feat(garage): configure backup
This commit is contained in:
parent
97351b70f9
commit
be09a12730
5 changed files with 83 additions and 0 deletions
11
garage/backup/config/buckets
Normal file
11
garage/backup/config/buckets
Normal file
|
@ -0,0 +1,11 @@
|
|||
forgejo
|
||||
zipline
|
||||
noco
|
||||
csi
|
||||
fider
|
||||
k3s
|
||||
hedgedoc
|
||||
obsidian
|
||||
linkwarden
|
||||
backup
|
||||
blog
|
18
garage/backup/kustomization.yaml
Normal file
18
garage/backup/kustomization.yaml
Normal file
|
@ -0,0 +1,18 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: garage
|
||||
|
||||
images:
|
||||
- name: rclone
|
||||
newName: rclone/rclone
|
||||
newTag: "1.66"
|
||||
|
||||
resources:
|
||||
- resources/cronjob.yaml
|
||||
- resources/secret.rclone.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: backup-config
|
||||
files:
|
||||
- config/buckets
|
53
garage/backup/resources/cronjob.yaml
Normal file
53
garage/backup/resources/cronjob.yaml
Normal file
|
@ -0,0 +1,53 @@
|
|||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: backup
|
||||
spec:
|
||||
schedule: "42 */6 * * *"
|
||||
jobTemplate:
|
||||
spec:
|
||||
completions: 11
|
||||
parallelism: 3
|
||||
completionMode: Indexed
|
||||
ttlSecondsAfterFinished: 300
|
||||
backoffLimitPerIndex: 3
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: rclone
|
||||
image: rclone
|
||||
command: ["/bin/ash", "-c"]
|
||||
args:
|
||||
- |
|
||||
for bucket in $(cat /config/backup/buckets | head -n $JOB_COMPLETION_INDEX | tail -n 1);
|
||||
do
|
||||
if [ -z "$bucket" ]; then exit 0; fi
|
||||
echo "Syncing bucket $bucket";
|
||||
rclone sync -P --update --no-update-modtime --no-update-dir-modtime --ignore-errors -v "garage:$bucket" "storagebox:garage/$bucket/";
|
||||
done
|
||||
volumeMounts:
|
||||
- name: rclone-config
|
||||
mountPath: /config/rclone
|
||||
- name: backup-config
|
||||
mountPath: /config/backup
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
restartPolicy: OnFailure
|
||||
volumes:
|
||||
- name: rclone-config
|
||||
secret:
|
||||
secretName: rclone-backup-config
|
||||
defaultMode: 420
|
||||
- name: backup-config
|
||||
configMap:
|
||||
name: backup-config
|
||||
defaultMode: 420
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
runAsNonRoot: true
|
BIN
garage/backup/resources/secret.rclone.yaml
Normal file
BIN
garage/backup/resources/secret.rclone.yaml
Normal file
Binary file not shown.
|
@ -24,6 +24,7 @@ resources:
|
|||
- resources/services.yaml
|
||||
- resources/api_routes.yaml
|
||||
- resources/web_routes.yaml
|
||||
- backup/
|
||||
|
||||
configMapGenerator:
|
||||
- name: garage-config
|
||||
|
|
Loading…
Reference in a new issue