feat(garage): configure backup
This commit is contained in:
parent
97351b70f9
commit
be09a12730
5 changed files with 83 additions and 0 deletions
11
garage/backup/config/buckets
Normal file
11
garage/backup/config/buckets
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
forgejo
|
||||||
|
zipline
|
||||||
|
noco
|
||||||
|
csi
|
||||||
|
fider
|
||||||
|
k3s
|
||||||
|
hedgedoc
|
||||||
|
obsidian
|
||||||
|
linkwarden
|
||||||
|
backup
|
||||||
|
blog
|
18
garage/backup/kustomization.yaml
Normal file
18
garage/backup/kustomization.yaml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namespace: garage
|
||||||
|
|
||||||
|
images:
|
||||||
|
- name: rclone
|
||||||
|
newName: rclone/rclone
|
||||||
|
newTag: "1.66"
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- resources/cronjob.yaml
|
||||||
|
- resources/secret.rclone.yaml
|
||||||
|
|
||||||
|
configMapGenerator:
|
||||||
|
- name: backup-config
|
||||||
|
files:
|
||||||
|
- config/buckets
|
53
garage/backup/resources/cronjob.yaml
Normal file
53
garage/backup/resources/cronjob.yaml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: backup
|
||||||
|
spec:
|
||||||
|
schedule: "42 */6 * * *"
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
completions: 11
|
||||||
|
parallelism: 3
|
||||||
|
completionMode: Indexed
|
||||||
|
ttlSecondsAfterFinished: 300
|
||||||
|
backoffLimitPerIndex: 3
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: rclone
|
||||||
|
image: rclone
|
||||||
|
command: ["/bin/ash", "-c"]
|
||||||
|
args:
|
||||||
|
- |
|
||||||
|
for bucket in $(cat /config/backup/buckets | head -n $JOB_COMPLETION_INDEX | tail -n 1);
|
||||||
|
do
|
||||||
|
if [ -z "$bucket" ]; then exit 0; fi
|
||||||
|
echo "Syncing bucket $bucket";
|
||||||
|
rclone sync -P --update --no-update-modtime --no-update-dir-modtime --ignore-errors -v "garage:$bucket" "storagebox:garage/$bucket/";
|
||||||
|
done
|
||||||
|
volumeMounts:
|
||||||
|
- name: rclone-config
|
||||||
|
mountPath: /config/rclone
|
||||||
|
- name: backup-config
|
||||||
|
mountPath: /config/backup
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
volumes:
|
||||||
|
- name: rclone-config
|
||||||
|
secret:
|
||||||
|
secretName: rclone-backup-config
|
||||||
|
defaultMode: 420
|
||||||
|
- name: backup-config
|
||||||
|
configMap:
|
||||||
|
name: backup-config
|
||||||
|
defaultMode: 420
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
fsGroup: 1000
|
||||||
|
runAsNonRoot: true
|
BIN
garage/backup/resources/secret.rclone.yaml
Normal file
BIN
garage/backup/resources/secret.rclone.yaml
Normal file
Binary file not shown.
|
@ -24,6 +24,7 @@ resources:
|
||||||
- resources/services.yaml
|
- resources/services.yaml
|
||||||
- resources/api_routes.yaml
|
- resources/api_routes.yaml
|
||||||
- resources/web_routes.yaml
|
- resources/web_routes.yaml
|
||||||
|
- backup/
|
||||||
|
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: garage-config
|
- name: garage-config
|
||||||
|
|
Loading…
Reference in a new issue