vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-04-10 16:36:48 +02:00
parent fa2803d230
commit fb28ca9683
2 changed files with 85 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
share/authentik/backups.tf Normal file
View File

@@ -0,0 +1,38 @@
resource "kubectl_manifest" "backup_schedule" {
count = var.backups.enable ? 1 : 0
yaml_body = <<-EOF
apiVersion: k8up.io/v1
kind: Schedule
metadata:
name: "${var.instance}-backup"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
backend:
repoPasswordSecretRef:
key: "${var.backups.restic_key}"
name: "${var.backups.secret_name}"
s3:
accessKeyIDSecretRef:
key: "${var.backups.key_id_key}"
name: "${var.backups.secret_name}"
bucket: "${var.instance}-${var.namespace}"
endpoint: "${var.backups.endpoint}/authentik"
secretAccessKeySecretRef:
key: "${var.backups.secret_key}"
name: "${var.backups.secret_name}"
backup:
schedule: "${var.backups.schedule.backup}"
failedJobsHistoryLimit: 2
successfulJobsHistoryLimit: 2
check:
schedule: "${var.backups.schedule.check}"
prune:
retention:
keepDaily: ${var.backups.retention.keepDaily}
keepMonthly: ${var.backups.retention.keepMonthly}
keepWeekly: ${var.backups.retention.keepWeekly}
keepYearly: ${var.backups.retention.keepYearly}
schedule: "${var.backups.schedule.prune}"
EOF
}

47
share/authentik/index.yaml
View File

@@ -21,10 +21,18 @@ options:
enable: false enable: false
endpoint: '' endpoint: ''
key_id_key: s3-id key_id_key: s3-id
restic_key: bck-password
retention: retention:
db: 30d db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule: schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * * db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret secret_key: s3-secret
secret_name: backup-settings secret_name: backup-settings
use_barman: false use_barman: false
@@ -32,10 +40,18 @@ options:
- enable: false - enable: false
endpoint: '' endpoint: ''
key_id_key: s3-id key_id_key: s3-id
restic_key: bck-password
retention: retention:
db: 30d db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule: schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * * db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret secret_key: s3-secret
secret_name: backup-settings secret_name: backup-settings
use_barman: false use_barman: false
@@ -49,21 +65,52 @@ options:
key_id_key: key_id_key:
default: s3-id default: s3-id
type: string type: string
restic_key:
default: bck-password
type: string
retention: retention:
default: default:
db: 30d db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
properties: properties:
db: db:
default: 30d default: 30d
type: string type: string
keepDaily:
default: 14
type: integer
keepMonthly:
default: 12
type: integer
keepWeekly:
default: 6
type: integer
keepYearly:
default: 12
type: integer
type: object type: object
schedule: schedule:
default: default:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * * db: 0 3 * * *
prune: 20 1 * * 0
properties: properties:
backup:
default: 20 3 * * *
type: string
check:
default: 20 5 * * 1
type: string
db: db:
default: 0 3 * * * default: 0 3 * * *
type: string type: string
prune:
default: 20 1 * * 0
type: string
type: object type: object
secret_key: secret_key:
default: s3-secret default: s3-secret