diff --git a/clusters/cl01tl/applications/freshrss/templates/external-secret.yaml b/clusters/cl01tl/applications/freshrss/templates/external-secret.yaml index 72208f337..c604c9e81 100644 --- a/clusters/cl01tl/applications/freshrss/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/freshrss/templates/external-secret.yaml @@ -185,10 +185,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: freshrss-postgresql-17-cluster-backup-secret-weekly + name: freshrss-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: freshrss-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -210,3 +210,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/freshrss/values.yaml b/clusters/cl01tl/applications/freshrss/values.yaml index 7d453919a..e4bf53e1a 100644 --- a/clusters/cl01tl/applications/freshrss/values.yaml +++ b/clusters/cl01tl/applications/freshrss/values.yaml @@ -207,7 +207,8 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster + destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 index: 1 backup: objectStore: @@ -215,12 +216,20 @@ postgres-17-cluster: destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/freshrss/freshrss-postgresql-17-cluster index: 1 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/freshrss/freshrss-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: freshrss-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -230,7 +239,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 2 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/immich/templates/external-secrets.yaml b/clusters/cl01tl/applications/immich/templates/external-secrets.yaml index 1aaf92389..e400b550b 100644 --- a/clusters/cl01tl/applications/immich/templates/external-secrets.yaml +++ b/clusters/cl01tl/applications/immich/templates/external-secrets.yaml @@ -54,10 +54,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: immich-postgresql-17-cluster-backup-secret-weekly + name: immich-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: immich-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -79,3 +79,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/immich/values.yaml b/clusters/cl01tl/applications/immich/values.yaml index 546729ceb..35b483217 100644 --- a/clusters/cl01tl/applications/immich/values.yaml +++ b/clusters/cl01tl/applications/immich/values.yaml @@ -216,20 +216,29 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster - index: 2 + destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 + index: 1 backup: objectStore: - name: external destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/immich/immich-postgresql-17-cluster index: 2 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/immich/immich-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: immich-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: immich-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -239,7 +248,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 4 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/jellystat/templates/external-secret.yaml b/clusters/cl01tl/applications/jellystat/templates/external-secret.yaml index 1588f1b86..71f3821bb 100644 --- a/clusters/cl01tl/applications/jellystat/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/jellystat/templates/external-secret.yaml @@ -125,10 +125,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: jellystat-postgresql-17-cluster-backup-secret-weekly + name: jellystat-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: jellystat-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -150,3 +150,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/jellystat/values.yaml b/clusters/cl01tl/applications/jellystat/values.yaml index 8801e74c0..5099979b5 100644 --- a/clusters/cl01tl/applications/jellystat/values.yaml +++ b/clusters/cl01tl/applications/jellystat/values.yaml @@ -92,7 +92,8 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster + destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 index: 1 backup: objectStore: @@ -100,12 +101,20 @@ postgres-17-cluster: destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/jellystat/jellystat-postgresql-17-cluster index: 1 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/jellystat/jellystat-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: jellystat-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -115,7 +124,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 6 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/lidarr/templates/external-secret.yaml b/clusters/cl01tl/applications/lidarr/templates/external-secret.yaml index c60702fb4..28bf735e3 100644 --- a/clusters/cl01tl/applications/lidarr/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/lidarr/templates/external-secret.yaml @@ -88,10 +88,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: lidarr-postgresql-17-cluster-backup-secret-weekly + name: lidarr-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: lidarr-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: lidarr-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -113,3 +113,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/lidarr/values.yaml b/clusters/cl01tl/applications/lidarr/values.yaml index 1424fd7a1..033fcdfea 100644 --- a/clusters/cl01tl/applications/lidarr/values.yaml +++ b/clusters/cl01tl/applications/lidarr/values.yaml @@ -106,7 +106,8 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/lidarr2/lidarr2-postgresql-17-cluster + destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 index: 1 endpointCredentials: lidarr-postgresql-17-cluster-backup-secret backup: @@ -116,12 +117,20 @@ postgres-17-cluster: index: 1 endpointCredentials: lidarr-postgresql-17-cluster-backup-secret retentionPolicy: "1d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/lidarr/lidarr2-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: lidarr-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -131,7 +140,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 */12 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 8 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/outline/templates/external-secret.yaml b/clusters/cl01tl/applications/outline/templates/external-secret.yaml index aa98fffc7..7fa5518f1 100644 --- a/clusters/cl01tl/applications/outline/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/outline/templates/external-secret.yaml @@ -114,10 +114,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: outline-postgresql-17-cluster-backup-secret-weekly + name: outline-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: outline-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -139,3 +139,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/outline/values.yaml b/clusters/cl01tl/applications/outline/values.yaml index 377f3ead7..0325692e0 100644 --- a/clusters/cl01tl/applications/outline/values.yaml +++ b/clusters/cl01tl/applications/outline/values.yaml @@ -159,7 +159,8 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster + destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 index: 1 backup: objectStore: @@ -167,12 +168,20 @@ postgres-17-cluster: destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/outline/outline-postgresql-17-cluster index: 1 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: outline-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/outline/outline-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: outline-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: outline-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -182,7 +191,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 10 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/photoview/templates/external-secrets.yaml b/clusters/cl01tl/applications/photoview/templates/external-secrets.yaml index 5dd903f4e..68c6cb04f 100644 --- a/clusters/cl01tl/applications/photoview/templates/external-secrets.yaml +++ b/clusters/cl01tl/applications/photoview/templates/external-secrets.yaml @@ -31,10 +31,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: photoview-postgresql-17-cluster-backup-secret-weekly + name: photoview-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: photoview-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -56,3 +56,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/photoview/values.yaml b/clusters/cl01tl/applications/photoview/values.yaml index 9c4c47c27..493520f50 100644 --- a/clusters/cl01tl/applications/photoview/values.yaml +++ b/clusters/cl01tl/applications/photoview/values.yaml @@ -86,7 +86,8 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster + destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 index: 1 backup: objectStore: @@ -94,12 +95,20 @@ postgres-17-cluster: destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/photoview/photoview-postgresql-17-cluster index: 1 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: photoview-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/photoview/photoview-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: photoview-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: photoview-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -109,7 +118,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 12 4 * * SAT" - # backupName: garage + # backupName: garage-remote diff --git a/clusters/cl01tl/applications/postiz/templates/external-secret.yaml b/clusters/cl01tl/applications/postiz/templates/external-secret.yaml index d51a41b19..4bbfa9af3 100644 --- a/clusters/cl01tl/applications/postiz/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/postiz/templates/external-secret.yaml @@ -258,10 +258,10 @@ spec: apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: postiz-postgresql-17-cluster-backup-secret-weekly + name: postiz-postgresql-17-cluster-backup-secret-garage namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: postiz-postgresql-17-cluster-backup-secret-weekly + app.kubernetes.io/name: postiz-postgresql-17-cluster-backup-secret-garage app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: @@ -283,3 +283,10 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION diff --git a/clusters/cl01tl/applications/postiz/values.yaml b/clusters/cl01tl/applications/postiz/values.yaml index 67cb2696b..6ab04ed2b 100644 --- a/clusters/cl01tl/applications/postiz/values.yaml +++ b/clusters/cl01tl/applications/postiz/values.yaml @@ -119,20 +119,29 @@ postgres-17-cluster: recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster - index: 2 + destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster + endpointURL: http://garage-main.garage:3900 + index: 1 backup: objectStore: - name: external destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/postiz/postiz-postgresql-17-cluster index: 2 retentionPolicy: "2d" + isWALArchiver: false + - name: garage-local + destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster + index: 1 + endpointURL: http://garage-main.garage:3900 + endpointCredentials: postiz-postgresql-17-cluster-backup-secret-garage + endpointCredentialsIncludeRegion: true + retentionPolicy: "7d" isWALArchiver: true - # - name: garage + # - name: garage-remote # destinationPath: s3://postgres-backups/cl01tl/postiz/postiz-postgresql-17-cluster # index: 1 # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: postiz-postgresql-17-cluster-backup-secret-weekly + # endpointCredentials: postiz-postgresql-17-cluster-backup-secret-garage # retentionPolicy: "30d" # data: # compression: bzip2 @@ -142,7 +151,12 @@ postgres-17-cluster: suspend: false schedule: "0 0 0 * * *" backupName: external + - name: live-backup + suspend: false + immediate: true + schedule: "0 0 0 * * *" + backupName: garage-local # - name: weekly-backup # suspend: false # schedule: "0 14 4 * * SAT" - # backupName: garage + # backupName: garage-remote