diff --git a/clusters/cl01tl/helm/gitea/Chart.lock b/clusters/cl01tl/helm/gitea/Chart.lock index 1629068ae..1d60ddf69 100644 --- a/clusters/cl01tl/helm/gitea/Chart.lock +++ b/clusters/cl01tl/helm/gitea/Chart.lock @@ -5,9 +5,6 @@ dependencies: - name: gitea-actions repository: oci://harbor.alexlebens.net/helm-charts version: 0.2.1 -- name: app-template - repository: https://bjw-s-labs.github.io/helm-charts/ - version: 4.5.0 - name: meilisearch repository: https://meilisearch.github.io/meilisearch-kubernetes version: 0.18.0 @@ -23,5 +20,8 @@ dependencies: - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:e19321e491e25ccf17b9efadd4bdf9320efab133eae4bb8110730a4e42861ad7 -generated: "2025-12-15T15:30:49.152984-06:00" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:686bad050b4830fdc04ea00c06fa82f4251fda3add5e413a875cc48195c1628e +generated: "2025-12-15T22:48:29.959439-06:00" diff --git a/clusters/cl01tl/helm/gitea/Chart.yaml b/clusters/cl01tl/helm/gitea/Chart.yaml index 7480aeee0..2ba7302ba 100644 --- a/clusters/cl01tl/helm/gitea/Chart.yaml +++ b/clusters/cl01tl/helm/gitea/Chart.yaml @@ -31,10 +31,6 @@ dependencies: - name: gitea-actions repository: oci://harbor.alexlebens.net/helm-charts version: 0.2.1 - - name: app-template - alias: backup - repository: https://bjw-s-labs.github.io/helm-charts/ - version: 4.5.0 - name: meilisearch version: 0.18.0 repository: https://meilisearch.github.io/meilisearch-kubernetes @@ -54,5 +50,9 @@ dependencies: alias: redis-replication-renovate version: 0.5.0 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-storage + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/gitea.png appVersion: 1.25.2 diff --git a/clusters/cl01tl/helm/gitea/templates/external-secret.yaml b/clusters/cl01tl/helm/gitea/templates/external-secret.yaml index 35a40b8b0..4da9f8980 100644 --- a/clusters/cl01tl/helm/gitea/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/gitea/templates/external-secret.yaml @@ -168,36 +168,6 @@ spec: metadataPolicy: None property: id_rsa.pub ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: gitea-s3cmd-config - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-s3cmd-config - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: .s3cfg - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/gitea-backup - metadataPolicy: None - property: s3cfg - - secretKey: BUCKET - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/gitea-backup - metadataPolicy: None - property: BUCKET - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml b/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml index b4350a08f..635119e18 100644 --- a/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/helm/gitea/templates/persistent-volume-claim.yaml @@ -1,24 +1,5 @@ apiVersion: v1 kind: PersistentVolumeClaim -metadata: - name: gitea-nfs-storage-backup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-nfs-storage-backup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - volumeMode: Filesystem - storageClassName: nfs-client - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - ---- -apiVersion: v1 -kind: PersistentVolumeClaim metadata: name: gitea-themes-storage namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/gitea/templates/role-binding.yaml b/clusters/cl01tl/helm/gitea/templates/role-binding.yaml deleted file mode 100644 index 8d08e52a7..000000000 --- a/clusters/cl01tl/helm/gitea/templates/role-binding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: gitea-backup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-backup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: gitea-backup -subjects: - - kind: ServiceAccount - name: gitea-backup - namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/gitea/templates/role.yaml b/clusters/cl01tl/helm/gitea/templates/role.yaml deleted file mode 100644 index 073f24301..000000000 --- a/clusters/cl01tl/helm/gitea/templates/role.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: gitea-backup - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: gitea-backup - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -rules: - - apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - list - - apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list diff --git a/clusters/cl01tl/helm/gitea/values.yaml b/clusters/cl01tl/helm/gitea/values.yaml index 1037c2ce6..bab505613 100644 --- a/clusters/cl01tl/helm/gitea/values.yaml +++ b/clusters/cl01tl/helm/gitea/values.yaml @@ -171,133 +171,6 @@ gitea-actions: existingSecret: gitea-runner-secret existingSecretKey: token giteaRootURL: http://gitea-http.gitea:3000 -backup: - global: - nameOverride: gitea-backup - fullnameOverride: gitea-backup - controllers: - backup: - type: cronjob - cronjob: - suspend: false - concurrencyPolicy: Forbid - timeZone: US/Central - schedule: 0 4 */2 * * - startingDeadlineSeconds: 90 - successfulJobsHistory: 3 - failedJobsHistory: 3 - backoffLimit: 3 - parallelism: 1 - serviceAccount: - name: gitea-backup - pod: - automountServiceAccountToken: true - labels: - app.kubernetes.io/instance: gitea-backup - app.kubernetes.io/name: gitea-backup - initContainers: - backup: - image: - repository: bitnami/kubectl - tag: latest - pullPolicy: IfNotPresent - command: - - sh - args: - - -ec - - | - kubectl exec -it deploy/gitea -n gitea -- rm -f /opt/backup/gitea-backup.zip; - kubectl exec -it deploy/gitea -n gitea -- /app/gitea/gitea dump -c /data/gitea/conf/app.ini --file /opt/backup/gitea-backup.zip; - resources: - requests: - cpu: 100m - memory: 128Mi - containers: - s3-backup: - image: - repository: d3fk/s3cmd - tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc - pullPolicy: IfNotPresent - command: - - /bin/sh - args: - - -ec - - | - echo ">> Running S3 backup for Gitea" - s3cmd put --no-check-md5 --no-check-certificate -v /opt/backup/gitea-backup.zip ${BUCKET}/cl01tl/gitea-backup-$(date +"%Y%m%d-%H-%M").zip; - mv /opt/backup/gitea-backup.zip /opt/backup/gitea-backup-$(date +"%Y%m%d-%H-%M").zip; - echo ">> Completed S3 backup for Gitea" - env: - - name: BUCKET - valueFrom: - secretKeyRef: - name: gitea-s3cmd-config - key: BUCKET - resources: - requests: - cpu: 100m - memory: 128Mi - s3-prune: - image: - repository: d3fk/s3cmd - tag: latest@sha256:a4ef406e37628ee56e608b1567aeb0345e51142f56741b715322111be3b6ebcc - pullPolicy: IfNotPresent - command: - - /bin/sh - args: - - -ec - - | - export DATE_RANGE=$(date -d @$(( $(date +%s) - 604800 )) +%Y%m%d); - export FILE_MATCH="$BUCKET/cl01tl/gitea-backup-$DATE_RANGE-09-00.zip" - echo ">> Running S3 prune for Gitea backup repository" - echo ">> Backups prior to '$DATE_RANGE' will be removed" - echo ">> Backups to be removed:" - s3cmd ls ${BUCKET}/cl01tl/ | - awk -v file_match="$FILE_MATCH" '$4 < file_match {print $4}' - echo ">> Deleting ..." - s3cmd ls ${BUCKET}/cl01tl/ | - awk -v file_match="$FILE_MATCH" '$4 < file_match {print $4}' | - while read file; do - s3cmd del "$file"; - done; - echo ">> Completed S3 prune for Gitea backup repository" - env: - - name: BUCKET - valueFrom: - secretKeyRef: - name: gitea-s3cmd-config - key: BUCKET - resources: - requests: - cpu: 100m - memory: 128Mi - serviceAccount: - gitea-backup: - enabled: true - persistence: - config: - existingClaim: gitea-nfs-storage-backup - advancedMounts: - backup: - s3-backup: - - path: /opt/backup - readOnly: false - s3cmd-config: - enabled: true - type: secret - name: gitea-s3cmd-config - advancedMounts: - backup: - s3-backup: - - path: /root/.s3cfg - readOnly: true - mountPropagation: None - subPath: .s3cfg - s3-prune: - - path: /root/.s3cfg - readOnly: true - mountPropagation: None - subPath: .s3cfg meilisearch: environment: MEILI_NO_ANALYTICS: true @@ -405,3 +278,24 @@ redis-replication-renovate: clusterSize: 1 redisSentinel: enabled: false +volsync-target-storage: + pvcTarget: gitea-shared-storage + local: + enabled: true + schedule: 0 0 0 * * * + restic: + pruneIntervalDays: 3 + retain: + hourly: 1 + daily: 1 + weekly: 3 + monthly: 0 + yearly: 0 + copyMethod: Snapshot + storageClassName: ceph-filesystem + volumeSnapshotClassName: ceph-filesystem + cacheCapacity: 40Gi + external: + enabled: false + remote: + enabled: false