alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity

feat: remove external backup
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 22s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 45s
Details
render-manifests / render-manifests (pull_request) Successful in 2m3s
Details

Browse Source
This commit is contained in:
Alex Lebens
2026-05-08 17:11:00 -05:00
parent 2b017c37f5
commit 4c70291eba
3 changed files with 0 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
clusters/cl01tl/helm/vault/templates/external-secret.yaml
View File

@@ -77,25 +77,6 @@ spec:
key: /garage/home-infra/vault-backups key: /garage/home-infra/vault-backups
property: BUCKET_PATH property: BUCKET_PATH
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: vault-backup-external-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: vault-backup-external-config
{{- include "custom.labels" . | nindent 4 }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: openbao
data:
- secretKey: BUCKET
remoteRef:
key: /digital-ocean/home-infra/vault-backups
property: BUCKET_PATH
--- ---
apiVersion: external-secrets.io/v1 apiVersion: external-secrets.io/v1
kind: ExternalSecret kind: ExternalSecret

20
clusters/cl01tl/helm/vault/templates/secret-provider-class.yaml
View File

@@ -36,23 +36,3 @@ spec:
fileName: .s3cfg fileName: .s3cfg
secretPath: secret/data/garage/home-infra/vault-backups secretPath: secret/data/garage/home-infra/vault-backups
secretKey: s3cfg-remote secretKey: s3cfg-remote
---
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: vault-backup-external-config
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: vault-backup-external-config
{{- include "custom.labels" . | nindent 4 }}
spec:
provider: openbao
parameters:
baoAddress: "http://openbao-internal.openbao:8200"
roleName: vault
objects: |
- objectName: .s3cfg
fileName: .s3cfg
secretPath: secret/data/digital-ocean/home-infra/vault-backups
secretKey: s3cfg

20
clusters/cl01tl/helm/vault/values.yaml
View File

@@ -166,26 +166,6 @@ snapshot:
key: BUCKET key: BUCKET
- name: TARGET - name: TARGET
value: Remote value: Remote
s3-backup-external:
image:
repository: d3fk/s3cmd
tag: latest@sha256:d66cc5677b30b31a7981f9fde0af064a9072e8b8a57d5e9b4cc02f44f02acbf2
command:
- /bin/sh
args:
- -ec
- /scripts/backup.sh
envFrom:
- secretRef:
name: vault-ntfy-config
env:
- name: BUCKET
valueFrom:
secretKeyRef:
name: vault-backup-external-config
key: BUCKET
- name: TARGET
value: External
persistence: persistence:
snapshot-script: snapshot-script:
enabled: true enabled: true