From 5b0d1bcdf0e20c8f5f10be693aad1f6f7be2a4da Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 17 Dec 2025 17:29:25 +0000 Subject: [PATCH 1/5] chore: Update manifests after change --- ...lama-web-data-backup-secret-external.yaml} | 21 ++++--- ...t-ollama-web-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...-ollama-web-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...lama-web-data-backup-source-external.yaml} | 16 +++-- ...e-ollama-web-data-backup-source-local.yaml | 32 ++++++++++ ...-ollama-web-data-backup-source-remote.yaml | 32 ++++++++++ 6 files changed, 202 insertions(+), 15 deletions(-) rename clusters/cl01tl/manifests/ollama/{ExternalSecret-ollama-web-data-backup-secret.yaml => ExternalSecret-ollama-web-data-backup-secret-external.yaml} (72%) create mode 100644 clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml rename clusters/cl01tl/manifests/ollama/{ReplicationSource-ollama-web-data-backup-source.yaml => ReplicationSource-ollama-web-data-backup-source-external.yaml} (65%) create mode 100644 clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-external.yaml similarity index 72% rename from clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret.yaml rename to clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-external.yaml index 1e16f307a..474a67417 100644 --- a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret.yaml +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-external.yaml @@ -1,12 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: ollama-web-data-backup-secret + name: ollama-web-data-backup-secret-external namespace: ollama labels: - app.kubernetes.io/name: ollama-web-data-backup-secret + helm.sh/chart: volsync-target-data-0.5.0 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup-secret-external spec: secretStoreRef: kind: ClusterSecretStore @@ -16,27 +19,27 @@ spec: mergePolicy: Merge engineVersion: v2 data: - RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web" + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web-data" data: - secretKey: BUCKET_ENDPOINT remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None - property: S3_BUCKET_ENDPOINT + property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID @@ -45,11 +48,11 @@ spec: decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: access_key + property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: secret_key + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml new file mode 100644 index 000000000..a4a28afca --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ollama-web-data-backup-secret-local + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.5.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml new file mode 100644 index 000000000..6d3652b42 --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ExternalSecret-ollama-web-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ollama-web-data-backup-secret-remote + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.5.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ollama/ollama-web-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml similarity index 65% rename from clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source.yaml rename to clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml index e5dbdea45..8fc75a483 100644 --- a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source.yaml +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-external.yaml @@ -1,28 +1,32 @@ apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: - name: ollama-web-data-backup-source + name: ollama-web-data-backup-source-external namespace: ollama labels: - app.kubernetes.io/name: ollama-web-data-backup-source + helm.sh/chart: volsync-target-data-0.5.0 app.kubernetes.io/instance: ollama app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup spec: sourcePVC: ollama-web-data trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 - repository: ollama-web-data-backup-secret + repository: ollama-web-data-backup-secret-external retain: - hourly: 1 daily: 3 - weekly: 2 + hourly: 1 monthly: 2 + weekly: 2 yearly: 4 moverSecurityContext: - runAsUser: 1337 runAsGroup: 1337 + runAsUser: 1337 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml new file mode 100644 index 000000000..fb8f6af34 --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-local.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ollama-web-data-backup-source-local + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.5.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup +spec: + sourcePVC: ollama-web-data + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: ollama-web-data-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml new file mode 100644 index 000000000..f58ce8aef --- /dev/null +++ b/clusters/cl01tl/manifests/ollama/ReplicationSource-ollama-web-data-backup-source-remote.yaml @@ -0,0 +1,32 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ollama-web-data-backup-source-remote + namespace: ollama + labels: + helm.sh/chart: volsync-target-data-0.5.0 + app.kubernetes.io/instance: ollama + app.kubernetes.io/part-of: ollama + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ollama-web-data-backup +spec: + sourcePVC: ollama-web-data + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: ollama-web-data-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + moverSecurityContext: + runAsGroup: 1337 + runAsUser: 1337 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi -- 2.49.1 From a2d1f612a3f6d6ebe5df9566b504ad812129c601 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 17 Dec 2025 17:33:12 +0000 Subject: [PATCH 2/5] chore: Update manifests after change --- ...postiz-config-backup-secret-external.yaml} | 19 +++--- ...ret-postiz-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...et-postiz-config-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...ostiz-uploads-backup-secret-external.yaml} | 19 +++--- ...et-postiz-uploads-backup-secret-local.yaml | 58 +++++++++++++++++++ ...t-postiz-uploads-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...postiz-config-backup-source-external.yaml} | 14 +++-- ...rce-postiz-config-backup-source-local.yaml | 29 ++++++++++ ...ce-postiz-config-backup-source-remote.yaml | 29 ++++++++++ ...ostiz-uploads-backup-source-external.yaml} | 14 +++-- ...ce-postiz-uploads-backup-source-local.yaml | 29 ++++++++++ ...e-postiz-uploads-backup-source-remote.yaml | 29 ++++++++++ 12 files changed, 388 insertions(+), 26 deletions(-) rename clusters/cl01tl/manifests/postiz/{ExternalSecret-postiz-config-backup-secret.yaml => ExternalSecret-postiz-config-backup-secret-external.yaml} (73%) create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-remote.yaml rename clusters/cl01tl/manifests/postiz/{ExternalSecret-postiz-uploads-backup-secret.yaml => ExternalSecret-postiz-uploads-backup-secret-external.yaml} (73%) create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-remote.yaml rename clusters/cl01tl/manifests/postiz/{ReplicationSource-postiz-config-backup-source.yaml => ReplicationSource-postiz-config-backup-source-external.yaml} (62%) create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-remote.yaml rename clusters/cl01tl/manifests/postiz/{ReplicationSource-postiz-uploads-backup-source.yaml => ReplicationSource-postiz-uploads-backup-source-external.yaml} (61%) create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-remote.yaml diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-external.yaml similarity index 73% rename from clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret.yaml rename to clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-external.yaml index 343d9a2e5..92c3da61d 100644 --- a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret.yaml +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-external.yaml @@ -1,12 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: postiz-config-backup-secret + name: postiz-config-backup-secret-external namespace: postiz labels: - app.kubernetes.io/name: postiz-config-backup-secret + helm.sh/chart: volsync-target-config-0.5.0 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup-secret-external spec: secretStoreRef: kind: ClusterSecretStore @@ -22,21 +25,21 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None - property: S3_BUCKET_ENDPOINT + property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID @@ -45,11 +48,11 @@ spec: decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: access_key + property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: secret_key + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml new file mode 100644 index 000000000..5ad0f95db --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-config-backup-secret-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-remote.yaml new file mode 100644 index 000000000..4241b9bc5 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-config-backup-secret-remote + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-external.yaml similarity index 73% rename from clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret.yaml rename to clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-external.yaml index 9c9148251..1a0c5c7e3 100644 --- a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret.yaml +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-external.yaml @@ -1,12 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: postiz-uploads-backup-secret + name: postiz-uploads-backup-secret-external namespace: postiz labels: - app.kubernetes.io/name: postiz-uploads-backup-secret + helm.sh/chart: volsync-target-upload-0.5.0 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup-secret-external spec: secretStoreRef: kind: ClusterSecretStore @@ -22,21 +25,21 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None - property: S3_BUCKET_ENDPOINT + property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID @@ -45,11 +48,11 @@ spec: decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: access_key + property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: secret_key + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml new file mode 100644 index 000000000..d864b60cb --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-uploads-backup-secret-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-uploads" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-remote.yaml b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-remote.yaml new file mode 100644 index 000000000..f65aff98b --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ExternalSecret-postiz-uploads-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: postiz-uploads-backup-secret-remote + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/postiz/postiz-uploads" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-external.yaml similarity index 62% rename from clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source.yaml rename to clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-external.yaml index 77d410369..67542e3f8 100644 --- a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source.yaml +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-external.yaml @@ -1,25 +1,29 @@ apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: - name: postiz-config-backup-source + name: postiz-config-backup-source-external namespace: postiz labels: - app.kubernetes.io/name: postiz-config-backup-source + helm.sh/chart: volsync-target-config-0.5.0 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup spec: sourcePVC: postiz-config trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 - repository: postiz-config-backup-secret + repository: postiz-config-backup-secret-external retain: - hourly: 1 daily: 3 - weekly: 2 + hourly: 1 monthly: 2 + weekly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml new file mode 100644 index 000000000..cb3b79792 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-config-backup-source-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup +spec: + sourcePVC: postiz-config + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-config-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-remote.yaml new file mode 100644 index 000000000..5304f20d2 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-config-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-config-backup-source-remote + namespace: postiz + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-config-backup +spec: + sourcePVC: postiz-config + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-config-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-external.yaml similarity index 61% rename from clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source.yaml rename to clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-external.yaml index 21fdaf948..53b39b235 100644 --- a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source.yaml +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-external.yaml @@ -1,25 +1,29 @@ apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: - name: postiz-uploads-backup-source + name: postiz-uploads-backup-source-external namespace: postiz labels: - app.kubernetes.io/name: postiz-uploads-backup-source + helm.sh/chart: volsync-target-upload-0.5.0 app.kubernetes.io/instance: postiz app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup spec: sourcePVC: postiz-uploads trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 - repository: postiz-uploads-backup-secret + repository: postiz-uploads-backup-secret-external retain: - hourly: 1 daily: 3 - weekly: 2 + hourly: 1 monthly: 2 + weekly: 2 yearly: 4 copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml new file mode 100644 index 000000000..8e5177146 --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-uploads-backup-source-local + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup +spec: + sourcePVC: postiz-uploads + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-uploads-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-remote.yaml b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-remote.yaml new file mode 100644 index 000000000..5f3f5780a --- /dev/null +++ b/clusters/cl01tl/manifests/postiz/ReplicationSource-postiz-uploads-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: postiz-uploads-backup-source-remote + namespace: postiz + labels: + helm.sh/chart: volsync-target-upload-0.5.0 + app.kubernetes.io/instance: postiz + app.kubernetes.io/part-of: postiz + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postiz-uploads-backup +spec: + sourcePVC: postiz-uploads + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: postiz-uploads-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi -- 2.49.1 From bfc498d76e20eef9ab3443c10c320a2437ee77a4 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 17 Dec 2025 17:34:38 +0000 Subject: [PATCH 3/5] chore: Update manifests after change --- ...owlarr-config-backup-secret-external.yaml} | 19 +++--- ...t-prowlarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...-prowlarr-config-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...owlarr-config-backup-source-external.yaml} | 18 +++--- ...e-prowlarr-config-backup-source-local.yaml | 39 +++++++++++++ ...-prowlarr-config-backup-source-remote.yaml | 39 +++++++++++++ 6 files changed, 216 insertions(+), 15 deletions(-) rename clusters/cl01tl/manifests/prowlarr/{ExternalSecret-prowlarr-config-backup-secret.yaml => ExternalSecret-prowlarr-config-backup-secret-external.yaml} (73%) create mode 100644 clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-remote.yaml rename clusters/cl01tl/manifests/prowlarr/{ReplicationSource-prowlarr-config-backup-source.yaml => ReplicationSource-prowlarr-config-backup-source-external.yaml} (70%) create mode 100644 clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-remote.yaml diff --git a/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret.yaml b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-external.yaml similarity index 73% rename from clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret.yaml rename to clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-external.yaml index c48f9d8d2..fe50a3c94 100644 --- a/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret.yaml +++ b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-external.yaml @@ -1,12 +1,15 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: prowlarr-config-backup-secret + name: prowlarr-config-backup-secret-external namespace: prowlarr labels: - app.kubernetes.io/name: prowlarr-config-backup-secret + helm.sh/chart: volsync-target-config-0.5.0 app.kubernetes.io/instance: prowlarr app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup-secret-external spec: secretStoreRef: kind: ClusterSecretStore @@ -22,21 +25,21 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None - property: S3_BUCKET_ENDPOINT + property: BUCKET_ENDPOINT - secretKey: RESTIC_PASSWORD remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /volsync/restic/digital-ocean metadataPolicy: None property: RESTIC_PASSWORD - secretKey: AWS_DEFAULT_REGION remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/volsync/restic/config + key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None property: AWS_DEFAULT_REGION - secretKey: AWS_ACCESS_KEY_ID @@ -45,11 +48,11 @@ spec: decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: access_key + property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None key: /digital-ocean/home-infra/volsync-backups metadataPolicy: None - property: secret_key + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..6c3b84340 --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: prowlarr-config-backup-secret-local + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/prowlarr/prowlarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-remote.yaml new file mode 100644 index 000000000..208a88fca --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ExternalSecret-prowlarr-config-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: prowlarr-config-backup-secret-remote + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/prowlarr/prowlarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source.yaml b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-external.yaml similarity index 70% rename from clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source.yaml rename to clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-external.yaml index c4f63a044..36a6aca80 100644 --- a/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source.yaml +++ b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-external.yaml @@ -1,30 +1,33 @@ apiVersion: volsync.backube/v1alpha1 kind: ReplicationSource metadata: - name: prowlarr-config-backup-source + name: prowlarr-config-backup-source-external namespace: prowlarr labels: - app.kubernetes.io/name: prowlarr-config-backup-source + helm.sh/chart: volsync-target-config-0.5.0 app.kubernetes.io/instance: prowlarr app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup spec: sourcePVC: prowlarr-config trigger: schedule: 0 4 * * * restic: pruneIntervalDays: 7 - repository: prowlarr-config-backup-secret + repository: prowlarr-config-backup-secret-external retain: - hourly: 1 daily: 3 - weekly: 2 + hourly: 1 monthly: 2 + weekly: 2 yearly: 4 moverSecurityContext: - runAsUser: 568 - runAsGroup: 568 fsGroup: 568 fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 supplementalGroups: - 44 - 100 @@ -33,3 +36,4 @@ spec: copyMethod: Snapshot storageClassName: ceph-block volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml new file mode 100644 index 000000000..55505b64f --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-local.yaml @@ -0,0 +1,39 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: prowlarr-config-backup-source-local + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup +spec: + sourcePVC: prowlarr-config + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: prowlarr-config-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + moverSecurityContext: + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 + supplementalGroups: + - 44 + - 100 + - 109 + - 65539 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-remote.yaml new file mode 100644 index 000000000..e56801e94 --- /dev/null +++ b/clusters/cl01tl/manifests/prowlarr/ReplicationSource-prowlarr-config-backup-source-remote.yaml @@ -0,0 +1,39 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: prowlarr-config-backup-source-remote + namespace: prowlarr + labels: + helm.sh/chart: volsync-target-config-0.5.0 + app.kubernetes.io/instance: prowlarr + app.kubernetes.io/part-of: prowlarr + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prowlarr-config-backup +spec: + sourcePVC: prowlarr-config + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: prowlarr-config-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + moverSecurityContext: + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 + supplementalGroups: + - 44 + - 100 + - 109 + - 65539 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi -- 2.49.1 From 10000093114a781a9452ade1fa84a6c676da3d1b Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 17 Dec 2025 17:40:38 +0000 Subject: [PATCH 4/5] chore: Update manifests after change --- .../libation/CronJob-libation-main.yaml | 4 ++-- .../libation/Deployment-libation-debug.yaml | 4 ++-- .../PersistentVolumeClaim-libation-config.yaml | 17 ----------------- .../ConfigMap-glutun-update-script.yaml | 6 ++++-- 4 files changed, 8 insertions(+), 23 deletions(-) delete mode 100644 clusters/cl01tl/manifests/libation/PersistentVolumeClaim-libation-config.yaml diff --git a/clusters/cl01tl/manifests/libation/CronJob-libation-main.yaml b/clusters/cl01tl/manifests/libation/CronJob-libation-main.yaml index 4dbd1ee63..b085107be 100644 --- a/clusters/cl01tl/manifests/libation/CronJob-libation-main.yaml +++ b/clusters/cl01tl/manifests/libation/CronJob-libation-main.yaml @@ -51,8 +51,8 @@ spec: memory: 128Mi volumeMounts: - mountPath: /config - name: config-new + name: config volumes: - - name: config-new + - name: config persistentVolumeClaim: claimName: libation diff --git a/clusters/cl01tl/manifests/libation/Deployment-libation-debug.yaml b/clusters/cl01tl/manifests/libation/Deployment-libation-debug.yaml index 3d2172d91..8ca8210e1 100644 --- a/clusters/cl01tl/manifests/libation/Deployment-libation-debug.yaml +++ b/clusters/cl01tl/manifests/libation/Deployment-libation-debug.yaml @@ -46,8 +46,8 @@ spec: memory: 32Mi volumeMounts: - mountPath: /config - name: config-new + name: config volumes: - - name: config-new + - name: config persistentVolumeClaim: claimName: libation diff --git a/clusters/cl01tl/manifests/libation/PersistentVolumeClaim-libation-config.yaml b/clusters/cl01tl/manifests/libation/PersistentVolumeClaim-libation-config.yaml deleted file mode 100644 index 2387f6aa4..000000000 --- a/clusters/cl01tl/manifests/libation/PersistentVolumeClaim-libation-config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: libation-config - namespace: libation - labels: - app.kubernetes.io/name: libation-config - app.kubernetes.io/instance: libation - app.kubernetes.io/part-of: libation -spec: - storageClassName: nfs-client - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - volumeMode: Filesystem diff --git a/clusters/cl01tl/manifests/qbittorrent/ConfigMap-glutun-update-script.yaml b/clusters/cl01tl/manifests/qbittorrent/ConfigMap-glutun-update-script.yaml index 1777e4b87..3283ac05a 100644 --- a/clusters/cl01tl/manifests/qbittorrent/ConfigMap-glutun-update-script.yaml +++ b/clusters/cl01tl/manifests/qbittorrent/ConfigMap-glutun-update-script.yaml @@ -14,7 +14,9 @@ data: echo "curl could not be found, installing"; apk add curl; fi; + echo ">> Setting port to random ..."; curl -i -X POST --silent --write-out '%{http_code}' -d "json={\"random_port\": \"true\"}" "http://localhost:8080/api/v2/app/setPreferences"; - sleep 10 - echo "updating port with $1"; + echo ">> Sleeping for changes to take effect"; + sleep 10; + echo ">> Updating port with $1 ..."; curl -i -X POST --silent --write-out '%{http_code}' -d "json={\"listen_port\": \"${1}\"}" "http://localhost:8080/api/v2/app/setPreferences"; -- 2.49.1 From 48537a8c680b2b6501e72b75b41963aca8a655a8 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 17 Dec 2025 17:57:45 +0000 Subject: [PATCH 5/5] chore: Update manifests after change --- .../Deployment-qbittorrent-main.yaml | 16 ++--- ...ge-config-data-backup-secret-external.yaml | 58 +++++++++++++++++++ ...anage-config-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...nage-config-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...ui-config-data-backup-secret-external.yaml | 58 +++++++++++++++++++ ...t-qui-config-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...-qui-config-data-backup-secret-remote.yaml | 58 +++++++++++++++++++ ...tVolumeClaim-qbittorrent-config-data.yaml} | 6 +- ...ge-config-data-backup-source-external.yaml | 29 ++++++++++ ...anage-config-data-backup-source-local.yaml | 29 ++++++++++ ...nage-config-data-backup-source-remote.yaml | 29 ++++++++++ ...ui-config-data-backup-source-external.yaml | 29 ++++++++++ ...t-qui-config-data-backup-source-local.yaml | 29 ++++++++++ ...-qui-config-data-backup-source-remote.yaml | 29 ++++++++++ 14 files changed, 530 insertions(+), 14 deletions(-) create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-external.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-remote.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-external.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-remote.yaml rename clusters/cl01tl/manifests/qbittorrent/{PersistentVolumeClaim-qbittorrent-theme-data.yaml => PersistentVolumeClaim-qbittorrent-config-data.yaml} (79%) create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-external.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-remote.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-external.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-remote.yaml diff --git a/clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-main.yaml b/clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-main.yaml index 8e063006b..be23491e1 100644 --- a/clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-main.yaml +++ b/clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-main.yaml @@ -120,12 +120,6 @@ spec: value: "002" - name: WEBUI_PORT value: "8080" - - name: DOCKER_MODS - value: ghcr.io/themepark-dev/theme.park:qbittorrent - - name: TP_COMMUNITY_THEME - value: "true" - - name: TP_THEME - value: catppuccin-mocha image: ghcr.io/linuxserver/qbittorrent:5.1.4@sha256:043498de39c3dd63eec94360c5ad966a51271d1581070f42cb73ab0cf4776f29 imagePullPolicy: IfNotPresent name: qbittorrent @@ -136,20 +130,20 @@ spec: volumeMounts: - mountPath: /config name: config + - mountPath: /config-new/qBittorrent + name: config-data - mountPath: /mnt/store name: storage - - mountPath: /themepark - name: theme-data volumes: - name: config persistentVolumeClaim: claimName: qbittorrent-config + - name: config-data + persistentVolumeClaim: + claimName: qbittorrent-config-data - name: storage persistentVolumeClaim: claimName: qbittorrent-nfs-storage - - name: theme-data - persistentVolumeClaim: - claimName: qbittorrent-theme-data - configMap: defaultMode: 493 name: glutun-update-script diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-external.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-external.yaml new file mode 100644 index 000000000..77c9b7b79 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-external.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qbit-manage-config-data-backup-secret-external + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup-secret-external +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qbit-manage-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml new file mode 100644 index 000000000..84163433c --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qbit-manage-config-data-backup-secret-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qbit-manage-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-remote.yaml new file mode 100644 index 000000000..9958adc1a --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qbit-manage-config-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qbit-manage-config-data-backup-secret-remote + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qbit-manage-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-external.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-external.yaml new file mode 100644 index 000000000..15239560d --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-external.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qui-config-data-backup-secret-external + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup-secret-external +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qui-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/digital-ocean + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_DEFAULT_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /digital-ocean/home-infra/volsync-backups + metadataPolicy: None + property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml new file mode 100644 index 000000000..b3fcf9730 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qui-config-data-backup-secret-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qui-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-remote.yaml b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-remote.yaml new file mode 100644 index 000000000..739e02363 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ExternalSecret-qbittorrent-qui-config-data-backup-secret-remote.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: qbittorrent-qui-config-data-backup-secret-remote + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup-secret-remote +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/qbittorrent/qbittorrent-qui-config-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-remote + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-theme-data.yaml b/clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-config-data.yaml similarity index 79% rename from clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-theme-data.yaml rename to clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-config-data.yaml index 18e2564e5..5962bba75 100644 --- a/clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-theme-data.yaml +++ b/clusters/cl01tl/manifests/qbittorrent/PersistentVolumeClaim-qbittorrent-config-data.yaml @@ -1,7 +1,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: qbittorrent-theme-data + name: qbittorrent-config-data labels: app.kubernetes.io/instance: qbittorrent app.kubernetes.io/managed-by: Helm @@ -12,8 +12,8 @@ metadata: namespace: qbittorrent spec: accessModes: - - "ReadWriteOnce" + - "ReadWriteMany" resources: requests: storage: "1Gi" - storageClassName: "ceph-block" + storageClassName: "ceph-filesystem" diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-external.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-external.yaml new file mode 100644 index 000000000..417fbb0a1 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-external.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qbit-manage-config-data-backup-source-external + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup +spec: + sourcePVC: qbittorrent-qbit-manage-config-data + trigger: + schedule: 0 4 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qbit-manage-config-data-backup-secret-external + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml new file mode 100644 index 000000000..593a0f940 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qbit-manage-config-data-backup-source-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup +spec: + sourcePVC: qbittorrent-qbit-manage-config-data + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qbit-manage-config-data-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-remote.yaml new file mode 100644 index 000000000..1a9cda650 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qbit-manage-config-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qbit-manage-config-data-backup-source-remote + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qbit-manage-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qbit-manage-config-data-backup +spec: + sourcePVC: qbittorrent-qbit-manage-config-data + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qbit-manage-config-data-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-external.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-external.yaml new file mode 100644 index 000000000..38960b889 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-external.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qui-config-data-backup-source-external + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup +spec: + sourcePVC: qbittorrent-qui-config-data + trigger: + schedule: 0 4 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qui-config-data-backup-secret-external + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml new file mode 100644 index 000000000..be6f6fbb6 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qui-config-data-backup-source-local + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup +spec: + sourcePVC: qbittorrent-qui-config-data + trigger: + schedule: 0 2 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qui-config-data-backup-secret-local + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-remote.yaml b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-remote.yaml new file mode 100644 index 000000000..bd94cd580 --- /dev/null +++ b/clusters/cl01tl/manifests/qbittorrent/ReplicationSource-qbittorrent-qui-config-data-backup-source-remote.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: qbittorrent-qui-config-data-backup-source-remote + namespace: qbittorrent + labels: + helm.sh/chart: volsync-target-qui-config-0.5.0 + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/part-of: qbittorrent + app.kubernetes.io/version: "0.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent-qui-config-data-backup +spec: + sourcePVC: qbittorrent-qui-config-data + trigger: + schedule: 0 3 * * * + restic: + pruneIntervalDays: 7 + repository: qbittorrent-qui-config-data-backup-secret-remote + retain: + daily: 3 + hourly: 1 + monthly: 2 + weekly: 2 + yearly: 4 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi -- 2.49.1