diff --git a/clusters/cl01tl/helm/booklore/Chart.lock b/clusters/cl01tl/helm/booklore/Chart.lock index 9e035c079..bd8250d30 100644 --- a/clusters/cl01tl/helm/booklore/Chart.lock +++ b/clusters/cl01tl/helm/booklore/Chart.lock @@ -5,5 +5,11 @@ dependencies: - name: mariadb-cluster repository: https://helm.mariadb.com/mariadb-operator version: 25.10.2 -digest: sha256:58d978bd46c61285b06acc6d9a40404d8059f2df7b953dea13c528b35350d0a8 -generated: "2025-12-05T17:03:15.7199669Z" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:6981b2c060c19bac6517578bd9b5b11a300a4deb431110bf90da317237a4a252 +generated: "2025-12-15T19:15:49.886575-06:00" diff --git a/clusters/cl01tl/helm/booklore/Chart.yaml b/clusters/cl01tl/helm/booklore/Chart.yaml index a02e2a480..11ce600d3 100644 --- a/clusters/cl01tl/helm/booklore/Chart.yaml +++ b/clusters/cl01tl/helm/booklore/Chart.yaml @@ -20,5 +20,13 @@ dependencies: - name: mariadb-cluster version: 25.10.2 repository: https://helm.mariadb.com/mariadb-operator + - name: volsync-target + alias: volsync-target-config + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-data + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png appVersion: v1.13.2 diff --git a/clusters/cl01tl/helm/booklore/templates/external-secret.yaml b/clusters/cl01tl/helm/booklore/templates/external-secret.yaml index bae429731..126039e95 100644 --- a/clusters/cl01tl/helm/booklore/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/booklore/templates/external-secret.yaml @@ -43,234 +43,6 @@ spec: metadataPolicy: None property: psk.txt ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: booklore-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: booklore-data-backup-secret-local - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-secret-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: booklore-data-backup-secret-remote - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-secret-remote - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: booklore-data-backup-secret-external - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-secret-external - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/booklore/booklore-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/booklore/templates/replication-source.yaml b/clusters/cl01tl/helm/booklore/templates/replication-source.yaml index e7d891619..b14fcfbb6 100644 --- a/clusters/cl01tl/helm/booklore/templates/replication-source.yaml +++ b/clusters/cl01tl/helm/booklore/templates/replication-source.yaml @@ -15,115 +15,3 @@ spec: keySecret: booklore-data-replication-secret address: volsync-rsync-tls-dst-booklore-data-replication-destination copyMethod: Snapshot - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: booklore-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: booklore-config - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: booklore-config-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 10Gi - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: booklore-data-backup-source-local - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-source-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: booklore-data - trigger: - schedule: 0 2 * * * - restic: - pruneIntervalDays: 7 - repository: booklore-data-backup-secret-local - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 10Gi - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: booklore-data-backup-source-remote - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-source-remote - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: booklore-data - trigger: - schedule: 0 3 * * * - restic: - pruneIntervalDays: 7 - repository: booklore-data-backup-secret-remote - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 10Gi - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: booklore-data-backup-source-external - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: booklore-data-backup-source-external - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: booklore-data - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: booklore-data-backup-secret-external - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 10Gi diff --git a/clusters/cl01tl/helm/booklore/values.yaml b/clusters/cl01tl/helm/booklore/values.yaml index 92cf50240..97d4763f1 100644 --- a/clusters/cl01tl/helm/booklore/values.yaml +++ b/clusters/cl01tl/helm/booklore/values.yaml @@ -41,6 +41,7 @@ booklore: protocol: HTTP persistence: config: + forceRename: booklore-config storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi @@ -51,6 +52,7 @@ booklore: - path: /app/data readOnly: false data: + forceRename: booklore-data storageClass: ceph-block accessMode: ReadWriteOnce size: 10Gi @@ -153,3 +155,16 @@ mariadb-cluster: secretAccessKeySecretKeyRef: name: booklore-mariadb-cluster-backup-secret-garage key: secret +volsync-target-config: + pvcTarget: booklore-config +volsync-target-data: + pvcTarget: booklore-data + local: + restic: + cacheCapacity: 10Gi + remote: + restic: + cacheCapacity: 10Gi + external: + restic: + cacheCapacity: 10Gi