feat: tdarr-inform

kubernetes/apps/database/crunchy-postgres-operator/cluster/pgdump.yaml

@@ -0,0 +1,105 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: &app postgres-pg-dump
+  labels: &labels
+    app.kubernetes.io/name: pg-dump
+    app.kubernetes.io/instance: *app
+    postgresql: crunchy
+    postgres-operator.crunchydata.com/cluster: crunchy
+    kustomize.toolkit.fluxcd.io/force: "Enabled"
+spec:
+  schedule: "0 6 * * *"
+  concurrencyPolicy: "Forbid"
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          labels: *labels
+        spec:
+          automountServiceAccountToken: false
+          enableServiceLinks: false
+          restartPolicy: "OnFailure"
+          securityContext:
+            runAsUser: &uid 26 # Postgres UID for Crunchy
+            runAsGroup: *uid
+            fsGroup: *uid
+          volumes:
+            - name: &pvc "nas-backups"
+              persistentVolumeClaim:
+                claimName: "pg-${PG_APP_NAME}-${PG_DB_NAME}-dump-local"
+          containers:
+            - name: "postgres-backup"
+              image: "docker.io/prodrigestivill/postgres-backup-local:16@sha256:73f18e914cb6ffb29840b3fc5be0763f48eb1ca05f093c769ccd13982a634544"
+              imagePullPolicy: "IfNotPresent"
+              command: ["/backup.sh"]
+              volumeMounts:
+                - name: *pvc
+                  subPath: "${PG_APP_NAME}"
+                  mountPath: /backups
+                  readOnly: false
+              env:
+                # don't use pg_dumpall because this template assumes 1 cluster and 1 DB by default
+                - name: "POSTGRES_CLUSTER"
+                  value: !!str "${PG_DUMPALL:='FALSE'}"
+                - name: "POSTGRES_DB"
+                  value: "${PG_DB_NAME:=postgres}"
+                # DROP backed_up_databases IF EXISTS
+                - name: "POSTGRES_EXTRA_OPTS"
+                  value: "--clean --if-exists"
+                # use pgBouncer service by default to handle connection loadbalancing and failover
+                # use primary service using Flux envsubst in case replicas are not ready, pgBouncer won't work with dumpall
+                - name: "POSTGRES_HOST"
+                  value: "pg-${PG_APP_NAME}-${PG_DUMP_FROM:=pgbouncer}.${PG_APP_NS}.svc.cluster.local"
+                  #value: "pg-${PG_APP_NAME}-replicas.${PG_APP_NS}.svc.cluster.local"
+                  #valueFrom:
+                  #  secretKeyRef:
+                  #    name: &pguser "pg-${PG_APP_NAME}-pguser-${PG_DB_USER}"
+                  #    key: "host"
+                # use pguser app credentials
+                - name: "POSTGRES_USER"
+                  valueFrom:
+                    secretKeyRef:
+                      name: &pguser "pg-${PG_APP_NAME}-pguser-${PG_DB_USER}"
+                      key: "user"
+                - name: "POSTGRES_PASSWORD"
+                  valueFrom:
+                    secretKeyRef:
+                      name: *pguser
+                      key: "password"
+              resources:
+                limits:
+                  cpu: 1000m
+                  memory: ${PG_DUMP_LOCAL_MEM:=1Gi}
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: &name "pg-${PG_APP_NAME}-${PG_DB_NAME}-dump-local"
+  labels:
+    kustomize.toolkit.fluxcd.io/force: "Enabled"
+spec:
+  storageClassName: *name
+  capacity:
+    storage: 1Mi
+  accessModes: [ReadWriteMany]
+  persistentVolumeReclaimPolicy: Retain
+  nfs:
+    server: "${IP_TRUENAS}"
+    path: "${PATH_NAS_BACKUPS_K8S}/pg-dump"
+  mountOptions: ["nfsvers=4", "tcp", "hard", "noatime", "nodiratime", "nocto"]
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: &name "pg-${PG_APP_NAME}-${PG_DB_NAME}-dump-local"
+  namespace: "${PG_APP_NS}"
+  labels:
+    kustomize.toolkit.fluxcd.io/force: "Enabled"
+spec:
+  accessModes: [ReadWriteMany]
+  storageClassName: *name
+  resources:
+    requests:
+      storage: 1Mi