Cluster
/
k3s-configs
2
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Restic backup cronjob implementation

This commit is contained in:
LordMathis 2024-01-30 17:12:59 +01:00
parent 4d48b8355d
commit 76bb29e566
6 changed files with 87 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/gitea/kustomization.yaml
View File

@ -7,6 +7,17 @@ resources:
- gitea-ingress.yaml
- runner-pvc.yaml
- runner-deployment.yaml
- restic-sa.yaml
- restic-role.yaml
- restic-role-binding.yaml
- restic-backup-cronjob.yaml
configMapGenerator:
- name: restic-backup-script
behavior: merge
files:
- restic-backup.sh
generators:
- secret-generator.yaml

48
apps/gitea/restic-backup-cj.yaml → apps/gitea/restic-backup-cronjob.yaml
View File

@ -9,45 +9,51 @@ spec:
spec:
template:
spec:
serviceAccountName: restic-admin-sa
volumes:
- name: gitea-data
emptyDir: {}
- name: backup-vol
emptyDir: {}
persistentVolumeClaim:
claimName: gitea-shared-storage
- name: postgres-data
persistentVolumeClaim:
claimName: data-gitea-postgresql-0
- name: postgres-backup-vol
emptyDir: {}
- name: backup-script
configMap:
name: restic-backup-script
- name: repo-env
secret:
secretName: repo-env-secret
initContainers:
- name: postgres-dump-init
image: bitnami/postgresql:15.3.0-debian-11-r24
command: ["/bin/sh", "-c"]
args: ["pg_dump -U gitea gitea -Fc > /backup-vol/postgres_backup.dump"]
env:
- name: PGPASSWORD
value: "<password>"
args: ["pg_dump -U gitea gitea -Fc > /pg_backup/postgres_backup.dump"]
volumeMounts:
- name: backup-vol
mountPath: /backup-vol
mountPath: /pg_backup
- name: postgres-data
mountPath: /bitnami/postgresql/data
- name: gitea-dump-init
image: gitea-image:tag
command: ["/bin/sh", "-c"]
args: ["cp /path/to/backup.zip /backup-vol/backup.zip"]
volumeMounts:
- name: gitea-data
mountPath: /path/to/backup
- name: backup-vol
mountPath: /backup-vol
containers:
- name: restic-container
image: git.namesny.com/cluster/restic:0.16.2-r0
command: ["/bin/bash", "/path/to/backup.sh"]
image: git.namesny.com/cluster/restic:latest
imagePullPolicy: Always
command: ["/bin/bash", "/app/restic-backup.sh"]
volumeMounts:
- name: backup-vol
mountPath: /backup-vol
mountPath: /pg_backup
- name: gitea-data
mountPath: /gitea
- name: backup-script
mountPath: /app
subpath: restic-backup.sh
- name: repo-env
mountPath: /app
subpath: repo.env
restartPolicy: OnFailure

22
apps/gitea/restic-backup.sh Normal file
View File

@ -0,0 +1,22 @@
#!/bin/sh
source .restic.env
# Set up colors
GREEN='\033[0;32m'
NC='\033[0m'
echo -e "\n${GREEN}`date` - Starting backup...${NC}\n"
# Gitea
echo -e "\n${GREEN}`date` - Backing up Gitea...${NC}\n"
gitea=$(kubectl get po -n gitea -l app=gitea -o name --no-headers=true)
kubectl scale --replicas=0 $gitea -n gitea
restic backup /gitea
restic backup /pg_backup/postgres_backup.dump
kubectl scale --replicas=1 $gitea -n gitea
# Forget and prune
echo -e "\n${GREEN}`date` - Running forget and prune...${NC}\n"
restic forget --prune --keep-daily 7 --keep-weekly 2
echo -e "\n${GREEN}`date` - Backup finished.${NC}\n"

13
apps/gitea/restic-role-binding.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: restic-role-binding
namespace: gitea
subjects:
- kind: ServiceAccount
name: restic-sa
namespace: gitea
roleRef:
kind: Role
name: restic-role
apiGroup: rbac.authorization.k8s.io

9
apps/gitea/restic-role.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: restic-role
namespace: gitea
rules:
- apiGroups: [""]
resources: ["deployments", "pods"]
verbs: ["get", "list", "update", "patch"]

5
apps/gitea/restic-sa.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: restic-sa
namespace: gitea