diff --git a/clusters/cl01tl/helm/rclone/Chart.lock b/clusters/cl01tl/helm/rclone/Chart.lock new file mode 100644 index 000000000..3b95c2bce --- /dev/null +++ b/clusters/cl01tl/helm/rclone/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: app-template + repository: https://bjw-s-labs.github.io/helm-charts/ + version: 4.6.2 +digest: sha256:8ed5a7025cbfee661770c4f525b6e1376f412114a7ab88cea1ab1de538eea500 +generated: "2026-03-11T18:19:57.681245-05:00" diff --git a/clusters/cl01tl/helm/rclone/Chart.yaml b/clusters/cl01tl/helm/rclone/Chart.yaml new file mode 100644 index 000000000..f3215143f --- /dev/null +++ b/clusters/cl01tl/helm/rclone/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: rclone +version: 1.0.0 +description: Rclone +keywords: + - rclone + - job + - kubernetes +home: https://wiki.alexlebens.dev/s/ +sources: + - https://github.com/rclone/rclone + - https://hub.docker.com/r/rclone/rclone + - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template +maintainers: + - name: alexlebens +dependencies: + - name: app-template + alias: rclone + repository: https://bjw-s-labs.github.io/helm-charts/ + version: 4.6.2 +icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/rclone.webp +# renovate: datasource=github-releases depName=rclone/rclone +appVersion: v1.73.2 diff --git a/clusters/cl01tl/helm/rclone/templates/external-secret.yaml b/clusters/cl01tl/helm/rclone/templates/external-secret.yaml new file mode 100644 index 000000000..d094b8723 --- /dev/null +++ b/clusters/cl01tl/helm/rclone/templates/external-secret.yaml @@ -0,0 +1,49 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: garage-directus-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: garage-directus-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/directus-assets + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/directus-assets + metadataPolicy: None + property: ACCESS_REGION + - secretKey: ACCESS_SECRET_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/directus-assets + metadataPolicy: None + property: ACCESS_SECRET_KEY + - secretKey: SRC_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/config/local + metadataPolicy: None + property: ENDPOINT + - secretKey: DEST_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/config/remote + metadataPolicy: None + property: ENDPOINT diff --git a/clusters/cl01tl/helm/rclone/values.yaml b/clusters/cl01tl/helm/rclone/values.yaml new file mode 100644 index 000000000..69820ee66 --- /dev/null +++ b/clusters/cl01tl/helm/rclone/values.yaml @@ -0,0 +1,85 @@ +rclone: + controllers: + directus-assets: + type: cronjob + cronjob: + suspend: false + concurrencyPolicy: Forbid + timeZone: US/Central + schedule: "0 0 6 * *" + startingDeadlineSeconds: 90 + successfulJobsHistory: 1 + failedJobsHistory: 1 + backoffLimit: 3 + parallelism: 1 + containers: + main: + image: + repository: rclone/rclone + tag: 1.73.2 + pullPolicy: IfNotPresent + args: + - sync + - src:directus-assets + - dest:directus-assets + - --s3-no-check-bucket + - --verbose + env: + - name: RCLONE_S3_PROVIDER + value: Other + - name: RCLONE_CONFIG_SRC_TYPE + value: s3 + - name: RCLONE_CONFIG_SRC_PROVIDER + value: Other + - name: RCLONE_CONFIG_SRC_ENV_AUTH + value: false + - name: RCLONE_CONFIG_SRC_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_KEY_ID + - name: RCLONE_CONFIG_SRC_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_SECRET_KEY + - name: RCLONE_CONFIG_SRC_REGION + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_REGION + - name: RCLONE_CONFIG_SRC_ENDPOINT + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: SRC_ENDPOINT + - name: RCLONE_CONFIG_SRC_S3_FORCE_PATH_STYLE + value: true + - name: RCLONE_CONFIG_DEST_TYPE + value: s3 + - name: RCLONE_CONFIG_DEST_PROVIDER + value: Other + - name: RCLONE_CONFIG_DEST_ENV_AUTH + value: false + - name: RCLONE_CONFIG_DEST_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_KEY_ID + - name: RCLONE_CONFIG_DEST_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_SECRET_KEY + - name: RCLONE_CONFIG_DEST_REGION + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: ACCESS_REGION + - name: RCLONE_CONFIG_DEST_ENDPOINT + valueFrom: + secretKeyRef: + name: garage-directus-secret + key: DEST_ENDPOINT + - name: RCLONE_CONFIG_SRC_S3_FORCE_PATH_STYLE + value: true