enable backups

clusters/cl01tl/storage/pgadmin/templates/external-secret.yaml

@@ -61,61 +61,61 @@ spec:
         metadataPolicy: None
         property: PGADMIN_CONFIG_OAUTH2_CONFIG
 
-# ---
-# apiVersion: external-secrets.io/v1beta1
-# kind: ExternalSecret
-# metadata:
-#   name: pgadmin-data-backup-secret
-#   namespace: {{ .Release.Namespace }}
-#   labels:
-#     app.kubernetes.io/name: pgadmin-data-backup-secret
-#     app.kubernetes.io/instance: {{ .Release.Name }}
-#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
-#     app.kubernetes.io/component: backup
-#     app.kubernetes.io/part-of: {{ .Release.Name }}
-# spec:
-#   secretStoreRef:
-#     kind: ClusterSecretStore
-#     name: vault
-#   target:
-#     template:
-#       mergePolicy: Merge
-#       engineVersion: v2
-#       data:
-#         RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/pgadmin/pgadmin-data"
-#   data:
-#     - secretKey: BUCKET_ENDPOINT
-#       remoteRef:
-#         conversionStrategy: Default
-#         decodingStrategy: None
-#         key: /cl01tl/volsync/restic/config
-#         metadataPolicy: None
-#         property: S3_BUCKET_ENDPOINT
-#     - secretKey: RESTIC_PASSWORD
-#       remoteRef:
-#         conversionStrategy: Default
-#         decodingStrategy: None
-#         key: /cl01tl/volsync/restic/config
-#         metadataPolicy: None
-#         property: RESTIC_PASSWORD
-#     - secretKey: AWS_DEFAULT_REGION
-#       remoteRef:
-#         conversionStrategy: Default
-#         decodingStrategy: None
-#         key: /cl01tl/volsync/restic/config
-#         metadataPolicy: None
-#         property: AWS_DEFAULT_REGION
-#     - secretKey: AWS_ACCESS_KEY_ID
-#       remoteRef:
-#         conversionStrategy: Default
-#         decodingStrategy: None
-#         key: /digital-ocean/home-infra/volsync-backups
-#         metadataPolicy: None
-#         property: access_key
-#     - secretKey: AWS_SECRET_ACCESS_KEY
-#       remoteRef:
-#         conversionStrategy: Default
-#         decodingStrategy: None
-#         key: /digital-ocean/home-infra/volsync-backups
-#         metadataPolicy: None
-#         property: secret_key
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: pgadmin-data-backup-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: pgadmin-data-backup-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: backup
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  target:
+    template:
+      mergePolicy: Merge
+      engineVersion: v2
+      data:
+        RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/pgadmin/pgadmin-data"
+  data:
+    - secretKey: BUCKET_ENDPOINT
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/volsync/restic/config
+        metadataPolicy: None
+        property: S3_BUCKET_ENDPOINT
+    - secretKey: RESTIC_PASSWORD
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/volsync/restic/config
+        metadataPolicy: None
+        property: RESTIC_PASSWORD
+    - secretKey: AWS_DEFAULT_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cl01tl/volsync/restic/config
+        metadataPolicy: None
+        property: AWS_DEFAULT_REGION
+    - secretKey: AWS_ACCESS_KEY_ID
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /digital-ocean/home-infra/volsync-backups
+        metadataPolicy: None
+        property: access_key
+    - secretKey: AWS_SECRET_ACCESS_KEY
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /digital-ocean/home-infra/volsync-backups
+        metadataPolicy: None
+        property: secret_key

clusters/cl01tl/storage/pgadmin/templates/replication-source.yaml

@@ -1,30 +1,30 @@
-# apiVersion: volsync.backube/v1alpha1
-# kind: ReplicationSource
-# metadata:
-#   name: pgadmin-data-backup-source
-#   namespace: {{ .Release.Namespace }}
-#   labels:
-#     app.kubernetes.io/name: pgadmin-data-backup-source
-#     app.kubernetes.io/instance: {{ .Release.Name }}
-#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
-#     app.kubernetes.io/component: backup
-#     app.kubernetes.io/part-of: {{ .Release.Name }}
-# spec:
-#   sourcePVC: pgadmin-data
-#   trigger:
-#     schedule: 0 0 */3 * *
-#   restic:
-#     pruneIntervalDays: 14
-#     repository: pgadmin-data-backup-secret
-#     retain:
-#       hourly: 1
-#       daily: 1
-#       weekly: 1
-#       monthly: 2
-#       yearly: 4
-#     moverSecurityContext:
-#       runAsUser: 5050
-#       runAsGroup: 5050
-#     copyMethod: Snapshot
-#     storageClassName: ceph-block
-#     volumeSnapshotClassName: ceph-blockpool-snapshot
+apiVersion: volsync.backube/v1alpha1
+kind: ReplicationSource
+metadata:
+  name: pgadmin-data-backup-source
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: pgadmin-data-backup-source
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: backup
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  sourcePVC: pgadmin-data
+  trigger:
+    schedule: 0 4 * * *
+  restic:
+    pruneIntervalDays: 7
+    repository: pgadmin-data-backup-secret
+    retain:
+      hourly: 1
+      daily: 3
+      weekly: 2
+      monthly: 2
+      yearly: 4
+    moverSecurityContext:
+      runAsUser: 5050
+      runAsGroup: 5050
+    copyMethod: Snapshot
+    storageClassName: ceph-block
+    volumeSnapshotClassName: ceph-blockpool-snapshot