diff --git a/apps/gitea/backups.tf b/apps/gitea/backups.tf index 5061092..b667608 100644 --- a/apps/gitea/backups.tf +++ b/apps/gitea/backups.tf @@ -17,7 +17,7 @@ resource "kubectl_manifest" "backup_schedule" { key: "${var.backups.key_id_key}" name: "${var.backups.secret_name}" bucket: "${var.instance}-${var.namespace}" - endpoint: "${var.backups.endpoint}/restic" + endpoint: "${var.backups.endpoint}/gitea" secretAccessKeySecretRef: key: "${var.backups.secret_key}" name: "${var.backups.secret-name}" diff --git a/share/dataset-pg/backups.tf b/share/dataset-pg/backups.tf new file mode 100644 index 0000000..09c596e --- /dev/null +++ b/share/dataset-pg/backups.tf @@ -0,0 +1,38 @@ +resource "kubectl_manifest" "backup_schedule" { + count = var.backups.enable ? 1 : 0 + yaml_body = <<-EOF + apiVersion: k8up.io/v1 + kind: Schedule + metadata: + name: "${var.instance}-backup" + namespace: "${var.namespace}" + labels: ${jsonencode(local.common-labels)} + spec: + backend: + repoPasswordSecretRef: + key: "${var.backups.restic_key}" + name: "${var.backups.secret_name}" + s3: + accessKeyIDSecretRef: + key: "${var.backups.key_id_key}" + name: "${var.backups.secret_name}" + bucket: "${var.instance}-${var.namespace}" + endpoint: "${var.backups.endpoint}/dataset" + secretAccessKeySecretRef: + key: "${var.backups.secret_key}" + name: "${var.backups.secret_name}" + backup: + schedule: "${var.backups.schedule.backup}" + failedJobsHistoryLimit: 2 + successfulJobsHistoryLimit: 2 + check: + schedule: "${var.backups.schedule.check}" + prune: + retention: + keepDaily: ${var.backups.retention.keepDaily} + keepMonthly: ${var.backups.retention.keepMonthly} + keepWeekly: ${var.backups.retention.keepWeekly} + keepYearly: ${var.backups.retention.keepYearly} + schedule: "${var.backups.schedule.prune}" + EOF +} diff --git a/share/dataset-pg/directus.tf b/share/dataset-pg/directus.tf index d4a6c37..eaf121e 100644 --- a/share/dataset-pg/directus.tf +++ b/share/dataset-pg/directus.tf @@ -34,7 +34,7 @@ resource "kubectl_manifest" "directus_config" { apiVersion: v1 kind: ConfigMap metadata: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" namespace: "${var.namespace}" labels: ${jsonencode(local.directus-labels)} data: @@ -64,7 +64,7 @@ resource "kubectl_manifest" "directus_secret" { apiVersion: "secretgenerator.mittwald.de/v1alpha1" kind: "StringSecret" metadata: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" namespace: "${var.namespace}" labels: ${jsonencode(local.directus-labels)} spec: @@ -85,7 +85,7 @@ resource "kubectl_manifest" "directus_pvc" { apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" namespace: "${var.namespace}" labels: ${jsonencode(local.common-labels)} spec: @@ -105,7 +105,7 @@ resource "kubectl_manifest" "directus_deploy" { apiVersion: apps/v1 kind: Deployment metadata: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" namespace: "${var.namespace}" labels: ${jsonencode(local.directus-labels)} spec: @@ -151,9 +151,9 @@ resource "kubectl_manifest" "directus_deploy" { name: "${var.instance}-${var.component}-app" envFrom: - secretRef: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" - configMapRef: - name: "${var.component}-${var.instance}-directus" + name: "${var.instance}-${var.component}-directus" image: "${var.extentions.directus.image.registry}/${var.extentions.directus.image.repository}:${var.extentions.directus.image.tag}" imagePullPolicy: "${var.extentions.directus.image.pull_policy}" ports: @@ -191,7 +191,7 @@ resource "kubectl_manifest" "directus_deploy" { defaultMode: 0444 - name: store persistentVolumeClaim: - claimName: "${var.component}-${var.instance}-directus" + claimName: "${var.instance}-${var.component}-directus" EOF } diff --git a/share/dataset-pg/index.yaml b/share/dataset-pg/index.yaml index 264bac7..73df6a2 100644 --- a/share/dataset-pg/index.yaml +++ b/share/dataset-pg/index.yaml @@ -16,22 +16,40 @@ options: enable: false endpoint: '' key_id_key: s3-id + restic_key: bck-password retention: db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 schedule: + backup: 20 3 * * * + check: 20 5 * * 1 db: 0 3 * * * + prune: 20 1 * * 0 secret_key: s3-secret secret_name: backup-settings + use_barman: false examples: - enable: false endpoint: '' key_id_key: s3-id + restic_key: bck-password retention: db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 schedule: + backup: 20 3 * * * + check: 20 5 * * 1 db: 0 3 * * * + prune: 20 1 * * 0 secret_key: s3-secret secret_name: backup-settings + use_barman: false properties: enable: default: false @@ -42,21 +60,52 @@ options: key_id_key: default: s3-id type: string + restic_key: + default: bck-password + type: string retention: default: db: 30d + keepDaily: 14 + keepMonthly: 12 + keepWeekly: 6 + keepYearly: 12 properties: db: default: 30d type: string + keepDaily: + default: 14 + type: integer + keepMonthly: + default: 12 + type: integer + keepWeekly: + default: 6 + type: integer + keepYearly: + default: 12 + type: integer type: object schedule: default: + backup: 20 3 * * * + check: 20 5 * * 1 db: 0 3 * * * + prune: 20 1 * * 0 properties: + backup: + default: 20 3 * * * + type: string + check: + default: 20 5 * * 1 + type: string db: default: 0 3 * * * type: string + prune: + default: 20 1 * * 0 + type: string type: object secret_key: default: s3-secret @@ -64,6 +113,9 @@ options: secret_name: default: backup-settings type: string + use_barman: + default: false + type: boolean type: object databases: default: [] diff --git a/share/dataset-pg/postgrest.tf b/share/dataset-pg/postgrest.tf index 195c8a1..b885590 100644 --- a/share/dataset-pg/postgrest.tf +++ b/share/dataset-pg/postgrest.tf @@ -23,7 +23,7 @@ resource "kubectl_manifest" "postgrest_config" { apiVersion: v1 kind: ConfigMap metadata: - name: "${var.component}-${var.instance}-postgrest" + name: "${var.instance}-${var.component}-postgrest" namespace: "${var.namespace}" labels: ${jsonencode(local.prest-labels)} data: @@ -46,7 +46,7 @@ resource "kubectl_manifest" "postgrest_deploy" { apiVersion: apps/v1 kind: Deployment metadata: - name: "${var.component}-${var.instance}-postgrest" + name: "${var.instance}-${var.component}-postgrest" namespace: "${var.namespace}" labels: ${jsonencode(local.prest-labels)} spec: @@ -82,7 +82,7 @@ resource "kubectl_manifest" "postgrest_deploy" { name: "${var.instance}-${var.component}-app" envFrom: - configMapRef: - name: "${var.component}-${var.instance}-postgrest" + name: "${var.instance}-${var.component}-postgrest" image: "${var.extentions.postgrest.image.registry}/${var.extentions.postgrest.image.repository}:${var.extentions.postgrest.image.tag}" imagePullPolicy: "${var.extentions.postgrest.image.pull_policy}" ports: @@ -126,7 +126,7 @@ EOF protocol: TCP envFrom: - configMapRef: - name: "${var.component}-${var.instance}-postgrest" + name: "${var.instance}-${var.component}-postgrest" EOF ]:[""])) }