From bdd9fbfcadaaf3715e697fcd1541a6b67dc23025 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Wed, 17 Dec 2025 13:28:02 -0600 Subject: [PATCH] move volsync to chart --- clusters/cl01tl/helm/sonarr-4k/Chart.lock | 7 ++- clusters/cl01tl/helm/sonarr-4k/Chart.yaml | 4 ++ .../sonarr-4k/templates/external-secret.yaml | 57 ------------------- .../templates/replication-source.yaml | 30 ---------- clusters/cl01tl/helm/sonarr-4k/values.yaml | 7 +++ clusters/cl01tl/helm/sonarr-anime/Chart.lock | 7 ++- clusters/cl01tl/helm/sonarr-anime/Chart.yaml | 4 ++ .../templates/external-secret.yaml | 57 ------------------- .../templates/replication-source.yaml | 30 ---------- clusters/cl01tl/helm/sonarr-anime/values.yaml | 7 +++ clusters/cl01tl/helm/sonarr/Chart.lock | 7 ++- clusters/cl01tl/helm/sonarr/Chart.yaml | 4 ++ .../sonarr/templates/external-secret.yaml | 57 ------------------- .../sonarr/templates/replication-source.yaml | 30 ---------- clusters/cl01tl/helm/sonarr/values.yaml | 7 +++ 15 files changed, 48 insertions(+), 267 deletions(-) delete mode 100644 clusters/cl01tl/helm/sonarr-4k/templates/replication-source.yaml delete mode 100644 clusters/cl01tl/helm/sonarr-anime/templates/replication-source.yaml delete mode 100644 clusters/cl01tl/helm/sonarr/templates/replication-source.yaml diff --git a/clusters/cl01tl/helm/sonarr-4k/Chart.lock b/clusters/cl01tl/helm/sonarr-4k/Chart.lock index 3f8c0eb7b..a09b0d239 100644 --- a/clusters/cl01tl/helm/sonarr-4k/Chart.lock +++ b/clusters/cl01tl/helm/sonarr-4k/Chart.lock @@ -5,5 +5,8 @@ dependencies: - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts version: 7.1.3 -digest: sha256:5e26665c86f0d26bcc577ab578a14a033cc984de0a08fa6f6bfb6abf98324cf3 -generated: "2025-12-17T16:12:46.874715502Z" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:36a5f9bc034285ab8c73f3caedadbfddfef557ec63798b9e8e86691c97bf7a00 +generated: "2025-12-17T13:20:29.470722-06:00" diff --git a/clusters/cl01tl/helm/sonarr-4k/Chart.yaml b/clusters/cl01tl/helm/sonarr-4k/Chart.yaml index 0a439aff6..c3de16ca5 100644 --- a/clusters/cl01tl/helm/sonarr-4k/Chart.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/Chart.yaml @@ -29,5 +29,9 @@ dependencies: alias: postgres-18-cluster version: 7.1.3 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-config + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/sonarr.png appVersion: 4.0.14 diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/external-secret.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/external-secret.yaml index 75f4e5a97..7a5a50904 100644 --- a/clusters/cl01tl/helm/sonarr-4k/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/templates/external-secret.yaml @@ -1,62 +1,5 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret -metadata: - name: sonarr-4k-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-4k-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4-4k/sonarr4-4k-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret metadata: name: sonarr-4k-postgresql-18-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/sonarr-4k/templates/replication-source.yaml b/clusters/cl01tl/helm/sonarr-4k/templates/replication-source.yaml deleted file mode 100644 index 998e9b558..000000000 --- a/clusters/cl01tl/helm/sonarr-4k/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr-4k-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-4k-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr-4k-config - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: sonarr-4k-config-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/helm/sonarr-4k/values.yaml b/clusters/cl01tl/helm/sonarr-4k/values.yaml index f954ff049..bd3a0b28b 100644 --- a/clusters/cl01tl/helm/sonarr-4k/values.yaml +++ b/clusters/cl01tl/helm/sonarr-4k/values.yaml @@ -142,3 +142,10 @@ postgres-18-cluster: # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote +volsync-target-config: + pvcTarget: sonarr-4k-config + moverSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch diff --git a/clusters/cl01tl/helm/sonarr-anime/Chart.lock b/clusters/cl01tl/helm/sonarr-anime/Chart.lock index c2d7b1431..20453594e 100644 --- a/clusters/cl01tl/helm/sonarr-anime/Chart.lock +++ b/clusters/cl01tl/helm/sonarr-anime/Chart.lock @@ -5,5 +5,8 @@ dependencies: - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts version: 7.1.3 -digest: sha256:8ea1513ce6a088120b1e59148088c7d9c88d8ce4c5821f5a7aa4382a790972e0 -generated: "2025-12-17T16:12:56.720822569Z" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:a0d788481260502173ead09be09869f7f5f8b563b4258aafa685a0493cc6afd9 +generated: "2025-12-17T13:20:32.181564-06:00" diff --git a/clusters/cl01tl/helm/sonarr-anime/Chart.yaml b/clusters/cl01tl/helm/sonarr-anime/Chart.yaml index 54722813d..986ce6889 100644 --- a/clusters/cl01tl/helm/sonarr-anime/Chart.