From fcc074eced9e54d3d05f8c98a1edc00af40a77fb Mon Sep 17 00:00:00 2001 From: alexlebens Date: Thu, 4 Jul 2024 22:09:49 -0500 Subject: [PATCH] backup config pvc --- .../prowlarr/templates/external-secret.yaml | 6 +- .../radarr5-4k/templates/external-secret.yaml | 59 +++++++++++++++++++ .../templates/replication-source.yaml | 27 +++++++++ .../templates/external-secret.yaml | 59 +++++++++++++++++++ .../templates/replication-source.yaml | 27 +++++++++ .../sonarr4-4k/templates/external-secret.yaml | 59 +++++++++++++++++++ .../templates/replication-source.yaml | 27 +++++++++ .../sonarr4/templates/external-secret.yaml | 59 +++++++++++++++++++ .../sonarr4/templates/replication-source.yaml | 27 +++++++++ 9 files changed, 347 insertions(+), 3 deletions(-) create mode 100644 clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml create mode 100644 clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml create mode 100644 clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml create mode 100644 clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml diff --git a/clusters/cl01tl/applications/prowlarr/templates/external-secret.yaml b/clusters/cl01tl/applications/prowlarr/templates/external-secret.yaml index d375226c3..686dd4666 100644 --- a/clusters/cl01tl/applications/prowlarr/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/prowlarr/templates/external-secret.yaml @@ -1,10 +1,10 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: lidarr2-config-backup-secret + name: prowlarr-config-backup-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: lidarr2-config-backup-secret + app.kubernetes.io/name: prowlarr-config-backup-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: backup @@ -18,7 +18,7 @@ spec: mergePolicy: Merge engineVersion: v2 data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/lidarr2/lidarr2-config" + RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/prowlarr/prowlarr-config" data: - secretKey: BUCKET_ENDPOINT remoteRef: diff --git a/clusters/cl01tl/applications/radarr5-4k/templates/external-secret.yaml b/clusters/cl01tl/applications/radarr5-4k/templates/external-secret.yaml index b6032217e..05aa29db3 100644 --- a/clusters/cl01tl/applications/radarr5-4k/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/radarr5-4k/templates/external-secret.yaml @@ -1,5 +1,64 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret +metadata: + name: radarr5-4k-config-backup-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: radarr5-4k-config-backup-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/radarr5-4k/radarr5-4k-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: S3_BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: access_key + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: secret_key + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: radarr5-4k-postgresql-16-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml b/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml new file mode 100644 index 000000000..f10bcfe73 --- /dev/null +++ b/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml @@ -0,0 +1,27 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: radarr5-4k-config-backup-source + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: radarr5-4k-config-backup-source + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + sourcePVC: radarr5-4k-config + trigger: + schedule: 0 */6 * * * + restic: + pruneIntervalDays: 14 + repository: radarr5-4k-config-backup-secret + retain: + hourly: 1 + daily: 1 + weekly: 7 + monthly: 4 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/applications/readarr-books/templates/external-secret.yaml b/clusters/cl01tl/applications/readarr-books/templates/external-secret.yaml index b4b424c16..e421b98e9 100644 --- a/clusters/cl01tl/applications/readarr-books/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/readarr-books/templates/external-secret.yaml @@ -1,5 +1,64 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret +metadata: + name: readarr-books-config-backup-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: readarr-books-config-backup-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/readarr-books/readarr-books-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: S3_BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: access_key + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: secret_key + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: readarr-books-postgresql-16-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml b/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml new file mode 100644 index 000000000..2225b7746 --- /dev/null +++ b/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml @@ -0,0 +1,27 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: readarr-books-config-backup-source + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: readarr-books-config-backup-source + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + sourcePVC: readarr-books-config + trigger: + schedule: 0 */6 * * * + restic: + pruneIntervalDays: 14 + repository: readarr-books-config-backup-secret + retain: + hourly: 1 + daily: 1 + weekly: 7 + monthly: 4 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/applications/sonarr4-4k/templates/external-secret.yaml b/clusters/cl01tl/applications/sonarr4-4k/templates/external-secret.yaml index 99ee98180..1cae1cfe8 100644 --- a/clusters/cl01tl/applications/sonarr4-4k/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/sonarr4-4k/templates/external-secret.yaml @@ -1,5 +1,64 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret +metadata: + name: sonarr4-4k-config-backup-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: sonarr4-4k-config-backup-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4-4k/sonarr4-4k-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: S3_BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: access_key + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: secret_key + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: sonarr4-4k-postgresql-16-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml b/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml new file mode 100644 index 000000000..bc0d68bc3 --- /dev/null +++ b/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml @@ -0,0 +1,27 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr4-4k-config-backup-source + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: sonarr4-4k-config-backup-source + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + sourcePVC: sonarr4-4k-config + trigger: + schedule: 0 */6 * * * + restic: + pruneIntervalDays: 14 + repository: sonarr4-4k-config-backup-secret + retain: + hourly: 1 + daily: 1 + weekly: 7 + monthly: 4 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/applications/sonarr4/templates/external-secret.yaml b/clusters/cl01tl/applications/sonarr4/templates/external-secret.yaml index 0eb8b1597..6ef34eb70 100644 --- a/clusters/cl01tl/applications/sonarr4/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/sonarr4/templates/external-secret.yaml @@ -1,5 +1,64 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret +metadata: + name: sonarr4-config-backup-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: sonarr4-config-backup-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/sonarr4/sonarr4-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: S3_BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/volsync/restic/config + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: access_key + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /aws/keys/cl01tl-volsync-backups + metadataPolicy: None + property: secret_key + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: sonarr4-postgresql-16-cluster-backup-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml b/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml new file mode 100644 index 000000000..e439df6e4 --- /dev/null +++ b/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml @@ -0,0 +1,27 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr4-config-backup-source + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: sonarr4-config-backup-source + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: backup + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + sourcePVC: sonarr4-config + trigger: + schedule: 0 */6 * * * + restic: + pruneIntervalDays: 14 + repository: sonarr4-config-backup-secret + retain: + hourly: 1 + daily: 1 + weekly: 7 + monthly: 4 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot