From e00fda25517dca91679065260c2b89ef540f5316 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Mon, 15 Dec 2025 21:49:20 -0600 Subject: [PATCH] move volsync to chart --- clusters/cl01tl/helm/freshrss/Chart.lock | 7 ++- clusters/cl01tl/helm/freshrss/Chart.yaml | 4 ++ .../freshrss/templates/external-secret.yaml | 57 ------------------- .../templates/replication-source.yaml | 35 ------------ clusters/cl01tl/helm/freshrss/values.yaml | 13 +++++ 5 files changed, 22 insertions(+), 94 deletions(-) delete mode 100644 clusters/cl01tl/helm/freshrss/templates/replication-source.yaml diff --git a/clusters/cl01tl/helm/freshrss/Chart.lock b/clusters/cl01tl/helm/freshrss/Chart.lock index 571f5b62f..04da7dbcd 100644 --- a/clusters/cl01tl/helm/freshrss/Chart.lock +++ b/clusters/cl01tl/helm/freshrss/Chart.lock @@ -8,5 +8,8 @@ dependencies: - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts version: 7.1.1 -digest: sha256:2789c65a08710c82e66f5d23cf29d6ae953afe0cea8509c735ceee5be134e52b -generated: "2025-12-15T14:51:03.037186-06:00" +- name: volsync-target + repository: oci://harbor.alexlebens.net/helm-charts + version: 0.5.0 +digest: sha256:80a27ffb18fd1a635f16e70b90c2395f2de300ed50d072a8b87353f1ec3304cb +generated: "2025-12-15T21:47:10.578165-06:00" diff --git a/clusters/cl01tl/helm/freshrss/Chart.yaml b/clusters/cl01tl/helm/freshrss/Chart.yaml index 46505eb9b..25d577bd5 100644 --- a/clusters/cl01tl/helm/freshrss/Chart.yaml +++ b/clusters/cl01tl/helm/freshrss/Chart.yaml @@ -29,5 +29,9 @@ dependencies: alias: postgres-18-cluster version: 7.1.1 repository: oci://harbor.alexlebens.net/helm-charts + - name: volsync-target + alias: volsync-target-data + version: 0.5.0 + repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/freshrss.png appVersion: 1.27.1 diff --git a/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml b/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml index ee0dc8ea6..2e975e92e 100644 --- a/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/freshrss/templates/external-secret.yaml @@ -94,63 +94,6 @@ spec: metadataPolicy: None property: token ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: freshrss-data-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-data-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/freshrss/freshrss-data" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: secret_key - --- apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/helm/freshrss/templates/replication-source.yaml b/clusters/cl01tl/helm/freshrss/templates/replication-source.yaml deleted file mode 100644 index 0b0e03a62..000000000 --- a/clusters/cl01tl/helm/freshrss/templates/replication-source.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: freshrss-data-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: freshrss-data-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: freshrss-data - trigger: - schedule: 0 4 * * * - restic: - pruneIntervalDays: 7 - repository: freshrss-data-backup-secret - retain: - hourly: 1 - daily: 3 - weekly: 2 - monthly: 2 - yearly: 4 - moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 - fsGroup: 568 - fsGroupChangePolicy: OnRootMismatch - supplementalGroups: - - 44 - - 100 - - 109 - - 65539 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/helm/freshrss/values.yaml b/clusters/cl01tl/helm/freshrss/values.yaml index 0c269a478..7521fcd41 100644 --- a/clusters/cl01tl/helm/freshrss/values.yaml +++ b/clusters/cl01tl/helm/freshrss/values.yaml @@ -163,6 +163,7 @@ freshrss: protocol: HTTP persistence: data: + forceRename: freshrss-data storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi @@ -247,3 +248,15 @@ postgres-18-cluster: # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote +volsync-target-data: + pvcTarget: freshrss-data + moverSecurityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + supplementalGroups: + - 44 + - 100 + - 109 + - 65539