feat(garage): configure backup

This commit is contained in:
Peter 2024-05-08 15:00:41 +02:00
parent 97351b70f9
commit be09a12730
Signed by: prskr
GPG key ID: F56BED6903BC5E37
5 changed files with 83 additions and 0 deletions

View file

@ -0,0 +1,11 @@
forgejo
zipline
noco
csi
fider
k3s
hedgedoc
obsidian
linkwarden
backup
blog

View file

@ -0,0 +1,18 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: garage
images:
- name: rclone
newName: rclone/rclone
newTag: "1.66"
resources:
- resources/cronjob.yaml
- resources/secret.rclone.yaml
configMapGenerator:
- name: backup-config
files:
- config/buckets

View file

@ -0,0 +1,53 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: backup
spec:
schedule: "42 */6 * * *"
jobTemplate:
spec:
completions: 11
parallelism: 3
completionMode: Indexed
ttlSecondsAfterFinished: 300
backoffLimitPerIndex: 3
template:
spec:
containers:
- name: rclone
image: rclone
command: ["/bin/ash", "-c"]
args:
- |
for bucket in $(cat /config/backup/buckets | head -n $JOB_COMPLETION_INDEX | tail -n 1);
do
if [ -z "$bucket" ]; then exit 0; fi
echo "Syncing bucket $bucket";
rclone sync -P --update --no-update-modtime --no-update-dir-modtime --ignore-errors -v "garage:$bucket" "storagebox:garage/$bucket/";
done
volumeMounts:
- name: rclone-config
mountPath: /config/rclone
- name: backup-config
mountPath: /config/backup
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
restartPolicy: OnFailure
volumes:
- name: rclone-config
secret:
secretName: rclone-backup-config
defaultMode: 420
- name: backup-config
configMap:
name: backup-config
defaultMode: 420
securityContext:
allowPrivilegeEscalation: false
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true

Binary file not shown.

View file

@ -24,6 +24,7 @@ resources:
- resources/services.yaml - resources/services.yaml
- resources/api_routes.yaml - resources/api_routes.yaml
- resources/web_routes.yaml - resources/web_routes.yaml
- backup/
configMapGenerator: configMapGenerator:
- name: garage-config - name: garage-config