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/Chart.yaml @@ -28,5 +28,9 @@ dependencies: alias: postgres-18-cluster version: 7.1.3 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-config + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/sonarr.png appVersion: 4.0.14 diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/external-secret.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/external-secret.yaml index 240d3fb27..619313a6b 100644 --- a/clusters/cl01tl/helm/sonarr-anime/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/templates/external-secret.yaml @@ -1,62 +1,5 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret -metadata: - name: sonarr-anime-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-anime-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4-anime/sonarr4-anime-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret metadata: name: sonarr-anime-postgresql-18-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/sonarr-anime/templates/replication-source.yaml b/clusters/cl01tl/helm/sonarr-anime/templates/replication-source.yaml deleted file mode 100644 index 59ad2f218..000000000 --- a/clusters/cl01tl/helm/sonarr-anime/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr-anime-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-anime-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr-anime-config - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: sonarr-anime-config-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/helm/sonarr-anime/values.yaml b/clusters/cl01tl/helm/sonarr-anime/values.yaml index 6c33690d1..c9f32f985 100644 --- a/clusters/cl01tl/helm/sonarr-anime/values.yaml +++ b/clusters/cl01tl/helm/sonarr-anime/values.yaml @@ -142,3 +142,10 @@ postgres-18-cluster: # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote +volsync-target-config: + pvcTarget: sonarr-anime-config + moverSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch diff --git a/clusters/cl01tl/helm/sonarr/Chart.lock b/clusters/cl01tl/helm/sonarr/Chart.lock index f9515d832..f66c07c57 100644 --- a/clusters/cl01tl/helm/sonarr/Chart.lock +++ b/clusters/cl01tl/helm/sonarr/Chart.lock @@ -5,5 +5,8 @@ dependencies: - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts version: 7.1.3 -digest: sha256:5acb57a3b6eaf3f4e15e6551eeea370cdf4a4ed7f787cadc26433fdb942c82c2 -generated: "2025-12-17T16:13:05.489126306Z" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:718a6f0608eb176481373c8bb071dc582bf1cbb8ece5a700980bf606ab00687f +generated: "2025-12-17T13:20:27.312673-06:00" diff --git a/clusters/cl01tl/helm/sonarr/Chart.yaml b/clusters/cl01tl/helm/sonarr/Chart.yaml index 2a56a2f14..064864aca 100644 --- a/clusters/cl01tl/helm/sonarr/Chart.yaml +++ b/clusters/cl01tl/helm/sonarr/Chart.yaml @@ -28,5 +28,9 @@ dependencies: alias: postgres-18-cluster version: 7.1.3 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-config + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/sonarr.png appVersion: 4.0.16 diff --git a/clusters/cl01tl/helm/sonarr/templates/external-secret.yaml b/clusters/cl01tl/helm/sonarr/templates/external-secret.yaml index cc2f99727..2835f8280 100644 --- a/clusters/cl01tl/helm/sonarr/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/sonarr/templates/external-secret.yaml @@ -1,62 +1,5 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret -metadata: - name: sonarr-config-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-config-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4/sonarr4-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret metadata: name: sonarr-postgresql-18-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/helm/sonarr/templates/replication-source.yaml b/clusters/cl01tl/helm/sonarr/templates/replication-source.yaml deleted file mode 100644 index 3116d7605..000000000 --- a/clusters/cl01tl/helm/sonarr/templates/replication-source.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: sonarr-config-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: sonarr-config-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: sonarr-config - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: sonarr-config-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/helm/sonarr/values.yaml b/clusters/cl01tl/helm/sonarr/values.yaml index 7e0b9223b..39e659212 100644 --- a/clusters/cl01tl/helm/sonarr/values.yaml +++ b/clusters/cl01tl/helm/sonarr/values.yaml @@ -142,3 +142,10 @@ postgres-18-cluster: # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote +volsync-target-config: + pvcTarget: sonarr-config + moverSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch