diff --git a/apps/gitea/kustomization.yaml b/apps/gitea/kustomization.yaml index 55f270e..0fc3abf 100755 --- a/apps/gitea/kustomization.yaml +++ b/apps/gitea/kustomization.yaml @@ -7,23 +7,10 @@ resources: - gitea-ingress.yaml - runner-pvc.yaml - runner-deployment.yaml -- restic-sa.yaml -- restic-role.yaml -- restic-role-binding.yaml -- restic-pvc.yaml -- restic-debug-pod.yaml -- restic-cronjob.yaml - - -configMapGenerator: -- name: restic-backup-script - namespace: gitea - files: - - ./restic-backup.sh +- ./restic generators: - secret-generator.yaml - # - configmap-generator.yaml helmCharts: - name: gitea diff --git a/apps/gitea/restic-backup.sh b/apps/gitea/restic/backup.sh similarity index 97% rename from apps/gitea/restic-backup.sh rename to apps/gitea/restic/backup.sh index 3ab960a..e6e5bc0 100644 --- a/apps/gitea/restic-backup.sh +++ b/apps/gitea/restic/backup.sh @@ -6,6 +6,8 @@ NC='\033[0m' echo -e "\n${GREEN}`date` - Starting backup...${NC}\n" +restic unlock + # Gitea echo -e "\n${GREEN}`date` - Backing up Gitea...${NC}\n" gitea=$(kubectl get deploy -n gitea -l app=gitea -o name --no-headers=true) diff --git a/apps/gitea/restic-cronjob.yaml b/apps/gitea/restic/cronjob.yaml similarity index 96% rename from apps/gitea/restic-cronjob.yaml rename to apps/gitea/restic/cronjob.yaml index fb7b927..5c76403 100644 --- a/apps/gitea/restic-cronjob.yaml +++ b/apps/gitea/restic/cronjob.yaml @@ -42,7 +42,7 @@ spec: - name: restic-container image: git.namesny.com/cluster/restic:latest imagePullPolicy: Always - command: ["/bin/sh", "/app/restic-backup.sh"] + command: ["/bin/sh", "/app/backup.sh"] envFrom: - secretRef: name: restic-secret diff --git a/apps/gitea/restic-debug-pod.yaml b/apps/gitea/restic/debug-pod.yaml similarity index 100% rename from apps/gitea/restic-debug-pod.yaml rename to apps/gitea/restic/debug-pod.yaml diff --git a/apps/gitea/restic/kustomization.yaml b/apps/gitea/restic/kustomization.yaml new file mode 100755 index 0000000..2a8b5b5 --- /dev/null +++ b/apps/gitea/restic/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: gitea + +resources: +- service-account.yaml +- role.yaml +- role-binding.yaml +- pvc.yaml +- debug-pod.yaml +- cronjob.yaml + +generators: +- secret-generator.yaml + +configMapGenerator: +- name: restic-backup-script + namespace: gitea + files: + - ./backup.sh + diff --git a/apps/gitea/restic-pvc.yaml b/apps/gitea/restic/pvc.yaml similarity index 100% rename from apps/gitea/restic-pvc.yaml rename to apps/gitea/restic/pvc.yaml diff --git a/apps/gitea/restic-role-binding.yaml b/apps/gitea/restic/role-binding.yaml similarity index 100% rename from apps/gitea/restic-role-binding.yaml rename to apps/gitea/restic/role-binding.yaml diff --git a/apps/gitea/restic-role.yaml b/apps/gitea/restic/role.yaml similarity index 100% rename from apps/gitea/restic-role.yaml rename to apps/gitea/restic/role.yaml diff --git a/apps/gitea/restic/secret-generator.yaml b/apps/gitea/restic/secret-generator.yaml new file mode 100644 index 0000000..636967b --- /dev/null +++ b/apps/gitea/restic/secret-generator.yaml @@ -0,0 +1,11 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: restic-secret-generator + annotations: + config.kubernetes.io/function: | + exec: + path: ksops +files: +- ./secret.enc.yaml + diff --git a/apps/gitea/restic-secret.enc.yaml b/apps/gitea/restic/secret.enc.yaml similarity index 100% rename from apps/gitea/restic-secret.enc.yaml rename to apps/gitea/restic/secret.enc.yaml diff --git a/apps/gitea/restic-sa.yaml b/apps/gitea/restic/service-account.yaml similarity index 100% rename from apps/gitea/restic-sa.yaml rename to apps/gitea/restic/service-account.yaml diff --git a/apps/gitea/secret-generator.yaml b/apps/gitea/secret-generator.yaml index 96462e1..124ed06 100644 --- a/apps/gitea/secret-generator.yaml +++ b/apps/gitea/secret-generator.yaml @@ -10,5 +10,4 @@ files: - ./gitea-admin-secret.enc.yaml - ./renovate-bot-secret.enc.yaml - ./runner-secret.enc.yaml -- ./restic-secret.enc.yaml