcube"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="roundcube"} > cnpg_pg_replication_is_wal_receiver_up{namespace="roundcube"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml new file mode 100644 index 000000000..3a0d3caea --- /dev/null +++ b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: roundcube-data-backup-source-local + namespace: roundcube + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: roundcube + app.kubernetes.io/part-of: roundcube + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: roundcube-data-backup +spec: + sourcePVC: roundcube-data + trigger: + schedule: 16 11 * * * + restic: + pruneIntervalDays: 7 + repository: roundcube-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml index b2dca4002..def8db50a 100644 --- a/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "roundcube-postgresql-18-scheduled-backup-live-backup" namespace: roundcube labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: roundcube-postgresql-18 app.kubernetes.io/instance: roundcube app.kubernetes.io/part-of: roundcube - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "roundcube-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-local.yaml new file mode 100644 index 000000000..77ca67c39 --- /dev/null +++ b/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: searxng-browser-data-backup-secret-local + namespace: searxng + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: searxng + app.kubernetes.io/part-of: searxng + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: searxng-browser-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/searxng/searxng-browser-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml new file mode 100644 index 000000000..0d36bd139 --- /dev/null +++ b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: searxng-browser-data-backup-source-local + namespace: searxng + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: searxng + app.kubernetes.io/part-of: searxng + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: searxng-browser-data-backup +spec: + sourcePVC: searxng-browser-data + trigger: + schedule: 18 11 * * * + restic: + pruneIntervalDays: 7 + repository: searxng-browser-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-local.yaml new file mode 100644 index 000000000..0ced809fb --- /dev/null +++ b/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: seerr-seerr-chart-config-backup-secret-local + namespace: seerr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: seerr + app.kubernetes.io/part-of: seerr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: seerr-seerr-chart-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/seerr/seerr-seerr-chart-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml new file mode 100644 index 000000000..1b660b586 --- /dev/null +++ b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: seerr-seerr-chart-config-backup-source-local + namespace: seerr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: seerr + app.kubernetes.io/part-of: seerr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: seerr-seerr-chart-config-backup +spec: + sourcePVC: seerr-seerr-chart-config + trigger: + schedule: 20 11 * * * + restic: + pruneIntervalDays: 7 + repository: seerr-seerr-chart-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-4k/Cluster-sonarr-4k-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/sonarr-4k/Cluster-sonarr-4k-postgresql-18-cluster.yaml index e07306e6b..8edc562d2 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/Cluster-sonarr-4k-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/Cluster-sonarr-4k-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-4k-postgresql-18-cluster namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-local.yaml new file mode 100644 index 000000000..22ca69266 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-4k-config-backup-secret-local + namespace: sonarr-4k + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr-4k + app.kubernetes.io/part-of: sonarr-4k + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-4k-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr-4k/sonarr-4k-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-backup-garage-local-secret.yaml index 504010588..84ceed56b 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-4k-postgresql-18-backup-garage-local-secret namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-4k-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-recovery-secret.yaml index a53d96658..8249a2366 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-4k-postgresql-18-recovery-secret namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-4k-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-backup-garage-local.yaml index 5464876ac..4b36d0a59 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-4k-postgresql-18-backup-garage-local namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-4k-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-recovery.yaml index fc24de757..fdb9a3ec6 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ObjectStore-sonarr-4k-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-4k-postgresql-18-recovery" namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-4k-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/sonarr-4k/PrometheusRule-sonarr-4k-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/sonarr-4k/PrometheusRule-sonarr-4k-postgresql-18-alert-rules.yaml index ec42bb3f8..63f81ea99 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/PrometheusRule-sonarr-4k-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/PrometheusRule-sonarr-4k-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-4k-postgresql-18-alert-rules namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="sonarr-4k"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="sonarr-4k"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="sonarr-4k"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="sonarr-4k"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="sonarr-4k"} > cnpg_pg_replication_is_wal_receiver_up{namespace="sonarr-4k"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-local.yaml b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-local.yaml new file mode 100644 index 000000000..f98c25e5b --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-4k-config-backup-source-local + namespace: sonarr-4k + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr-4k + app.kubernetes.io/part-of: sonarr-4k + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-4k-config-backup +spec: + sourcePVC: sonarr-4k-config + trigger: + schedule: 24 11 * * * + restic: + pruneIntervalDays: 7 + repository: sonarr-4k-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml index d9974d519..3592d5f49 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-4k-postgresql-18-scheduled-backup-live-backup" namespace: sonarr-4k labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-4k-postgresql-18 app.kubernetes.io/instance: sonarr-4k app.kubernetes.io/part-of: sonarr-4k - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-4k-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/sonarr-anime/Cluster-sonarr-anime-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/sonarr-anime/Cluster-sonarr-anime-postgresql-18-cluster.yaml index 90905b768..50f64986b 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/Cluster-sonarr-anime-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/Cluster-sonarr-anime-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-anime-postgresql-18-cluster namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-local.yaml new file mode 100644 index 000000000..1aba3817c --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-anime-config-backup-secret-local + namespace: sonarr-anime + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr-anime + app.kubernetes.io/part-of: sonarr-anime + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-anime-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr-anime/sonarr-anime-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-backup-garage-local-secret.yaml index feee63f55..2281ef8f6 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-anime-postgresql-18-backup-garage-local-secret namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-anime-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-recovery-secret.yaml index d5e467273..5eb2d36cb 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-anime-postgresql-18-recovery-secret namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-anime-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-backup-garage-local.yaml index 4db7beceb..5aa62487a 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-anime-postgresql-18-backup-garage-local namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-anime-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-recovery.yaml index c386e2bd8..3a223ba44 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ObjectStore-sonarr-anime-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-anime-postgresql-18-recovery" namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-anime-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/sonarr-anime/PrometheusRule-sonarr-anime-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/sonarr-anime/PrometheusRule-sonarr-anime-postgresql-18-alert-rules.yaml index b55f0ba45..1e9d35281 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/PrometheusRule-sonarr-anime-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/PrometheusRule-sonarr-anime-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-anime-postgresql-18-alert-rules namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="sonarr-anime"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="sonarr-anime"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="sonarr-anime"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="sonarr-anime"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="sonarr-anime"} > cnpg_pg_replication_is_wal_receiver_up{namespace="sonarr-anime"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-local.yaml b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-local.yaml new file mode 100644 index 000000000..d4d674445 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-anime-config-backup-source-local + namespace: sonarr-anime + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr-anime + app.kubernetes.io/part-of: sonarr-anime + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-anime-config-backup +spec: + sourcePVC: sonarr-anime-config + trigger: + schedule: 26 11 * * * + restic: + pruneIntervalDays: 7 + repository: sonarr-anime-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml index d88d9075c..74c9b8004 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-anime-postgresql-18-scheduled-backup-live-backup" namespace: sonarr-anime labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-anime-postgresql-18 app.kubernetes.io/instance: sonarr-anime app.kubernetes.io/part-of: sonarr-anime - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-anime-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/sonarr/Cluster-sonarr-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/sonarr/Cluster-sonarr-postgresql-18-cluster.yaml index 98cfc6cb5..52271c49e 100644 --- a/clusters/cl01tl/manifests/sonarr/Cluster-sonarr-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/sonarr/Cluster-sonarr-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-postgresql-18-cluster namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..799b268d6 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-config-backup-secret-local + namespace: sonarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr + app.kubernetes.io/part-of: sonarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr/sonarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-backup-garage-local-secret.yaml index 9abb3831b..b90264ea8 100644 --- a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-postgresql-18-backup-garage-local-secret namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-recovery-secret.yaml index dc9688298..485b00874 100644 --- a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-postgresql-18-recovery-secret namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-backup-garage-local.yaml index 518690d24..a629a826d 100644 --- a/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-postgresql-18-backup-garage-local namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: sonarr-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-recovery.yaml index 0fb07f999..dbe54eb31 100644 --- a/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/sonarr/ObjectStore-sonarr-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-postgresql-18-recovery" namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/sonarr/PrometheusRule-sonarr-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/sonarr/PrometheusRule-sonarr-postgresql-18-alert-rules.yaml index da651ccc2..d0a2c2ecc 100644 --- a/clusters/cl01tl/manifests/sonarr/PrometheusRule-sonarr-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/sonarr/PrometheusRule-sonarr-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: sonarr-postgresql-18-alert-rules namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="sonarr"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="sonarr"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="sonarr"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="sonarr"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="sonarr"} > cnpg_pg_replication_is_wal_receiver_up{namespace="sonarr"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-local.yaml new file mode 100644 index 000000000..b435bdb2a --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-config-backup-source-local + namespace: sonarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: sonarr + app.kubernetes.io/part-of: sonarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-config-backup +spec: + sourcePVC: sonarr-config + trigger: + schedule: 22 11 * * * + restic: + pruneIntervalDays: 7 + repository: sonarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml index 5041e986c..0a91500d8 100644 --- a/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "sonarr-postgresql-18-scheduled-backup-live-backup" namespace: sonarr labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: sonarr-postgresql-18 app.kubernetes.io/instance: sonarr app.kubernetes.io/part-of: sonarr - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "sonarr-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml new file mode 100644 index 000000000..1447b2af2 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-config-backup-secret-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml new file mode 100644 index 000000000..161e54047 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ExternalSecret-soulsync-database-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: soulsync-database-backup-secret-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.7.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/soulsync/soulsync-database" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml new file mode 100644 index 000000000..4fb7773f2 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-config-backup-source-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-config-backup +spec: + sourcePVC: soulsync-config + trigger: + schedule: 28 11 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml new file mode 100644 index 000000000..2b1ba0c91 --- /dev/null +++ b/clusters/cl01tl/manifests/soulsync/ReplicationSource-soulsync-database-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: soulsync-database-backup-source-local + namespace: soulsync + labels: + helm.sh/chart: volsync-target-database-0.7.0 + app.kubernetes.io/instance: soulsync + app.kubernetes.io/part-of: soulsync + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: soulsync-database-backup +spec: + sourcePVC: soulsync-database + trigger: + schedule: 30 11 * * * + restic: + pruneIntervalDays: 7 + repository: soulsync-database-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/stalwart/Cluster-stalwart-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/stalwart/Cluster-stalwart-postgresql-18-cluster.yaml index 7c19b4fe7..0c87dfa3f 100644 --- a/clusters/cl01tl/manifests/stalwart/Cluster-stalwart-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/stalwart/Cluster-stalwart-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: stalwart-postgresql-18-cluster namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-local.yaml new file mode 100644 index 000000000..7f8b2655c --- /dev/null +++ b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: stalwart-config-backup-secret-local + namespace: stalwart + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: stalwart + app.kubernetes.io/part-of: stalwart + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: stalwart-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/stalwart/stalwart-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-backup-garage-local-secret.yaml index aef674532..e7c261455 100644 --- a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-backup-garage-local-secret.yaml +++ b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-backup-garage-local-secret.yaml @@ -4,11 +4,11 @@ metadata: name: stalwart-postgresql-18-backup-garage-local-secret namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: stalwart-postgresql-18-backup-garage-local-secret spec: diff --git a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-recovery-secret.yaml index 9a22b1700..6e31a17d0 100644 --- a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-recovery-secret.yaml +++ b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-postgresql-18-recovery-secret.yaml @@ -4,11 +4,11 @@ metadata: name: stalwart-postgresql-18-recovery-secret namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: stalwart-postgresql-18-recovery-secret spec: diff --git a/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-backup-garage-local.yaml index 59de3760b..4227ca504 100644 --- a/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-backup-garage-local.yaml +++ b/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-backup-garage-local.yaml @@ -4,11 +4,11 @@ metadata: name: stalwart-postgresql-18-backup-garage-local namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: stalwart-postgresql-18-backup-garage-local spec: diff --git a/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-recovery.yaml index ae137a9ca..6184a7829 100644 --- a/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/stalwart/ObjectStore-stalwart-postgresql-18-recovery.yaml @@ -4,11 +4,11 @@ metadata: name: "stalwart-postgresql-18-recovery" namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "stalwart-postgresql-18-recovery" spec: diff --git a/clusters/cl01tl/manifests/stalwart/PrometheusRule-stalwart-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/stalwart/PrometheusRule-stalwart-postgresql-18-alert-rules.yaml index 0d7408ce9..e383cddaa 100644 --- a/clusters/cl01tl/manifests/stalwart/PrometheusRule-stalwart-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/stalwart/PrometheusRule-stalwart-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: stalwart-postgresql-18-alert-rules namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm spec: groups: @@ -21,7 +21,7 @@ spec: Pod {{ $labels.pod }} has been waiting for longer than 5 minutes expr: | - cnpg_backends_waiting_total > 300 + cnpg_backends_waiting_total{namespace="stalwart"} > 300 for: 1m labels: severity: warning @@ -34,7 +34,7 @@ spec: There are over 10 deadlock conflicts in {{ $labels.pod }} expr: | - cnpg_pg_stat_database_deadlocks > 10 + cnpg_pg_stat_database_deadlocks{namespace="stalwart"} > 10 for: 1m labels: severity: warning @@ -151,7 +151,7 @@ spec: CloudNativePG Cluster Pod {{ $labels.pod }} is taking more than 5 minutes (300 seconds) for a query. expr: |- - cnpg_backends_max_tx_duration_seconds > 300 + cnpg_backends_max_tx_duration_seconds{namespace="stalwart"} > 300 for: 1m labels: severity: warning @@ -222,7 +222,7 @@ spec: Over 300,000,000 transactions from frozen xid on pod {{ $labels.pod }} expr: | - cnpg_pg_database_xid_age > 300000000 + cnpg_pg_database_xid_age{namespace="stalwart"} > 300000000 for: 1m labels: severity: warning @@ -247,7 +247,7 @@ spec: Replica {{ $labels.pod }} is failing to replicate expr: | - cnpg_pg_replication_in_recovery > cnpg_pg_replication_is_wal_receiver_up + cnpg_pg_replication_in_recovery{namespace="stalwart"} > cnpg_pg_replication_is_wal_receiver_up{namespace="stalwart"} for: 1m labels: severity: warning diff --git a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml new file mode 100644 index 000000000..b083683e5 --- /dev/null +++ b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: stalwart-config-backup-source-local + namespace: stalwart + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: stalwart + app.kubernetes.io/part-of: stalwart + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: stalwart-config-backup +spec: + sourcePVC: stalwart-config + trigger: + schedule: 32 11 * * * + restic: + pruneIntervalDays: 7 + repository: stalwart-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml index c509a78aa..fc942b833 100644 --- a/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml @@ -4,11 +4,11 @@ metadata: name: "stalwart-postgresql-18-scheduled-backup-live-backup" namespace: stalwart labels: - helm.sh/chart: postgres-18-cluster-7.4.4 + helm.sh/chart: postgres-18-cluster-7.4.5 app.kubernetes.io/name: stalwart-postgresql-18 app.kubernetes.io/instance: stalwart app.kubernetes.io/part-of: stalwart - app.kubernetes.io/version: "7.4.4" + app.kubernetes.io/version: "7.4.5" app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: "stalwart-postgresql-18-scheduled-backup-live-backup" spec: diff --git a/clusters/cl01tl/manifests/tautulli/ExternalSecret-tautulli-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/tautulli/ExternalSecret-tautulli-config-backup-secret-local.yaml new file mode 100644 index 000000000..2be6431cd --- /dev/null +++ b/clusters/cl01tl/manifests/tautulli/ExternalSecret-tautulli-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: tautulli-config-backup-secret-local + namespace: tautulli + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: tautulli + app.kubernetes.io/part-of: tautulli + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tautulli-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/tautulli/tautulli-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/tautulli/ReplicationSource-tautulli-config-backup-source-local.yaml b/clusters/cl01tl/manifests/tautulli/ReplicationSource-tautulli-config-backup-source-local.yaml new file mode 100644 index 000000000..d3fef7d5d --- /dev/null +++ b/clusters/cl01tl/manifests/tautulli/ReplicationSource-tautulli-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: tautulli-config-backup-source-local + namespace: tautulli + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: tautulli + app.kubernetes.io/part-of: tautulli + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tautulli-config-backup +spec: + sourcePVC: tautulli-config + trigger: + schedule: 34 11 * * * + restic: + pruneIntervalDays: 7 + repository: tautulli-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..1d3dd3df6 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: tdarr-config-backup-secret-local + namespace: tdarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/tdarr/tdarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-local.yaml b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-local.yaml new file mode 100644 index 000000000..316d0a469 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: tdarr-server-backup-secret-local + namespace: tdarr + labels: + helm.sh/chart: volsync-target-server-0.7.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-server-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/tdarr/tdarr-server" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml new file mode 100644 index 000000000..b3b4af251 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: tdarr-config-backup-source-local + namespace: tdarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-config-backup +spec: + sourcePVC: tdarr-config + trigger: + schedule: 36 11 * * * + restic: + pruneIntervalDays: 7 + repository: tdarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml new file mode 100644 index 000000000..086eefcd5 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: tdarr-server-backup-source-local + namespace: tdarr + labels: + helm.sh/chart: volsync-target-server-0.7.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-server-backup +spec: + sourcePVC: tdarr-server + trigger: + schedule: 38 11 * * * + restic: + pruneIntervalDays: 7 + repository: tdarr-server-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi