52 lines
1.5 KiB
YAML
52 lines
1.5 KiB
YAML
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: garage-db-backup-secret-remote
|
|
namespace: garage
|
|
spec:
|
|
data:
|
|
- remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /volsync/restic/garage-remote
|
|
metadataPolicy: None
|
|
property: BUCKET_ENDPOINT
|
|
secretKey: BUCKET_ENDPOINT
|
|
- remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /volsync/restic/garage-remote
|
|
metadataPolicy: None
|
|
property: RESTIC_PASSWORD
|
|
secretKey: RESTIC_PASSWORD
|
|
- remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /garage/home-infra/volsync-backups
|
|
metadataPolicy: None
|
|
property: ACCESS_REGION
|
|
secretKey: AWS_DEFAULT_REGION
|
|
- remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /garage/home-infra/volsync-backups
|
|
metadataPolicy: None
|
|
property: ACCESS_KEY_ID
|
|
secretKey: AWS_ACCESS_KEY_ID
|
|
- remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /garage/home-infra/volsync-backups
|
|
metadataPolicy: None
|
|
property: ACCESS_SECRET_KEY
|
|
secretKey: AWS_SECRET_ACCESS_KEY
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: vault
|
|
target:
|
|
template:
|
|
data:
|
|
RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/garage/garage-db"
|
|
engineVersion: v2
|
|
mergePolicy: Merge
|