From 1003373db8edbf890e053542a6982147375d0e4a Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Fri, 2 Jan 2026 05:42:35 +0000 Subject: [PATCH] chore: Update manifests after change --- ...ecret-actual-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ource-actual-data-backup-source-local.yaml | 29 ++++++++++ ...obookshelf-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ookshelf-metadata-backup-secret-local.yaml | 58 +++++++++++++++++++ ...obookshelf-config-backup-source-local.yaml | 29 ++++++++++ ...ookshelf-metadata-backup-source-local.yaml | 29 ++++++++++ ...t-backrest-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ret-backrest-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-backrest-config-backup-source-local.yaml | 29 ++++++++++ ...rce-backrest-data-backup-source-local.yaml | 29 ++++++++++ ...ret-bazarr-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rce-bazarr-config-backup-source-local.yaml | 34 +++++++++++ ...t-booklore-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...e-booklore-config-backup-source-local.yaml | 29 ++++++++++ ...ode-server-config-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ode-server-config-backup-source-local.yaml | 34 +++++++++++ ...alSecret-ephemera-backup-secret-local.yaml | 58 +++++++++++++++++++ ...onSource-ephemera-backup-source-local.yaml | 29 ++++++++++ ...ret-freshrss-data-backup-secret-local.yaml | 58 +++++++++++++++++++ ...rce-freshrss-data-backup-source-local.yaml | 39 +++++++++++++ ...ernalSecret-gatus-backup-secret-local.yaml | 58 +++++++++++++++++++ ...ationSource-gatus-backup-source-local.yaml | 29 ++++++++++ 22 files changed, 977 insertions(+) create mode 100644 clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml create mode 100644 clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml create mode 100644 clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml diff --git a/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml new file mode 100644 index 000000000..d3c1a872e --- /dev/null +++ b/clusters/cl01tl/manifests/actual/ExternalSecret-actual-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: actual-data-backup-secret-local + namespace: actual + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: actual + app.kubernetes.io/part-of: actual + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: actual-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/actual/actual-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml b/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml new file mode 100644 index 000000000..ef0ccb681 --- /dev/null +++ b/clusters/cl01tl/manifests/actual/ReplicationSource-actual-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: actual-data-backup-source-local + namespace: actual + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: actual + app.kubernetes.io/part-of: actual + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: actual-data-backup +spec: + sourcePVC: actual-data + trigger: + schedule: 0 8 * * * + restic: + pruneIntervalDays: 7 + repository: actual-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml new file mode 100644 index 000000000..062476eab --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: audiobookshelf-config-backup-secret-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/audiobookshelf/audiobookshelf-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml new file mode 100644 index 000000000..05f06b014 --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ExternalSecret-audiobookshelf-metadata-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: audiobookshelf-metadata-backup-secret-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-metadata-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-metadata-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/audiobookshelf/audiobookshelf-metadata" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml new file mode 100644 index 000000000..dd561e6c2 --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: audiobookshelf-config-backup-source-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-config-backup +spec: + sourcePVC: audiobookshelf-config + trigger: + schedule: 2 8 * * * + restic: + pruneIntervalDays: 7 + repository: audiobookshelf-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml new file mode 100644 index 000000000..38274073b --- /dev/null +++ b/clusters/cl01tl/manifests/audiobookshelf/ReplicationSource-audiobookshelf-metadata-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: audiobookshelf-metadata-backup-source-local + namespace: audiobookshelf + labels: + helm.sh/chart: volsync-target-metadata-0.7.0 + app.kubernetes.io/instance: audiobookshelf + app.kubernetes.io/part-of: audiobookshelf + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: audiobookshelf-metadata-backup +spec: + sourcePVC: audiobookshelf-metadata + trigger: + schedule: 4 8 * * * + restic: + pruneIntervalDays: 7 + repository: audiobookshelf-metadata-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml new file mode 100644 index 000000000..23afedb62 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: backrest-config-backup-secret-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/backrest/backrest-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml new file mode 100644 index 000000000..4680836a5 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ExternalSecret-backrest-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: backrest-data-backup-secret-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/backrest/backrest-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml new file mode 100644 index 000000000..5ec7906c5 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: backrest-config-backup-source-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-config-backup +spec: + sourcePVC: backrest-config + trigger: + schedule: 8 8 * * * + restic: + pruneIntervalDays: 7 + repository: backrest-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml new file mode 100644 index 000000000..cb645b087 --- /dev/null +++ b/clusters/cl01tl/manifests/backrest/ReplicationSource-backrest-data-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: backrest-data-backup-source-local + namespace: backrest + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: backrest + app.kubernetes.io/part-of: backrest + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest-data-backup +spec: + sourcePVC: backrest-data + trigger: + schedule: 6 8 * * * + restic: + pruneIntervalDays: 7 + repository: backrest-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml new file mode 100644 index 000000000..12cfbede7 --- /dev/null +++ b/clusters/cl01tl/manifests/bazarr/ExternalSecret-bazarr-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: bazarr-config-backup-secret-local + namespace: bazarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: bazarr + app.kubernetes.io/part-of: bazarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bazarr-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/bazarr/bazarr-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml b/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml new file mode 100644 index 000000000..20d97d88f --- /dev/null +++ b/clusters/cl01tl/manifests/bazarr/ReplicationSource-bazarr-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: bazarr-config-backup-source-local + namespace: bazarr + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: bazarr + app.kubernetes.io/part-of: bazarr + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bazarr-config-backup +spec: + sourcePVC: bazarr-config + trigger: + schedule: 10 8 * * * + restic: + pruneIntervalDays: 7 + repository: bazarr-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml new file mode 100644 index 000000000..b35e2e683 --- /dev/null +++ b/clusters/cl01tl/manifests/booklore/ExternalSecret-booklore-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: booklore-config-backup-secret-local + namespace: booklore + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: booklore + app.kubernetes.io/part-of: booklore + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: booklore-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/booklore/booklore-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml b/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml new file mode 100644 index 000000000..5d97428b3 --- /dev/null +++ b/clusters/cl01tl/manifests/booklore/ReplicationSource-booklore-config-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: booklore-config-backup-source-local + namespace: booklore + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: booklore + app.kubernetes.io/part-of: booklore + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: booklore-config-backup +spec: + sourcePVC: booklore-config + trigger: + schedule: 12 8 * * * + restic: + pruneIntervalDays: 7 + repository: booklore-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml new file mode 100644 index 000000000..c1a6db0ae --- /dev/null +++ b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: code-server-config-backup-secret-local + namespace: code-server + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: code-server + app.kubernetes.io/part-of: code-server + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: code-server-config-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/code-server/code-server-config" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml new file mode 100644 index 000000000..6dcde832a --- /dev/null +++ b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml @@ -0,0 +1,34 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: code-server-config-backup-source-local + namespace: code-server + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: code-server + app.kubernetes.io/part-of: code-server + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: code-server-config-backup +spec: + sourcePVC: code-server-config + trigger: + schedule: 16 8 * * * + restic: + pruneIntervalDays: 7 + repository: code-server-config-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsUser: 1000 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml b/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml new file mode 100644 index 000000000..4dcdbbec9 --- /dev/null +++ b/clusters/cl01tl/manifests/ephemera/ExternalSecret-ephemera-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: ephemera-backup-secret-local + namespace: ephemera + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: ephemera + app.kubernetes.io/part-of: ephemera + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ephemera-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/ephemera/ephemera" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml b/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml new file mode 100644 index 000000000..74dae1af5 --- /dev/null +++ b/clusters/cl01tl/manifests/ephemera/ReplicationSource-ephemera-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: ephemera-backup-source-local + namespace: ephemera + labels: + helm.sh/chart: volsync-target-config-0.7.0 + app.kubernetes.io/instance: ephemera + app.kubernetes.io/part-of: ephemera + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ephemera-backup +spec: + sourcePVC: ephemera + trigger: + schedule: 16 8 * * * + restic: + pruneIntervalDays: 7 + repository: ephemera-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml new file mode 100644 index 000000000..ffb082de4 --- /dev/null +++ b/clusters/cl01tl/manifests/freshrss/ExternalSecret-freshrss-data-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: freshrss-data-backup-secret-local + namespace: freshrss + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: freshrss + app.kubernetes.io/part-of: freshrss + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: freshrss-data-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/freshrss/freshrss-data" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml b/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml new file mode 100644 index 000000000..c66c60a26 --- /dev/null +++ b/clusters/cl01tl/manifests/freshrss/ReplicationSource-freshrss-data-backup-source-local.yaml @@ -0,0 +1,39 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: freshrss-data-backup-source-local + namespace: freshrss + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: freshrss + app.kubernetes.io/part-of: freshrss + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: freshrss-data-backup +spec: + sourcePVC: freshrss-data + trigger: + schedule: 18 8 * * * + restic: + pruneIntervalDays: 7 + repository: freshrss-data-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + moverSecurityContext: + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 568 + runAsUser: 568 + supplementalGroups: + - 44 + - 100 + - 109 + - 65539 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml new file mode 100644 index 000000000..10c5dad89 --- /dev/null +++ b/clusters/cl01tl/manifests/gatus/ExternalSecret-gatus-backup-secret-local.yaml @@ -0,0 +1,58 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: gatus-backup-secret-local + namespace: gatus + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: gatus + app.kubernetes.io/part-of: gatus + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gatus-backup-secret-local +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + target: + template: + mergePolicy: Merge + engineVersion: v2 + data: + RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/gatus/gatus" + data: + - secretKey: BUCKET_ENDPOINT + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: BUCKET_ENDPOINT + - secretKey: RESTIC_PASSWORD + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /volsync/restic/garage-local + metadataPolicy: None + property: RESTIC_PASSWORD + - secretKey: AWS_DEFAULT_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/volsync-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml b/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml new file mode 100644 index 000000000..297f58f6a --- /dev/null +++ b/clusters/cl01tl/manifests/gatus/ReplicationSource-gatus-backup-source-local.yaml @@ -0,0 +1,29 @@ +apiVersion: volsync.backube/v1alpha1 +kind: ReplicationSource +metadata: + name: gatus-backup-source-local + namespace: gatus + labels: + helm.sh/chart: volsync-target-data-0.7.0 + app.kubernetes.io/instance: gatus + app.kubernetes.io/part-of: gatus + app.kubernetes.io/version: "0.7.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gatus-backup +spec: + sourcePVC: gatus + trigger: + schedule: 22 8 * * * + restic: + pruneIntervalDays: 7 + repository: gatus-backup-secret-local + retain: + daily: 7 + hourly: 0 + monthly: 3 + weekly: 4 + yearly: 1 + copyMethod: Snapshot + storageClassName: ceph-block + volumeSnapshotClassName: ceph-blockpool-snapshot + cacheCapacity: 1Gi -- 2.49.1