diff --git a/clusters/cl01tl/manifests/outline/Deployment-outline.yaml b/clusters/cl01tl/manifests/outline/Deployment-outline.yaml index 41b322d82..3c210c5fb 100644 --- a/clusters/cl01tl/manifests/outline/Deployment-outline.yaml +++ b/clusters/cl01tl/manifests/outline/Deployment-outline.yaml @@ -89,30 +89,7 @@ spec: - name: REDIS_URL value: redis://outline-valkey.outline:6379 - name: FILE_STORAGE - value: s3 - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - key: AWS_ACCESS_KEY_ID - name: ceph-bucket-outline - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - key: AWS_SECRET_ACCESS_KEY - name: ceph-bucket-outline - - name: AWS_REGION - value: us-east-1 - - name: AWS_S3_UPLOAD_BUCKET_NAME - valueFrom: - configMapKeyRef: - key: BUCKET_NAME - name: ceph-bucket-outline - - name: AWS_S3_UPLOAD_BUCKET_URL - value: https://objects.alexlebens.dev - - name: AWS_S3_FORCE_PATH_STYLE - value: "true" - - name: AWS_S3_ACL - value: private + value: local - name: FILE_STORAGE_UPLOAD_MAX_SIZE value: "26214400" - name: FORCE_HTTPS @@ -160,3 +137,10 @@ spec: requests: cpu: 10m memory: 512Mi + volumeMounts: + - mountPath: /var/lib/outline/data + name: data + volumes: + - name: data + persistentVolumeClaim: + claimName: outline-data diff --git a/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-external.yaml b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-external.yaml new file mode 100644 index 000000000..439cc2470 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-external.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: outline-data-backup-secret-external + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup-secret-external +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/outline/outline-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-local.yaml new file mode 100644 index 000000000..26a8a30c5 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: outline-data-backup-secret-local + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/outline/outline-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/outline/PersistentVolumeClaim-outline-data.yaml b/clusters/cl01tl/manifests/outline/PersistentVolumeClaim-outline-data.yaml new file mode 100644 index 000000000..1c9fd748e --- /dev/null +++ b/clusters/cl01tl/manifests/outline/PersistentVolumeClaim-outline-data.yaml @@ -0,0 +1,19 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: outline-data + labels: + app.kubernetes.io/instance: outline + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline + helm.sh/chart: outline-4.6.2 + annotations: + helm.sh/resource-policy: keep + namespace: outline +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "5Gi" + storageClassName: "ceph-block" diff --git a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml new file mode 100644 index 000000000..353732ad0 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: outline-data-backup-source-external + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup +spec: + sourcePVC: outline-data + trigger: + schedule: 50 12 * * * + restic: + pruneIntervalDays: 7 + repository: outline-data-backup-secret-external + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml new file mode 100644 index 000000000..8b386a2a8 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: outline-data-backup-source-local + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup +spec: + sourcePVC: outline-data + trigger: + schedule: 50 11 * * * + restic: + pruneIntervalDays: 7 + repository: outline-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi