From ad5ace7e02a81349730e64a1b1f86fbe990f5494 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 11 Mar 2026 22:38:21 +0000 Subject: [PATCH] chore: Update manifests after change --- ...assistant-config-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...sistant-config-backup-source-external.yaml | 2 +- ...-assistant-config-backup-source-local.yaml | 2 +- ...assistant-config-backup-source-remote.yaml | 34 +++++++++++ ...nSource-immich-backup-source-external.yaml | 2 +- ...tionSource-immich-backup-source-local.yaml | 2 +- ...ionSource-immich-backup-source-remote.yaml | 2 +- ...-jellyfin-config-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...ellyfin-config-backup-source-external.yaml | 2 +- ...e-jellyfin-config-backup-source-local.yaml | 2 +- ...-jellyfin-config-backup-source-remote.yaml | 29 ++++++++++ ...t-jellystat-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...jellystat-data-backup-source-external.yaml | 2 +- ...ce-jellystat-data-backup-source-local.yaml | 2 +- ...e-jellystat-data-backup-source-remote.yaml | 29 ++++++++++ ...lSecret-karakeep-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...ource-karakeep-backup-source-external.yaml | 2 +- ...onSource-karakeep-backup-source-local.yaml | 2 +- ...nSource-karakeep-backup-source-remote.yaml | 29 ++++++++++ ...lSecret-libation-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...ource-libation-backup-source-external.yaml | 2 +- ...onSource-libation-backup-source-local.yaml | 2 +- ...nSource-libation-backup-source-remote.yaml | 29 ++++++++++ ...et-lidarr-config-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...-lidarr-config-backup-source-external.yaml | 2 +- ...rce-lidarr-config-backup-source-local.yaml | 2 +- ...ce-lidarr-config-backup-source-remote.yaml | 34 +++++++++++ ...-matrix-hookshot-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...t-matrix-synapse-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...-mautrix-discord-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...mautrix-whatsapp-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...atrix-hookshot-backup-source-external.yaml | 2 +- ...e-matrix-hookshot-backup-source-local.yaml | 2 +- ...-matrix-hookshot-backup-source-remote.yaml | 29 ++++++++++ ...matrix-synapse-backup-source-external.yaml | 2 +- ...ce-matrix-synapse-backup-source-local.yaml | 2 +- ...e-matrix-synapse-backup-source-remote.yaml | 29 ++++++++++ ...autrix-discord-backup-source-external.yaml | 2 +- ...e-mautrix-discord-backup-source-local.yaml | 2 +- ...-mautrix-discord-backup-source-remote.yaml | 32 ++++++++++ ...utrix-whatsapp-backup-source-external.yaml | 2 +- ...-mautrix-whatsapp-backup-source-local.yaml | 2 +- ...mautrix-whatsapp-backup-source-remote.yaml | 32 ++++++++++ ...t-navidrome-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...navidrome-data-backup-source-external.yaml | 2 +- ...ce-navidrome-data-backup-source-local.yaml | 2 +- ...e-navidrome-data-backup-source-remote.yaml | 34 +++++++++++ ...-ollama-web-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...llama-web-data-backup-source-external.yaml | 2 +- ...e-ollama-web-data-backup-source-local.yaml | 2 +- ...-ollama-web-data-backup-source-remote.yaml | 32 ++++++++++ ...ret-outline-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...e-outline-data-backup-source-external.yaml | 2 +- ...urce-outline-data-backup-source-local.yaml | 2 +- ...rce-outline-data-backup-source-remote.yaml | 31 ++++++++++ 55 files changed, 1186 insertions(+), 29 deletions(-) create mode 100644 clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-remote.yaml diff --git a/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-remote.yaml new file mode 100644 index 000000000..0308640f0 --- /dev/null +++ b/clusters/cl01tl/manifests/home-assistant/ExternalSecret-home-assistant-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: home-assistant-config-backup-secret-remote + namespace: home-assistant + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: home-assistant + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: home-assistant-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/home-assistant/home-assistant-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-external.yaml b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-external.yaml index bccba7218..1d8d2ee46 100644 --- a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: home-assistant-config trigger: - schedule: 24 9 * * * + schedule: 22 10 * * * restic: pruneIntervalDays: 7 repository: home-assistant-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml index b6207137f..b06eab6d9 100644 --- a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: home-assistant-config trigger: - schedule: 24 8 * * * + schedule: 22 8 * * * restic: pruneIntervalDays: 7 repository: home-assistant-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-remote.yaml new file mode 100644 index 000000000..bb4eb0a1c --- /dev/null +++ b/clusters/cl01tl/manifests/home-assistant/ReplicationSource-home-assistant-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: home-assistant-config-backup-source-remote + namespace: home-assistant + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: home-assistant + app.kubernetes.io/part-of: home-assistant + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: home-assistant-config-backup +spec: + sourcePVC: home-assistant-config + trigger: + schedule: 22 9 * * * + restic: + pruneIntervalDays: 7 + repository: home-assistant-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-external.yaml b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-external.yaml index 0fe987d3d..ac58ce7da 100644 --- a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: immich trigger: - schedule: 28 9 * * * + schedule: 24 10 * * * restic: pruneIntervalDays: 7 repository: immich-backup-secret-external diff --git a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-local.yaml b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-local.yaml index 0f5f09c12..53989c78b 100644 --- a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: immich trigger: - schedule: 28 8 * * * + schedule: 24 8 * * * restic: pruneIntervalDays: 7 repository: immich-backup-secret-local diff --git a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-remote.yaml b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-remote.yaml index 05c25bc6b..78b9d1d48 100644 --- a/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-remote.yaml +++ b/clusters/cl01tl/manifests/immich/ReplicationSource-immich-backup-source-remote.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: immich trigger: - schedule: 28 10 * * * + schedule: 24 9 * * * restic: pruneIntervalDays: 7 repository: immich-backup-secret-remote diff --git a/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-remote.yaml new file mode 100644 index 000000000..b4d142ac2 --- /dev/null +++ b/clusters/cl01tl/manifests/jellyfin/ExternalSecret-jellyfin-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jellyfin-config-backup-secret-remote + namespace: jellyfin + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: jellyfin + app.kubernetes.io/part-of: jellyfin + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellyfin-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/jellyfin/jellyfin-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-external.yaml b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-external.yaml index bf3b85ac3..21497fb03 100644 --- a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: jellyfin-config trigger: - schedule: 30 9 * * * + schedule: 26 10 * * * restic: pruneIntervalDays: 7 repository: jellyfin-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml index ccb5ce8ae..31407ff89 100644 --- a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: jellyfin-config trigger: - schedule: 30 8 * * * + schedule: 26 8 * * * restic: pruneIntervalDays: 7 repository: jellyfin-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-remote.yaml new file mode 100644 index 000000000..1d2d5a501 --- /dev/null +++ b/clusters/cl01tl/manifests/jellyfin/ReplicationSource-jellyfin-config-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: jellyfin-config-backup-source-remote + namespace: jellyfin + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: jellyfin + app.kubernetes.io/part-of: jellyfin + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellyfin-config-backup +spec: + sourcePVC: jellyfin-config + trigger: + schedule: 26 9 * * * + restic: + pruneIntervalDays: 7 + repository: jellyfin-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 10Gi diff --git a/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-remote.yaml new file mode 100644 index 000000000..118d0de1f --- /dev/null +++ b/clusters/cl01tl/manifests/jellystat/ExternalSecret-jellystat-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jellystat-data-backup-secret-remote + namespace: jellystat + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: jellystat + app.kubernetes.io/part-of: jellystat + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellystat-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/jellystat/jellystat-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-external.yaml b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-external.yaml index 5f3e82528..f454ce3b8 100644 --- a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: jellystat-data trigger: - schedule: 32 9 * * * + schedule: 28 10 * * * restic: pruneIntervalDays: 7 repository: jellystat-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml index 295f9e7af..66a18105a 100644 --- a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: jellystat-data trigger: - schedule: 32 8 * * * + schedule: 28 8 * * * restic: pruneIntervalDays: 7 repository: jellystat-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-remote.yaml new file mode 100644 index 000000000..c821fb142 --- /dev/null +++ b/clusters/cl01tl/manifests/jellystat/ReplicationSource-jellystat-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: jellystat-data-backup-source-remote + namespace: jellystat + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: jellystat + app.kubernetes.io/part-of: jellystat + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: jellystat-data-backup +spec: + sourcePVC: jellystat-data + trigger: + schedule: 28 9 * * * + restic: + pruneIntervalDays: 7 + repository: jellystat-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-remote.yaml b/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-remote.yaml new file mode 100644 index 000000000..de097fd2d --- /dev/null +++ b/clusters/cl01tl/manifests/karakeep/ExternalSecret-karakeep-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: karakeep-backup-secret-remote + namespace: karakeep + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: karakeep + app.kubernetes.io/part-of: karakeep + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: karakeep-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/karakeep/karakeep" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-external.yaml b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-external.yaml index 0dcd59b79..710cd4206 100644 --- a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: karakeep trigger: - schedule: 34 9 * * * + schedule: 30 10 * * * restic: pruneIntervalDays: 7 repository: karakeep-backup-secret-external diff --git a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml index c2f4ef0c6..f34fbe513 100644 --- a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: karakeep trigger: - schedule: 34 8 * * * + schedule: 30 8 * * * restic: pruneIntervalDays: 7 repository: karakeep-backup-secret-local diff --git a/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-remote.yaml b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-remote.yaml new file mode 100644 index 000000000..f225468dc --- /dev/null +++ b/clusters/cl01tl/manifests/karakeep/ReplicationSource-karakeep-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: karakeep-backup-source-remote + namespace: karakeep + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: karakeep + app.kubernetes.io/part-of: karakeep + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: karakeep-backup +spec: + sourcePVC: karakeep + trigger: + schedule: 30 9 * * * + restic: + pruneIntervalDays: 7 + repository: karakeep-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-remote.yaml b/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-remote.yaml new file mode 100644 index 000000000..535436d59 --- /dev/null +++ b/clusters/cl01tl/manifests/libation/ExternalSecret-libation-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: libation-backup-secret-remote + namespace: libation + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: libation + app.kubernetes.io/part-of: libation + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: libation-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/libation/libation" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-external.yaml b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-external.yaml index 6d8b4f402..35f7db1cb 100644 --- a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: libation trigger: - schedule: 36 9 * * * + schedule: 32 10 * * * restic: pruneIntervalDays: 7 repository: libation-backup-secret-external diff --git a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml index d4851fc89..a82671288 100644 --- a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: libation trigger: - schedule: 36 8 * * * + schedule: 32 8 * * * restic: pruneIntervalDays: 7 repository: libation-backup-secret-local diff --git a/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-remote.yaml b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-remote.yaml new file mode 100644 index 000000000..f5070a59d --- /dev/null +++ b/clusters/cl01tl/manifests/libation/ReplicationSource-libation-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: libation-backup-source-remote + namespace: libation + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: libation + app.kubernetes.io/part-of: libation + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: libation-backup +spec: + sourcePVC: libation + trigger: + schedule: 32 9 * * * + restic: + pruneIntervalDays: 7 + repository: libation-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-remote.yaml new file mode 100644 index 000000000..879ac38db --- /dev/null +++ b/clusters/cl01tl/manifests/lidarr/ExternalSecret-lidarr-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: lidarr-config-backup-secret-remote + namespace: lidarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: lidarr + app.kubernetes.io/part-of: lidarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidarr-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/lidarr/lidarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-external.yaml b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-external.yaml index f9b8e9034..3886605b0 100644 --- a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: lidarr-config trigger: - schedule: 38 9 * * * + schedule: 34 10 * * * restic: pruneIntervalDays: 7 repository: lidarr-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml index af43fd547..6e5225136 100644 --- a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: lidarr-config trigger: - schedule: 38 8 * * * + schedule: 34 8 * * * restic: pruneIntervalDays: 7 repository: lidarr-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-remote.yaml new file mode 100644 index 000000000..6f051506b --- /dev/null +++ b/clusters/cl01tl/manifests/lidarr/ReplicationSource-lidarr-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: lidarr-config-backup-source-remote + namespace: lidarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: lidarr + app.kubernetes.io/part-of: lidarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: lidarr-config-backup +spec: + sourcePVC: lidarr-config + trigger: + schedule: 34 9 * * * + restic: + pruneIntervalDays: 7 + repository: lidarr-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-remote.yaml new file mode 100644 index 000000000..cf769df99 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-hookshot-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: matrix-hookshot-backup-secret-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-hookshot-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-hookshot-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/matrix-hookshot" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-remote.yaml new file mode 100644 index 000000000..403a7d002 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-matrix-synapse-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: matrix-synapse-backup-secret-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-synapse-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-synapse-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/matrix-synapse" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-remote.yaml new file mode 100644 index 000000000..9899a17e5 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-discord-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: mautrix-discord-backup-secret-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-discord-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-discord-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/mautrix-discord" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-remote.yaml new file mode 100644 index 000000000..e4a217c1e --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ExternalSecret-mautrix-whatsapp-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: mautrix-whatsapp-backup-secret-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-whatsapp-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-whatsapp-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/matrix-synapse/mautrix-whatsapp" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-external.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-external.yaml index 68564b01b..9da9503c1 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: matrix-hookshot trigger: - schedule: 46 9 * * * + schedule: 38 10 * * * restic: pruneIntervalDays: 7 repository: matrix-hookshot-backup-secret-external diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml index 1b8d0f1d9..d36e68e60 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: matrix-hookshot trigger: - schedule: 46 8 * * * + schedule: 38 8 * * * restic: pruneIntervalDays: 7 repository: matrix-hookshot-backup-secret-local diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-remote.yaml new file mode 100644 index 000000000..3aa3d0062 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-hookshot-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: matrix-hookshot-backup-source-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-hookshot-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-hookshot-backup +spec: + sourcePVC: matrix-hookshot + trigger: + schedule: 38 9 * * * + restic: + pruneIntervalDays: 7 + repository: matrix-hookshot-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-external.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-external.yaml index b34a145c8..7d249a73d 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: matrix-synapse trigger: - schedule: 44 9 * * * + schedule: 36 10 * * * restic: pruneIntervalDays: 7 repository: matrix-synapse-backup-secret-external diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml index 452d48a45..8544f73e9 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: matrix-synapse trigger: - schedule: 44 8 * * * + schedule: 36 8 * * * restic: pruneIntervalDays: 7 repository: matrix-synapse-backup-secret-local diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-remote.yaml new file mode 100644 index 000000000..73124a4da --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-matrix-synapse-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: matrix-synapse-backup-source-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-synapse-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: matrix-synapse-backup +spec: + sourcePVC: matrix-synapse + trigger: + schedule: 36 9 * * * + restic: + pruneIntervalDays: 7 + repository: matrix-synapse-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-external.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-external.yaml index abfc26584..77f12aba5 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: mautrix-discord trigger: - schedule: 48 9 * * * + schedule: 40 10 * * * restic: pruneIntervalDays: 7 repository: mautrix-discord-backup-secret-external diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml index 4ed105ff7..eedd27ded 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: mautrix-discord trigger: - schedule: 48 8 * * * + schedule: 40 8 * * * restic: pruneIntervalDays: 7 repository: mautrix-discord-backup-secret-local diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-remote.yaml new file mode 100644 index 000000000..3dc1d06e4 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-discord-backup-source-remote.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: mautrix-discord-backup-source-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-discord-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-discord-backup +spec: + sourcePVC: mautrix-discord + trigger: + schedule: 40 9 * * * + restic: + pruneIntervalDays: 7 + repository: mautrix-discord-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-external.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-external.yaml index b11d6da73..25e420611 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: mautrix-whatsapp trigger: - schedule: 50 9 * * * + schedule: 42 10 * * * restic: pruneIntervalDays: 7 repository: mautrix-whatsapp-backup-secret-external diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml index 518ae86e1..6258f311a 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: mautrix-whatsapp trigger: - schedule: 50 8 * * * + schedule: 42 8 * * * restic: pruneIntervalDays: 7 repository: mautrix-whatsapp-backup-secret-local diff --git a/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-remote.yaml b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-remote.yaml new file mode 100644 index 000000000..490aaa1b5 --- /dev/null +++ b/clusters/cl01tl/manifests/matrix-synapse/ReplicationSource-mautrix-whatsapp-backup-source-remote.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: mautrix-whatsapp-backup-source-remote + namespace: matrix-synapse + labels: + helm.sh/chart: volsync-target-whatsapp-0.8.0 + app.kubernetes.io/instance: matrix-synapse + app.kubernetes.io/part-of: matrix-synapse + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mautrix-whatsapp-backup +spec: + sourcePVC: mautrix-whatsapp + trigger: + schedule: 42 9 * * * + restic: + pruneIntervalDays: 7 + repository: mautrix-whatsapp-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-remote.yaml new file mode 100644 index 000000000..6f78a3f37 --- /dev/null +++ b/clusters/cl01tl/manifests/navidrome/ExternalSecret-navidrome-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: navidrome-data-backup-secret-remote + namespace: navidrome + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: navidrome + app.kubernetes.io/part-of: navidrome + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: navidrome-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/navidrome/navidrome-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-external.yaml b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-external.yaml index 795cc65af..ebe93a133 100644 --- a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: navidrome-data trigger: - schedule: 52 9 * * * + schedule: 46 10 * * * restic: pruneIntervalDays: 7 repository: navidrome-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml index 6f91ac206..0cbb72360 100644 --- a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: navidrome-data trigger: - schedule: 52 8 * * * + schedule: 46 8 * * * restic: pruneIntervalDays: 7 repository: navidrome-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-remote.yaml new file mode 100644 index 000000000..ba55193c5 --- /dev/null +++ b/clusters/cl01tl/manifests/navidrome/ReplicationSource-navidrome-data-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: navidrome-data-backup-source-remote + namespace: navidrome + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: navidrome + app.kubernetes.io/part-of: navidrome + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: navidrome-data-backup +spec: + sourcePVC: navidrome-data + trigger: + schedule: 46 9 * * * + restic: + pruneIntervalDays: 7 + repository: navidrome-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml new file mode 100644 index 000000000..5613ccea9 --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ollama-web-data-backup-secret-remote + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml index 283e55dab..9855df39e 100644 --- a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: ollama-web-data trigger: - schedule: 54 9 * * * + schedule: 48 10 * * * restic: pruneIntervalDays: 7 repository: ollama-web-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml index 23d5078c0..786120502 100644 --- a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: ollama-web-data trigger: - schedule: 54 8 * * * + schedule: 48 8 * * * restic: pruneIntervalDays: 7 repository: ollama-web-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml new file mode 100644 index 000000000..20376887e --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ollama-web-data-backup-source-remote + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup +spec: + sourcePVC: ollama-web-data + trigger: + schedule: 48 9 * * * + restic: + pruneIntervalDays: 7 + repository: ollama-web-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-remote.yaml new file mode 100644 index 000000000..7a9571a27 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ExternalSecret-outline-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: outline-data-backup-secret-remote + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/outline/outline-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml index 3941003e4..b7e7ee518 100644 --- a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: outline-data trigger: - schedule: 50 12 * * * + schedule: 50 10 * * * restic: pruneIntervalDays: 7 repository: outline-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml index fde9ae0ed..f16a3168b 100644 --- a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: outline-data trigger: - schedule: 50 11 * * * + schedule: 50 8 * * * restic: pruneIntervalDays: 7 repository: outline-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-remote.yaml new file mode 100644 index 000000000..820073a3a --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ReplicationSource-outline-data-backup-source-remote.yaml @@ -0,0 +1,31 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: outline-data-backup-source-remote + namespace: outline + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: outline + app.kubernetes.io/part-of: outline + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: outline-data-backup +spec: + sourcePVC: outline-data + trigger: + schedule: 50 9 * * * + restic: + pruneIntervalDays: 7 + repository: outline-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1001 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi