Merge pull request 'tmp/talos-7' (#6719) from tmp/talos-7 into main

Reviewed-on: #6719

clusters/cl01tl/helm/talos/templates/secret-provider-class.yaml

@@ -54,7 +54,7 @@ spec:
     objects: |
       - objectName: .s3cfg
         fileName: .s3cfg
-        secretPath: secret/data/digital-ocean/home-infra/talos-backups
+        secretPath: secret/data/backblaze/home-infra/talos-backups
         secretKey: s3cfg
 
 ---

clusters/cl01tl/helm/vault/templates/external-secret.yaml

@@ -77,25 +77,6 @@ spec:
         key: /garage/home-infra/vault-backups
         property: BUCKET_PATH
 
----
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: vault-backup-external-config
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: vault-backup-external-config
-    {{- include "custom.labels" . | nindent 4 }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: openbao
-  data:
-    - secretKey: BUCKET
-      remoteRef:
-        key: /digital-ocean/home-infra/vault-backups
-        property: BUCKET_PATH
-
 ---
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret

clusters/cl01tl/helm/vault/templates/secret-provider-class.yaml

@@ -36,23 +36,3 @@ spec:
         fileName: .s3cfg
         secretPath: secret/data/garage/home-infra/vault-backups
         secretKey: s3cfg-remote
-
----
-apiVersion: secrets-store.csi.x-k8s.io/v1
-kind: SecretProviderClass
-metadata:
-  name: vault-backup-external-config
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: vault-backup-external-config
-    {{- include "custom.labels" . | nindent 4 }}
-spec:
-  provider: openbao
-  parameters:
-    baoAddress: "http://openbao-internal.openbao:8200"
-    roleName: vault
-    objects: |
-      - objectName: .s3cfg
-        fileName: .s3cfg
-        secretPath: secret/data/digital-ocean/home-infra/vault-backups
-        secretKey: s3cfg

clusters/cl01tl/helm/vault/values.yaml

@@ -166,26 +166,6 @@ snapshot:
                   key: BUCKET
             - name: TARGET
               value: Remote
-        s3-backup-external:
-          image:
-            repository: d3fk/s3cmd
-            tag: latest@sha256:d66cc5677b30b31a7981f9fde0af064a9072e8b8a57d5e9b4cc02f44f02acbf2
-          command:
-            - /bin/sh
-          args:
-            - -ec
-            - /scripts/backup.sh
-          envFrom:
-            - secretRef:
-                name: vault-ntfy-config
-          env:
-            - name: BUCKET
-              valueFrom:
-                secretKeyRef:
-                  name: vault-backup-external-config
-                  key: BUCKET
-            - name: TARGET
-              value: External
   persistence:
     snapshot-script:
       enabled: true