diff --git a/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml index 988bd549b..89e36f51d 100644 --- a/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 0 14 * * *" backupOwnerReference: self cluster: name: argo-workflows-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml index 2be8420e9..6e2d4b113 100644 --- a/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 5 14 * * *" backupOwnerReference: self cluster: name: authentik-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/dawarich/ScheduledBackup-dawarich-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/dawarich/ScheduledBackup-dawarich-postgresql-18-scheduled-backup-live-backup.yaml index e71f86f54..53b353289 100644 --- a/clusters/cl01tl/manifests/dawarich/ScheduledBackup-dawarich-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/dawarich/ScheduledBackup-dawarich-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 10 14 * * *" backupOwnerReference: self cluster: name: dawarich-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml index f82a62f0a..73b803f4a 100644 --- a/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 15 14 * * *" backupOwnerReference: self cluster: name: directus-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml index 9ed032de0..bdccf59db 100644 --- a/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/freshrss/ScheduledBackup-freshrss-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 20 14 * * *" backupOwnerReference: self cluster: name: freshrss-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml index cf090ded0..46bc3292a 100644 --- a/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/gatus/ScheduledBackup-gatus-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 25 14 * * *" backupOwnerReference: self cluster: name: gatus-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/gitea/ReplicationSource-gitea-shared-storage-backup-source-local.yaml b/clusters/cl01tl/manifests/gitea/ReplicationSource-gitea-shared-storage-backup-source-local.yaml index ed0277ae3..49370e273 100644 --- a/clusters/cl01tl/manifests/gitea/ReplicationSource-gitea-shared-storage-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/gitea/ReplicationSource-gitea-shared-storage-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: gitea-shared-storage trigger: - schedule: 0 0 0 * * * + schedule: 0 0 7 * * * restic: pruneIntervalDays: 3 repository: gitea-shared-storage-backup-secret-local diff --git a/clusters/cl01tl/manifests/gitea/ScheduledBackup-gitea-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/gitea/ScheduledBackup-gitea-postgresql-18-scheduled-backup-live-backup.yaml index cd391aea2..a98b1fe8a 100644 --- a/clusters/cl01tl/manifests/gitea/ScheduledBackup-gitea-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/gitea/ScheduledBackup-gitea-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 0 7 * * *" backupOwnerReference: self cluster: name: gitea-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/grafana-operator/ScheduledBackup-grafana-operator-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/grafana-operator/ScheduledBackup-grafana-operator-postgresql-18-scheduled-backup-live-backup.yaml index 749f54001..91c2c8d6f 100644 --- a/clusters/cl01tl/manifests/grafana-operator/ScheduledBackup-grafana-operator-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/grafana-operator/ScheduledBackup-grafana-operator-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 30 14 * * *" backupOwnerReference: self cluster: name: grafana-operator-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/harbor/ScheduledBackup-harbor-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/harbor/ScheduledBackup-harbor-postgresql-18-scheduled-backup-live-backup.yaml index dcb6521ee..4dad80595 100644 --- a/clusters/cl01tl/manifests/harbor/ScheduledBackup-harbor-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/harbor/ScheduledBackup-harbor-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 35 14 * * *" backupOwnerReference: self cluster: name: harbor-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml index 610326b2f..e8a20ffd2 100644 --- a/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/immich/ScheduledBackup-immich-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 40 14 * * *" backupOwnerReference: self cluster: name: immich-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml index 837112253..2bc8b3791 100644 --- a/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/jellystat/ScheduledBackup-jellystat-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 45 14 * * *" backupOwnerReference: self cluster: name: jellystat-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/komodo/ScheduledBackup-komodo-postgresql-17-fdb-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/komodo/ScheduledBackup-komodo-postgresql-17-fdb-scheduled-backup-live-backup.yaml index 9795fcc95..6a5e6bcaf 100644 --- a/clusters/cl01tl/manifests/komodo/ScheduledBackup-komodo-postgresql-17-fdb-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/komodo/ScheduledBackup-komodo-postgresql-17-fdb-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 50 14 * * *" backupOwnerReference: self cluster: name: komodo-postgresql-17-fdb-cluster diff --git a/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml index dd0f53d7f..4b6e64928 100644 --- a/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/lidarr/ScheduledBackup-lidarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 55 14 * * *" backupOwnerReference: self cluster: name: lidarr-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml index 14dbf6435..10d52c6f2 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/ScheduledBackup-matrix-synapse-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 0 15 * * *" backupOwnerReference: self cluster: name: matrix-synapse-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml index 598092dbb..655c13727 100644 --- a/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/ollama/ScheduledBackup-ollama-web-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 5 15 * * *" backupOwnerReference: self cluster: name: ollama-web-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/outline/ScheduledBackup-outline-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/outline/ScheduledBackup-outline-postgresql-18-scheduled-backup-live-backup.yaml index bb3e54c0e..9bc4a0ef6 100644 --- a/clusters/cl01tl/manifests/outline/ScheduledBackup-outline-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/outline/ScheduledBackup-outline-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 10 15 * * *" backupOwnerReference: self cluster: name: outline-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/photoview/ScheduledBackup-photoview-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/photoview/ScheduledBackup-photoview-postgresql-18-scheduled-backup-live-backup.yaml index 66c92e933..d78bf40dd 100644 --- a/clusters/cl01tl/manifests/photoview/ScheduledBackup-photoview-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/photoview/ScheduledBackup-photoview-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 15 15 * * *" backupOwnerReference: self cluster: name: photoview-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml index e4fdb85df..027d807d1 100644 --- a/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/postiz/ScheduledBackup-postiz-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 20 15 * * *" backupOwnerReference: self cluster: name: postiz-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml index a745bf999..b0d7f0763 100644 --- a/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-4k/ScheduledBackup-radarr-4k-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 30 15 * * *" backupOwnerReference: self cluster: name: radarr-4k-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml index ca69f415d..63877eb14 100644 --- a/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-anime/ScheduledBackup-radarr-anime-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 30 15 * * *" backupOwnerReference: self cluster: name: radarr-anime-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml index 4524fd7fb..e19e0ea03 100644 --- a/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr-standup/ScheduledBackup-radarr-standup-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 35 15 * * *" backupOwnerReference: self cluster: name: radarr-standup-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml index 155db3315..173d48113 100644 --- a/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/radarr/ScheduledBackup-radarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 25 15 * * *" backupOwnerReference: self cluster: name: radarr-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-remote.yaml new file mode 100644 index 000000000..29c596bc1 --- /dev/null +++ b/clusters/cl01tl/manifests/roundcube/ExternalSecret-roundcube-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: roundcube-data-backup-secret-remote + namespace: roundcube + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: roundcube + app.kubernetes.io/part-of: roundcube + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: roundcube-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/roundcube/roundcube-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-external.yaml b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-external.yaml index 851a13f6d..909c07fa8 100644 --- a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: roundcube-data trigger: - schedule: 16 12 * * * + schedule: 12 13 * * * restic: pruneIntervalDays: 7 repository: roundcube-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml index 268a9cac3..b691d3ea4 100644 --- a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: roundcube-data trigger: - schedule: 16 11 * * * + schedule: 12 11 * * * restic: pruneIntervalDays: 7 repository: roundcube-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-remote.yaml new file mode 100644 index 000000000..b8e0a83a1 --- /dev/null +++ b/clusters/cl01tl/manifests/roundcube/ReplicationSource-roundcube-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: roundcube-data-backup-source-remote + namespace: roundcube + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: roundcube + app.kubernetes.io/part-of: roundcube + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: roundcube-data-backup +spec: + sourcePVC: roundcube-data + trigger: + schedule: 12 12 * * * + restic: + pruneIntervalDays: 7 + repository: roundcube-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml index 2fffb0bb8..38ca7c0f0 100644 --- a/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/roundcube/ScheduledBackup-roundcube-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 40 15 * * *" backupOwnerReference: self cluster: name: roundcube-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/rybbit/ExternalSecret-clickhouse-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/rybbit/ExternalSecret-clickhouse-data-backup-secret-remote.yaml new file mode 100644 index 000000000..7eb7a0431 --- /dev/null +++ b/clusters/cl01tl/manifests/rybbit/ExternalSecret-clickhouse-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: clickhouse-data-backup-secret-remote + namespace: rybbit + labels: + helm.sh/chart: volsync-target-clickhouse-data-0.8.0 + app.kubernetes.io/instance: rybbit + app.kubernetes.io/part-of: rybbit + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: clickhouse-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/rybbit/clickhouse-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-external.yaml b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-external.yaml index 046c659bd..35ff98537 100644 --- a/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: clickhouse-data trigger: - schedule: 40 12 * * * + schedule: 14 13 * * * restic: pruneIntervalDays: 7 repository: clickhouse-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-local.yaml b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-local.yaml index c42e5be07..cc5d8290d 100644 --- a/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: clickhouse-data trigger: - schedule: 40 11 * * * + schedule: 14 11 * * * restic: pruneIntervalDays: 7 repository: clickhouse-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-remote.yaml new file mode 100644 index 000000000..ca1ec8911 --- /dev/null +++ b/clusters/cl01tl/manifests/rybbit/ReplicationSource-clickhouse-data-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: clickhouse-data-backup-source-remote + namespace: rybbit + labels: + helm.sh/chart: volsync-target-clickhouse-data-0.8.0 + app.kubernetes.io/instance: rybbit + app.kubernetes.io/part-of: rybbit + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: clickhouse-data-backup +spec: + sourcePVC: clickhouse-data + trigger: + schedule: 14 12 * * * + restic: + pruneIntervalDays: 7 + repository: clickhouse-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 101 + runAsUser: 101 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/rybbit/ScheduledBackup-rybbit-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/rybbit/ScheduledBackup-rybbit-postgresql-18-scheduled-backup-live-backup.yaml index 6efc56bd9..0da6ecf49 100644 --- a/clusters/cl01tl/manifests/rybbit/ScheduledBackup-rybbit-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/rybbit/ScheduledBackup-rybbit-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 45 15 * * *" backupOwnerReference: self cluster: name: rybbit-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-remote.yaml new file mode 100644 index 000000000..8a4435798 --- /dev/null +++ b/clusters/cl01tl/manifests/searxng/ExternalSecret-searxng-browser-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: searxng-browser-data-backup-secret-remote + namespace: searxng + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: searxng + app.kubernetes.io/part-of: searxng + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: searxng-browser-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/searxng/searxng-browser-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-external.yaml b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-external.yaml index 90f9a7e2e..5f241b1d5 100644 --- a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: searxng-browser-data trigger: - schedule: 18 12 * * * + schedule: 16 12 * * * restic: pruneIntervalDays: 7 repository: searxng-browser-data-backup-secret-external diff --git a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml index b4e9a35a8..f82bfe30c 100644 --- a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: searxng-browser-data trigger: - schedule: 18 11 * * * + schedule: 16 11 * * * restic: pruneIntervalDays: 7 repository: searxng-browser-data-backup-secret-local diff --git a/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-remote.yaml new file mode 100644 index 000000000..3c1860549 --- /dev/null +++ b/clusters/cl01tl/manifests/searxng/ReplicationSource-searxng-browser-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: searxng-browser-data-backup-source-remote + namespace: searxng + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: searxng + app.kubernetes.io/part-of: searxng + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: searxng-browser-data-backup +spec: + sourcePVC: searxng-browser-data + trigger: + schedule: 16 12 * * * + restic: + pruneIntervalDays: 7 + repository: searxng-browser-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-remote.yaml new file mode 100644 index 000000000..6df5d7bc5 --- /dev/null +++ b/clusters/cl01tl/manifests/seerr/ExternalSecret-seerr-seerr-chart-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: seerr-seerr-chart-config-backup-secret-remote + namespace: seerr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: seerr + app.kubernetes.io/part-of: seerr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: seerr-seerr-chart-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/seerr/seerr-seerr-chart-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-external.yaml b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-external.yaml index 94fa7705f..3c42dbdb8 100644 --- a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: seerr-seerr-chart-config trigger: - schedule: 20 12 * * * + schedule: 18 13 * * * restic: pruneIntervalDays: 7 repository: seerr-seerr-chart-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml index 1bdac9005..dedf642f6 100644 --- a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: seerr-seerr-chart-config trigger: - schedule: 20 11 * * * + schedule: 18 11 * * * restic: pruneIntervalDays: 7 repository: seerr-seerr-chart-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-remote.yaml new file mode 100644 index 000000000..f16b0175d --- /dev/null +++ b/clusters/cl01tl/manifests/seerr/ReplicationSource-seerr-seerr-chart-config-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: seerr-seerr-chart-config-backup-source-remote + namespace: seerr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: seerr + app.kubernetes.io/part-of: seerr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: seerr-seerr-chart-config-backup +spec: + sourcePVC: seerr-seerr-chart-config + trigger: + schedule: 18 12 * * * + restic: + pruneIntervalDays: 7 + repository: seerr-seerr-chart-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/shelfmark/ExternalSecret-shelfmark-backup-secret-remote.yaml b/clusters/cl01tl/manifests/shelfmark/ExternalSecret-shelfmark-backup-secret-remote.yaml new file mode 100644 index 000000000..3ab3dadf2 --- /dev/null +++ b/clusters/cl01tl/manifests/shelfmark/ExternalSecret-shelfmark-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: shelfmark-backup-secret-remote + namespace: shelfmark + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: shelfmark + app.kubernetes.io/part-of: shelfmark + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: shelfmark-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/shelfmark/shelfmark" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-external.yaml b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-external.yaml index 9ed5aac8f..d44ddb729 100644 --- a/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: shelfmark trigger: - schedule: 38 12 * * * + schedule: 20 13 * * * restic: pruneIntervalDays: 7 repository: shelfmark-backup-secret-external diff --git a/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-local.yaml b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-local.yaml index 4dd969c90..c6653f2ec 100644 --- a/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: shelfmark trigger: - schedule: 38 11 * * * + schedule: 20 11 * * * restic: pruneIntervalDays: 7 repository: shelfmark-backup-secret-local diff --git a/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-remote.yaml b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-remote.yaml new file mode 100644 index 000000000..dcaf034b9 --- /dev/null +++ b/clusters/cl01tl/manifests/shelfmark/ReplicationSource-shelfmark-backup-source-remote.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: shelfmark-backup-source-remote + namespace: shelfmark + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: shelfmark + app.kubernetes.io/part-of: shelfmark + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: shelfmark-backup +spec: + sourcePVC: shelfmark + trigger: + schedule: 20 12 * * * + restic: + pruneIntervalDays: 7 + repository: shelfmark-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-remote.yaml new file mode 100644 index 000000000..c0068f6c7 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-4k/ExternalSecret-sonarr-4k-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-4k-config-backup-secret-remote + namespace: sonarr-4k + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr-4k + app.kubernetes.io/part-of: sonarr-4k + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-4k-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr-4k/sonarr-4k-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-external.yaml b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-external.yaml index 9167c3b5c..a96b178c3 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: sonarr-4k-config trigger: - schedule: 24 12 * * * + schedule: 24 13 * * * restic: pruneIntervalDays: 7 repository: sonarr-4k-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-remote.yaml new file mode 100644 index 000000000..311e68ce0 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-4k/ReplicationSource-sonarr-4k-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-4k-config-backup-source-remote + namespace: sonarr-4k + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr-4k + app.kubernetes.io/part-of: sonarr-4k + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-4k-config-backup +spec: + sourcePVC: sonarr-4k-config + trigger: + schedule: 24 12 * * * + restic: + pruneIntervalDays: 7 + repository: sonarr-4k-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml index 403939220..ad960c260 100644 --- a/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr-4k/ScheduledBackup-sonarr-4k-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 55 15 * * *" backupOwnerReference: self cluster: name: sonarr-4k-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-remote.yaml new file mode 100644 index 000000000..30a20348c --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-anime/ExternalSecret-sonarr-anime-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-anime-config-backup-secret-remote + namespace: sonarr-anime + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr-anime + app.kubernetes.io/part-of: sonarr-anime + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-anime-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr-anime/sonarr-anime-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-external.yaml b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-external.yaml index 67ae6550c..f271e430d 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: sonarr-anime-config trigger: - schedule: 26 12 * * * + schedule: 26 13 * * * restic: pruneIntervalDays: 7 repository: sonarr-anime-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-remote.yaml new file mode 100644 index 000000000..f65ac3b70 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr-anime/ReplicationSource-sonarr-anime-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-anime-config-backup-source-remote + namespace: sonarr-anime + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr-anime + app.kubernetes.io/part-of: sonarr-anime + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-anime-config-backup +spec: + sourcePVC: sonarr-anime-config + trigger: + schedule: 26 12 * * * + restic: + pruneIntervalDays: 7 + repository: sonarr-anime-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml index cfcc9af9d..6bb566af0 100644 --- a/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr-anime/ScheduledBackup-sonarr-anime-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 0 16 * * *" backupOwnerReference: self cluster: name: sonarr-anime-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-remote.yaml new file mode 100644 index 000000000..db9e56a46 --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr/ExternalSecret-sonarr-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: sonarr-config-backup-secret-remote + namespace: sonarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr + app.kubernetes.io/part-of: sonarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/sonarr/sonarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-external.yaml b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-external.yaml index ac2ad1b1d..0d9d7d0d3 100644 --- a/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: sonarr-config trigger: - schedule: 22 12 * * * + schedule: 22 13 * * * restic: pruneIntervalDays: 7 repository: sonarr-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-remote.yaml new file mode 100644 index 000000000..f328ebd2a --- /dev/null +++ b/clusters/cl01tl/manifests/sonarr/ReplicationSource-sonarr-config-backup-source-remote.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: sonarr-config-backup-source-remote + namespace: sonarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: sonarr + app.kubernetes.io/part-of: sonarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: sonarr-config-backup +spec: + sourcePVC: sonarr-config + trigger: + schedule: 22 12 * * + restic: + pruneIntervalDays: 7 + repository: sonarr-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml index 7614e639b..d366e12a5 100644 --- a/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/sonarr/ScheduledBackup-sonarr-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 50 15 * * *" backupOwnerReference: self cluster: name: sonarr-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-remote.yaml new file mode 100644 index 000000000..eed9a86ad --- /dev/null +++ b/clusters/cl01tl/manifests/stalwart/ExternalSecret-stalwart-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: stalwart-config-backup-secret-remote + namespace: stalwart + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: stalwart + app.kubernetes.io/part-of: stalwart + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: stalwart-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/stalwart/stalwart-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-external.yaml b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-external.yaml index 3cdb726c7..43f09451b 100644 --- a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: stalwart-config trigger: - schedule: 32 12 * * * + schedule: 28 13 * * * restic: pruneIntervalDays: 7 repository: stalwart-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml index 7da822a73..f08ba10df 100644 --- a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: stalwart-config trigger: - schedule: 32 11 * * * + schedule: 28 11 * * * restic: pruneIntervalDays: 7 repository: stalwart-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-remote.yaml new file mode 100644 index 000000000..1e96faca7 --- /dev/null +++ b/clusters/cl01tl/manifests/stalwart/ReplicationSource-stalwart-config-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: stalwart-config-backup-source-remote + namespace: stalwart + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: stalwart + app.kubernetes.io/part-of: stalwart + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: stalwart-config-backup +spec: + sourcePVC: stalwart-config + trigger: + schedule: 28 12 * * * + restic: + pruneIntervalDays: 7 + repository: stalwart-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml index 8e414ec71..140509e8b 100644 --- a/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/stalwart/ScheduledBackup-stalwart-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 5 16 * * *" backupOwnerReference: self cluster: name: stalwart-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-remote.yaml new file mode 100644 index 000000000..b92b45214 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: tdarr-config-backup-secret-remote + namespace: tdarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/tdarr/tdarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-remote.yaml b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-remote.yaml new file mode 100644 index 000000000..91e125823 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ExternalSecret-tdarr-server-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: tdarr-server-backup-secret-remote + namespace: tdarr + labels: + helm.sh/chart: volsync-target-server-0.8.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-server-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/tdarr/tdarr-server" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-external.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-external.yaml index 1e495b661..ccde60c46 100644 --- a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: tdarr-config trigger: - schedule: 36 12 * * * + schedule: 30 13 * * * restic: pruneIntervalDays: 7 repository: tdarr-config-backup-secret-external diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml index 3c49ff8e3..42592dcf9 100644 --- a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: tdarr-config trigger: - schedule: 36 11 * * * + schedule: 30 11 * * * restic: pruneIntervalDays: 7 repository: tdarr-config-backup-secret-local diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-remote.yaml new file mode 100644 index 000000000..5e794639d --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-config-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: tdarr-config-backup-source-remote + namespace: tdarr + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-config-backup +spec: + sourcePVC: tdarr-config + trigger: + schedule: 30 12 * * * + restic: + pruneIntervalDays: 7 + repository: tdarr-config-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-external.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-external.yaml index 597ee3fbf..9ef32bf96 100644 --- a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: tdarr-server trigger: - schedule: 38 12 * * * + schedule: 32 13 * * * restic: pruneIntervalDays: 7 repository: tdarr-server-backup-secret-external diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml index 673ae4476..4def7a5b0 100644 --- a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: tdarr-server trigger: - schedule: 38 11 * * * + schedule: 32 11 * * * restic: pruneIntervalDays: 7 repository: tdarr-server-backup-secret-local diff --git a/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-remote.yaml b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-remote.yaml new file mode 100644 index 000000000..f7e4e6b05 --- /dev/null +++ b/clusters/cl01tl/manifests/tdarr/ReplicationSource-tdarr-server-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: tdarr-server-backup-source-remote + namespace: tdarr + labels: + helm.sh/chart: volsync-target-server-0.8.0 + app.kubernetes.io/instance: tdarr + app.kubernetes.io/part-of: tdarr + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tdarr-server-backup +spec: + sourcePVC: tdarr-server + trigger: + schedule: 32 12 * * * + restic: + pruneIntervalDays: 7 + repository: tdarr-server-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/vaultwarden/ExternalSecret-vaultwarden-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/vaultwarden/ExternalSecret-vaultwarden-data-backup-secret-remote.yaml new file mode 100644 index 000000000..05f790b17 --- /dev/null +++ b/clusters/cl01tl/manifests/vaultwarden/ExternalSecret-vaultwarden-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: vaultwarden-data-backup-secret-remote + namespace: vaultwarden + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: vaultwarden + app.kubernetes.io/part-of: vaultwarden + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vaultwarden-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/vaultwarden/vaultwarden-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/vaultwarden/ReplicationSource-vaultwarden-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/vaultwarden/ReplicationSource-vaultwarden-data-backup-source-remote.yaml new file mode 100644 index 000000000..c7d0cb304 --- /dev/null +++ b/clusters/cl01tl/manifests/vaultwarden/ReplicationSource-vaultwarden-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: vaultwarden-data-backup-source-remote + namespace: vaultwarden + labels: + helm.sh/chart: volsync-target-data-0.8.0 + app.kubernetes.io/instance: vaultwarden + app.kubernetes.io/part-of: vaultwarden + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vaultwarden-data-backup +spec: + sourcePVC: vaultwarden-data + trigger: + schedule: 0 0 0 * * * + restic: + pruneIntervalDays: 7 + repository: vaultwarden-data-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/yamtrack/ScheduledBackup-yamtrack-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/yamtrack/ScheduledBackup-yamtrack-postgresql-18-scheduled-backup-live-backup.yaml index 4222936f0..29bc936e4 100644 --- a/clusters/cl01tl/manifests/yamtrack/ScheduledBackup-yamtrack-postgresql-18-scheduled-backup-live-backup.yaml +++ b/clusters/cl01tl/manifests/yamtrack/ScheduledBackup-yamtrack-postgresql-18-scheduled-backup-live-backup.yaml @@ -14,7 +14,7 @@ metadata: spec: immediate: true suspend: false - schedule: "0 0 0 * * *" + schedule: "0 10 16 * * *" backupOwnerReference: self cluster: name: yamtrack-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/yubal/ExternalSecret-yubal-backup-secret-remote.yaml b/clusters/cl01tl/manifests/yubal/ExternalSecret-yubal-backup-secret-remote.yaml new file mode 100644 index 000000000..fdebcba80 --- /dev/null +++ b/clusters/cl01tl/manifests/yubal/ExternalSecret-yubal-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: yubal-backup-secret-remote + namespace: yubal + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: yubal + app.kubernetes.io/part-of: yubal + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: yubal-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/yubal/yubal" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-external.yaml b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-external.yaml index e8494913e..e13f427a7 100644 --- a/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-external.yaml +++ b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-external.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: yubal trigger: - schedule: 42 12 * * * + schedule: 34 14 * * * restic: pruneIntervalDays: 7 repository: yubal-backup-secret-external diff --git a/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-local.yaml b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-local.yaml index ff52e32ee..b03057686 100644 --- a/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-local.yaml +++ b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-local.yaml @@ -13,7 +13,7 @@ metadata: spec: sourcePVC: yubal trigger: - schedule: 42 11 * * * + schedule: 34 11 * * * restic: pruneIntervalDays: 7 repository: yubal-backup-secret-local diff --git a/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-remote.yaml b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-remote.yaml new file mode 100644 index 000000000..3f07e4068 --- /dev/null +++ b/clusters/cl01tl/manifests/yubal/ReplicationSource-yubal-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: yubal-backup-source-remote + namespace: yubal + labels: + helm.sh/chart: volsync-target-config-0.8.0 + app.kubernetes.io/instance: yubal + app.kubernetes.io/part-of: yubal + app.kubernetes.io/version: "0.8.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: yubal-backup +spec: + sourcePVC: yubal + trigger: + schedule: 34 12 * * * + restic: + pruneIntervalDays: 7 + repository: yubal-backup-secret-remote + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi