diff --git a/clusters/cl01tl/helm/matrix-synapse/Chart.lock b/clusters/cl01tl/helm/matrix-synapse/Chart.lock index 4f40decfa..4976886e5 100644 --- a/clusters/cl01tl/helm/matrix-synapse/Chart.lock +++ b/clusters/cl01tl/helm/matrix-synapse/Chart.lock @@ -26,5 +26,17 @@ dependencies: - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:c08d2fd5436ca9f0d1b159d6d424ab42d171a967ca97178b2f8dd60de83f9cc9 -generated: "2025-12-15T15:56:54.377467-06:00" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:d7487cc29147c4cc2719ffca559a77a3c9c50abf5087ba34f9557eb36a9302fc +generated: "2025-12-17T10:23:12.737976-06:00" diff --git a/clusters/cl01tl/helm/matrix-synapse/Chart.yaml b/clusters/cl01tl/helm/matrix-synapse/Chart.yaml index 8d0b8c00f..a7180bee0 100644 --- a/clusters/cl01tl/helm/matrix-synapse/Chart.yaml +++ b/clusters/cl01tl/helm/matrix-synapse/Chart.yaml @@ -63,5 +63,21 @@ dependencies: alias: redis-replication-hookshot version: 0.5.0 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-synapse + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-hookshot + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-discord + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-whatsapp + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/matrix.png appVersion: 1.144.0 diff --git a/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml b/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml index b6e5d3cf3..700694445 100644 --- a/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml @@ -245,175 +245,6 @@ spec: metadataPolicy: None property: token ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: matrix-synapse-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/matrix-synapse" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: mautrix-discord-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/mautrix-discord-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: mautrix-whatsapp-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/matrix-synapse/mautrix-whatsapp-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/matrix-synapse/templates/replication-source.yaml b/clusters/cl01tl/helm/matrix-synapse/templates/replication-source.yaml deleted file mode 100644 index 726f60faa..000000000 --- a/clusters/cl01tl/helm/matrix-synapse/templates/replication-source.yaml +++ /dev/null @@ -1,85 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: matrix-synapse-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: matrix-synapse - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: matrix-synapse-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: mautrix-discord-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-discord-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: mautrix-discord - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: mautrix-discord-data-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1337 - runAsGroup: 1337 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - ---- -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: mautrix-whatsapp-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-whatsapp-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: mautrix-whatsapp - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: mautrix-whatsapp-data-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1337 - runAsGroup: 1337 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/helm/matrix-synapse/values.yaml b/clusters/cl01tl/helm/matrix-synapse/values.yaml index 1d1b72428..90fcf7757 100644 --- a/clusters/cl01tl/helm/matrix-synapse/values.yaml +++ b/clusters/cl01tl/helm/matrix-synapse/values.yaml @@ -204,6 +204,7 @@ matrix-hookshot: mountPropagation: None subPath: passkey.pem data: + forceRename: matrix-hookshot storageClass: ceph-block accessMode: ReadWriteOnce size: 500Mi @@ -285,6 +286,7 @@ mautrix-discord: mountPropagation: None subPath: mautrix-discord-registration.yaml data: + forceRename: mautrix-discord storageClass: ceph-block accessMode: ReadWriteOnce size: 500Mi @@ -369,6 +371,7 @@ mautrix-whatsapp: mountPropagation: None subPath: mautrix-whatsapp-registration.yaml data: + forceRename: mautrix-whatsapp storageClass: ceph-block accessMode: ReadWriteOnce size: 500Mi @@ -473,3 +476,17 @@ redis-replication-hookshot: redisSentinel: enabled: true clusterSize: 3 +volsync-target-synapse: + pvcTarget: matrix-synapse +volsync-target-hookshot: + pvcTarget: matrix-hookshot +volsync-target-discord: + pvcTarget: mautrix-discord + moverSecurityContext: + runAsUser: 1337 + runAsGroup: 1337 +volsync-target-whatsapp: + pvcTarget: mautrix-whatsapp + moverSecurityContext: + runAsUser: 1337 + runAsGroup: 1337