alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions 2 Activity

update config
All checks were successful
lint-test-helm / helm-lint (push) Successful in 22s
Details
renovate / renovate (push) Successful in 1m3s
Details

Browse Source
This commit is contained in:
Alex Lebens
2025-07-08 17:56:25 -05:00
parent 0944149ee2
commit 752f67f052
2 changed files with 23 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
clusters/cl01tl/platform/gitea/templates/external-secret.yaml
View File

@@ -168,43 +168,6 @@ spec:
metadataPolicy: None
property: id_rsa.pub
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: gitea-backup-s3
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: gitea-backup-s3
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/gitea-backup
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/gitea-backup
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY
- secretKey: S3_REPOSITORY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/gitea-backup
metadataPolicy: None
property: S3_REPOSITORY
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
@@ -224,9 +187,16 @@ spec:
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/gitea/backup
key: /digital-ocean/home-infra/gitea-backup
metadataPolicy: None
property: s3cfg
- secretKey: BUCKET
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/gitea-backup
metadataPolicy: None
property: BUCKET
---
apiVersion: external-secrets.io/v1

24
clusters/cl01tl/platform/gitea/values.yaml
View File

@@ -200,12 +200,15 @@ backup:
- -ec
- |
echo ">> Running S3 backup for Gitea"
s3cmd put --no-check-md5 --no-check-certificate -v /opt/backup/gitea-backup.zip ${S3_REPOSITORY}/gitea-backup-$(date +"%Y%m%d-%H-%M").zip;
s3cmd put --no-check-md5 --no-check-certificate -v /opt/backup/gitea-backup.zip ${BUCKET}/cl01tl/gitea-backup-$(date +"%Y%m%d-%H-%M").zip;
mv /opt/backup/gitea-backup.zip /opt/backup/gitea-backup-$(date +"%Y%m%d-%H-%M").zip;
echo ">> Completed S3 backup for Gitea"
envFrom:
- secretRef:
name: gitea-backup-s3
env:
- name: BUCKET
valueFrom:
secretKeyRef:
name: gitea-s3cmd-config
key: BUCKET
resources:
requests:
cpu: 100m
@@ -226,18 +229,21 @@ backup:
echo ">> Running S3 prune for Gitea backup repository"
echo ">> Backups prior to '$TIME_RANGE' will be removed"
echo ">> File list:"
s3cmd ls -v $S3_REPOSITORY
s3cmd ls -v ${BUCKET}/cl01tl/
echo ">> Deleting ..."
s3cmd ls -v $S3_REPOSITORY |
s3cmd ls -v ${BUCKET}/cl01tl/ |
awk -v time_range="$TIME_RANGE" '$1 < time_range {print $4}' |
while read file;
do s3cmd del -v "$file";
echo ">> Deleted $file";
done;
echo ">> Completed S3 prune for Gitea backup repository"
envFrom:
- secretRef:
name: gitea-backup-s3
env:
- name: BUCKET
valueFrom:
secretKeyRef:
name: gitea-s3cmd-config
key: BUCKET
resources:
requests:
cpu: 100m