From 732ef74f655462984407476ca959e093058c7a6d Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Sun, 20 Nov 2022 22:50:55 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20borgserver?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kubernetes/base/config/cluster-settings.yaml | 1 + .../apps/storage/borgserver/helm-release.yaml | 84 ++++++++++++++ .../{kopia => borgserver}/kustomization.yaml | 5 +- .../borgserver/secret-clients.sops.yaml | 30 +++++ .../storage/borgserver/secret-host.sops.yaml | 31 +++++ .../config/repository.config | 0 .../helm-release.yaml | 0 .../kustomization.yaml | 0 .../kopia/kopia-kube/config/repository.config | 20 ---- .../kopia/kopia-kube/helm-release.yaml | 109 ------------------ .../kopia/kopia-kube/kustomization.yaml | 12 -- .../config/repository.config | 20 ---- .../kopia-workstations/helm-release.yaml | 109 ------------------ .../kopia-workstations/kustomization.yaml | 12 -- .../cluster-0/apps/storage/kustomization.yaml | 3 +- 15 files changed, 151 insertions(+), 285 deletions(-) create mode 100644 kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml rename kubernetes/cluster-0/apps/storage/{kopia => borgserver}/kustomization.yaml (50%) create mode 100644 kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml create mode 100644 kubernetes/cluster-0/apps/storage/borgserver/secret-host.sops.yaml rename kubernetes/cluster-0/apps/storage/{kopia-kube => kopia-web}/config/repository.config (100%) rename kubernetes/cluster-0/apps/storage/{kopia-kube => kopia-web}/helm-release.yaml (100%) rename kubernetes/cluster-0/apps/storage/{kopia-kube => kopia-web}/kustomization.yaml (100%) delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-kube/config/repository.config delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-kube/helm-release.yaml delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-kube/kustomization.yaml delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/config/repository.config delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/helm-release.yaml delete mode 100644 kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/kustomization.yaml diff --git a/kubernetes/base/config/cluster-settings.yaml b/kubernetes/base/config/cluster-settings.yaml index 5026bb6f8..73a6b8862 100644 --- a/kubernetes/base/config/cluster-settings.yaml +++ b/kubernetes/base/config/cluster-settings.yaml @@ -19,6 +19,7 @@ data: CLUSTER_LB_EMQX: 192.168.169.109 CLUSTER_LB_JELLYFIN: 192.168.169.110 CLUSTER_LB_RESILIOSYNC_HELENE: 192.168.169.111 + CLUSTER_LB_BORGSERVER: 192.168.169.112 LOCAL_LAN: 192.168.8.0/22 LOCAL_LAN_OPNSENSE: 192.168.8.1 LOCAL_LAN_TRUENAS: 192.168.9.10 diff --git a/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml b/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml new file mode 100644 index 000000000..2014ffab8 --- /dev/null +++ b/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml @@ -0,0 +1,84 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: &app borgserver + namespace: default +spec: + interval: 15m + chart: + spec: + chart: app-template + version: 1.0.1 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + createNamespace: true + remediation: + retries: 5 + upgrade: + remediation: + retries: 5 + values: + image: + repository: ghcr.io/auricom/borgserver + tag: 1.2.2@sha256:98b2c7251ecddf41a56211bc878be256d49d77774cef9f9f8213af2cae023c7f + env: + TZ: "${TIMEZONE}" + service: + main: + enabled: false + ssh: + enabled: true + type: LoadBalancer + loadBalancerIP: "${CLUSTER_LB_BORGSERVER}" + ports: + bittorrent: + enabled: true + port: 22 + protocol: TCP + targetPort: 22222 + externalTrafficPolicy: Local + probes: + liveness: &probe + enabled: true + custom: true + spec: + tcpSocket: + path: /health + port: 22222 + initialDelaySeconds: 10 + periodSeconds: 60 + timeoutSeconds: 2 + failureThreshold: 3 + readiness: *probe + startup: *probe + persistence: + keys-clients: + enabled: true + type: secret + name: borgserver-clients + mountPath: /config/clients + readOnly: true + keys-host: + enabled: true + type: secret + name: borgserver-host + mountPath: /config/host + readOnly: true + borgrepo: + enabled: true + type: nfs + server: "${LOCAL_LAN_TRUENAS}" + path: /mnt/storage/backups/borgserver + mountPath: /app + podAnnotations: + configmap.reloader.stakater.com/reload: *app + resources: + requests: + cpu: 50m + memory: 200Mi + limits: + memory: 2Gi diff --git a/kubernetes/cluster-0/apps/storage/kopia/kustomization.yaml b/kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml similarity index 50% rename from kubernetes/cluster-0/apps/storage/kopia/kustomization.yaml rename to kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml index 1d07e04ef..ad358bd1e 100644 --- a/kubernetes/cluster-0/apps/storage/kopia/kustomization.yaml +++ b/kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml @@ -2,5 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - kopia-kube - - kopia-workstations + - helm-release.yaml + - secret-clients.sops.yaml + - secret-host.sops.yaml diff --git a/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml b/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml new file mode 100644 index 000000000..38b916930 --- /dev/null +++ b/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml @@ -0,0 +1,30 @@ +kind: Secret +apiVersion: v1 +type: Opaque +metadata: + name: borgserver-clients + namespace: default +stringData: + claude-fixe-fedora: ENC[AES256_GCM,data:o3xhEfxuZvFQhMglcUx+4lLDu0PpKQ+glpdmPavBKOL4BnoeiZHpdKc1Ef9TVXoydwy+8bcGLoSKVcGClus68sD3GbTlEFnZKPmkaQ8Gc3QJ8Fb0a1S7ROBHSwq7XKIDCy6PQv9+rqPUMK0=,iv:GcAM6uIkJuYNZaDGwhTzWqTnFOl74/ztF7fyKfzr+Fc=,tag:cA54SNGb1FRUmpoAQPsJdg==,type:str] + claude-thinkpad-fedora: ENC[AES256_GCM,data:15O6nkrLPiugZm10I4Wd2A3sEEJNU3kHVK5QjGDoc7ibOdcALv2phPpChPMFqt85hRXhLZ1bknZfVlYT83XyyvA6d84nUaZAEsPqTlyvF4ux10qlm1XD/5PXE4+M/9G9NzTKzskxk677YIem20ny,iv:kh8uuwWGdA99iVW+BfufPStkITWNEfC4Ym/w0M6IGRc=,tag:fgt/WuKgcos7r6ZyyypTkQ==,type:str] + work-ledger: ENC[AES256_GCM,data:gvIO7BGIiqPBjgjRxyFQd6tMgYY7vAbVNPjb7uB262pcWRFOwU5Twt81Nk4/Ehe8M75i2NC569MQoxJU8cmBFbhkyQ2y/uSExeGf/q3dgpasbZGBeKrgjJKliEyHiiUoX/E=,iv:9sD4YcQVMlA9+LHxkD0pokqVpfQKu/Xtmd7UF5Z7d1w=,tag:v5rZZwDqRz7D9qw1vsV4Sw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSd2h2N2RELzkvODM0WE1p + c1M3bEQxdDZkZ3Zlcm9uKzFWYklLWWpUYXhvCkN1bXU3YmNrY255RmkwSXFDWmt1 + dHExaGZRODhKdm1NR2xYV29CeE5vbk0KLS0tIHpBUGVaNUhKaE5UOU1hM3c0akxX + ZWRhWnBrY1FBNVQyOU0yVGFXb0QrVnMK26Nc5Bw/jOzuxXcufHcxnugG1bzqO9T8 + LNIau17zdWX5bfWGDj++ipnm8x1sPswEULal4U2Muc2Iy7GuZPhVyg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-11-20T18:09:33Z" + mac: ENC[AES256_GCM,data:sV/hzCjbPOzIb7tz++UFRYC6sSXFIGAYVrSUMSQEj662E/vSYIct/6YsL2736cJlNm1OuCSaqPAYWN+wDc8nJeoj/sV6jbmtG2S6v9y12XpCStGFtdC551Jf73PKAO3T0xQrqDggX5TVO0aveI9iFfusOxNDosXU+YgiMylU3vw=,iv:ygU2bXZvAPesWe7O+1FboU9DL5JeN6G/eFDT4YHW0ng=,tag:3B0MohH+EW2MUFChFj8ssg==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.7.3 diff --git a/kubernetes/cluster-0/apps/storage/borgserver/secret-host.sops.yaml b/kubernetes/cluster-0/apps/storage/borgserver/secret-host.sops.yaml new file mode 100644 index 000000000..7e2c58af4 --- /dev/null +++ b/kubernetes/cluster-0/apps/storage/borgserver/secret-host.sops.yaml @@ -0,0 +1,31 @@ +kind: Secret +apiVersion: v1 +type: Opaque +metadata: + name: borgserver-host + namespace: default +stringData: + ssh_host_ed25519_key: ENC[AES256_GCM,data:FeWPg7LWcnrFm7DXdizGgxSwN4UVwl39XdQCQv8JeizTqmr9OJQLQzfLW5ExE7UD/bdHs6CvNKDOVBpcicc/Drmio6272WIQk5XcoyfyWaZQfmjKLj7Qfh3UCWi0b59uFXwfvoAEzeBbG+L530bTDyPqiIQxO9m/QVFTsBfZCg0QDJNUbQV/5a4jK5nJXIYrfE+VezbknzZtTvHVCr65ftN+ZWEjHBtClRdmnNjTaDUnCKqu+n8UKw756V5+a5+4MGUiWmwib4fYZnYFquajndvHk+73bd4mo8mO+s7zyl9txcXUJX39qGiSUmY2ABznbpP+nDMwvgHggGV/jsXAzSmhA17SVidWImyPz+vNy8oNIkkM/IviCIYiDmDFyqRGBUxjL/cc3UwtmO40QuJl3TCR8ztLkO7paYmNvwCbfHInygSlR8etao8qKzhh3EE0dTageuKKp8anCrwDeceSQ6kZsNk4zhQTXxhamNni77BcxwFNGJOGdDhXsz9/hxfAgaAPO4PwHo9jxDopX6DEV+VEQZ4vePJVMzyLaBXvgdZQSZqMWndPbbHRsbIC8YIV,iv:A1aZEhL6xK5rnbjoUNByufnpoJRO559KPwF4PlZGRsc=,tag:rtEQIRldBanayzitxHgRiA==,type:str] + ssh_host_ed25519_key.pub: ENC[AES256_GCM,data:C5+/1cNsWoshxXCkJJBofn47qBbz0TaQlHRCUt3zJbfb2T6kne3vVOYA6sEs0Kcr5Ecj6QAINwJlnmWsPsET36m6lHhcFKJeUaAQWVybOxP0eg+NBuuYoZILzdqv6xXGRCiAED+ZhEWsTgcsIjLS4Hsq,iv:yHGTQLc0Wwmc2xtOIHl8kbgInRKFwxk4wlx0UO+Jz6c=,tag:1rmWNdUgNcXGOYElMhx5xQ==,type:str] + ssh_host_rsa_key: ENC[AES256_GCM,data:a99N0mPtEbZK5Nawlj+MycuObFxz5Tn0tspdfBWC18FbUUQNqS6+DYGHJ68KU9o1eT9sVpdMO4jDhoxZNP8JqSuwv0GL6j3OhXM6xdLCO795HeaH/eeJpIjNooEhIImhRnbrz4Z/cKhNmyuHVOj7Nbo6pBJOtQTiPs3YHRRytMMfUe1UByXzA9YZPWYht7OkMOQWXXqhsuXF3JezQnzhRo8SfO2LlSX4H/5Kb444h12VCc4NIHr+ds3R3Z99wTkYcY3WKXAd6P57wAX7G/eSv9iSRKanG7NoyUoimXvTZYKcz3Il6UIZGaCS6ntwJBeBqdZjgf/3gXxyim8I90wmtDpDbqxpOF2K3EmY7DXSHud5SA7d7xvrzDnAiEPaW8GcFnlPtsTbn7DnCQ0uomf3aM8TS/NooRj2M5oufdZ2rq692h+w7q6LFB+rCdNrcttv4IDLmGd7jV7biWHvxyXgYC1DXskJArYnKzZfzNV3Yzdyg4GzKPstV8BhjtKgYTMU9OVVqK84AptGNdYfcBCB1GaNYG5vl/LP3eEjBSLubdC3JUucV5n9p9fBDf41QaCg+DrWs2xFybEM/JoBJt9DQOX4FznXJr7Qc/+FbeKZbZuqNDLReI0oTpp610DSta/Y1rlw0c6NLADA2WZzsodatUgzYfpstZ5cLl4B/i61M+928Wx4P+PrHI7IXRW4j3usNRIS7a6BF1VBdOSQn5H5lLdpDpy8IhhfAvEj1E4eSvG8s3Qp76oS7uSotyecBkCIxiu4HhGN8QGOj/2tjq6sxh05iX4YHg7C4vtmITIP6I3h8ewOP42lo6NxZp+NJKC+lryNcCqMrQuIUK5AKXqO5K1OYa6pWIUXgIssHyt+OpjaJ6VvN1VkXRioGIigg597+0AABDajLefLpFgDIMGLOWw6Mz1LaU4jg2mgfiqdSatrD9whi6TGyMFCwR4oWPZNMjw8udr3LWXj6GgnfNu6VVuLEj6e1qnEdZpywrTEM9pDGLeexvbFv0Ipexyd5OgTbMisvYCUO6nXs7FwxTIsrnjmai16whLBWa+TrChxQDOL5XJZjHZRcT+8DOl4AX9FyffIy7tdS8D2IFhk7ffernFGf/2TUGLREyw1bkAGVZjBRRJ/9y///sRal1dDp52k4OH3QZlHmjjTMExGAjn55K/fDhqdlNRdAVwFylBa83E9ci+RUW1DEJQ8t+WimS55CevwMPRjcABHm3TFgxM4gS2vySwG/+3plACqoTp7IwniTNs9hjMbU24X8FqdTxLLn5VvHjb/NzuAGhcBd/GoRg4sjDB97TWXoRRFjh2UjApUqdoU2XWW1/qkFRxYh1l9ahQy1+nRqWzo0+nVzF9KKtbubNRH9xhDcGtz/R4xep8Bxqg1Mq/wF3So/vGGGCYJ+K6eIBLdnoaq4M/WzlYRSAW94mp2WrIAAZSc+2CO14Hwnf6qyeLWJtAFSh7FBsoEmqkI1kojmI4j8MO/mzouYvaybejpOAe8p0xQ27J1I1cG0ceb5ZPrjpAsaGP3bJDu78JUYfnSHEuFOfXAXny64pFayzPOE6+F0QIK3nL3s+XO4Nj9ySJzn5iL9nGZit49nUvhp/fB+7KCNyPCMF/5+NveMYgerjvvfq+tmCS+TvWjKCrvO2fHBTVcB4XHyTuMu5BC/Vmd6qhOnpJuUt1uHpCkIlZs9tJsXzuKJ/X6Ym2UOXspzTpztzmsmQiqxIrBZ2TP2PdPCL210loK0FSRRS/FAs5/Krna/HcdzLtMhHgFlZNALpti/tHGYOuLI0sDXtdbJhxz99H/onXHTHDHoGM8auvnQCObcAp0eFiyMiEzAl2Y5S0lbGun3xbX19xuOOmn3AN2wkQ46Lcu59Bl3YPBh+ORMhyG8gTJRyS5rXq3/FvSeQbIMMy9dGru5YCu/MKOJ9IeBwyDcN4rissplAljesclZ+yaaVyFTbMgOniEQt4aRt3yuUJKWesuKmsnMXGHSxKkDSLpS3svUMBcC3yuDTONjXe7NPwQgGdqrC1nUPlIHZ6FGc0lfD6lPh0BpdpZHuFaxiHuI1kIi0VLOB05iO5Rw+QJt6oCjxiVzI0HdeKJ8WTrd8OO4XS3L0/MlEsjJO8VHBZ4UfF3jWB74mrjqvyhoOWOaqv5dZJZwtWGO5yrgqilD4MkludWMhrGGREcj5KL3EoT71+3pBUO1gqytE4UQCrPG9n2Jwb0Vb9xvaqiJfsm5tQ7BvqKysnHI4obhO57XYc9bjEwzCpKQa2AMBM2NEa8desa3fmA7JrGUbD463Zu4Cbq0cnX/5bmfPkVYgcvZgGpW++bvEZAH/TWwV8IhEoof3tNRuGs4aWkuebCqULcnspaq0zIjagJLhzVWFp0uSlyn2LUfJm6JCv09aX7nSOVXWRmh/stmxCmzFB/8oSmiTEB3O/evN6c3AzAPz+4hTleoUuIPnd+R59s0S6mm0Kdr7d+AVBOWUMfuRin+yfTXE4Ud5JT1wmTSWzaEshDx3MMH650d7gaYU0f38w7adZpB88uii/iA0SlQ+ucIEMR4UR2R6pFya515u5AVnygS6Xm4sVroEw/8H0ZE2KzdCfY6oBI9Y2Tcc3IDe0D0TNIu0d7GPgjWZPAPDV10Dm/IxHEB4RZoGwj32NqLSplEcTl1JjYg8H90AuUzfDjCV04neUiN0IROVnYYoz37PhaMFV5mSsNiQjoohmAgS3lsb4/Y9n3GfR6OHvwDpCmrA1WpM5eM/W4yzRao7t4f7EYVy1fkNdqfdUJ9IJzsK6iKux0BwE0s7uxbYWJsZwdaaoE7NuhQi0+PyltDEDrELa2tf0fFQ89PJuXiIHo6zaOomTQcqhTpte7I1nr35F3nlHWjdNp/pbYAax53owp0WY8N/Tp5Nwxg7f90KWyiAqPLpLpSi8PkNOk+hyI4Gw+QT86KjRO1P1szLDGqAy1WS02mkSvcmBF/ax3mrBrEs2aqkYTjz9jPma7vL1/VzIKuyx6j0QJWbbOTdjZBUQJjgPfWVWYPR+HjBqXX6QPF3Qo13g8BeMz2ZVsqGaTO+H/HEeX8C1i/U13+ZA3oAxAJLgbH7b2oBb3ja35Df2pBg8orCSnS8ay5yDSPOFO2UIJERuJzqHdyLlSOrgp8avEVK3U3CFbjjE1dOI7krqeKwYXoUsROSDbNTzstYBjW4zlhoK/e9P79xMmTcGaE8B0CswTcJdRH3btT0Qao+BL8s0lB4yX0rvFVvRNVNuG214/WTLll9mTs7MJZuQeX2zaC32aJ5RmGwzoBZDSik/3ZSsKr1Uyc6rOrdgrflHrDWb/a1SXuGatLfqWHUiQmyeXQjxebWcGVEset6Pby7QMwXD75HhzgCSjdP+fef9KI/Hkgt0GJJ0tzbnf277VJVgl3p1US1BiHbdzVn9wmWn4a1Wy/OqnwU571sE8QKQRCz6D8tDfm3VfBY2avxdYBMqAXttdrvaHZo5w6k4yX+qWwiQBbh4URrnsH8mZ,iv:AX/hwSuHPNe8BMFiM0n9j21SwEw3gNPP3Azq1QFkddo=,tag:kI7F5Xbmk8RE/jMIxkIkOw==,type:str] + ssh_host_rsa_key.pub: ENC[AES256_GCM,data:qXkMPzaXNnvnrmus0nALNxLH1jEqew0MS2YJ5jhDIB3Z1zfwMha/Jd+bslwDuuNeIOo+BBtNgYvvmNKAAefKbbbMFsJo9o5Yi1Y3En3xek/v3COqS/AQ7iDRkTvvrMKtKtXsPChDSsDE5xS9+cRVFlxPkNIne69bqmTdz+WImj8let9YBB6HYg7jpsnOE7CcJ2Jqw9qGJqH5cIFQoNOSWTvd//v7CcXkE0t+eAqAQDYo01y9bcTzow4qRX5RRXx6qNC7KzSDGwtBnUe1A3Z68GmlsZaSpGrGyKQTCBJ/fod+WmbsfbfDZBorJiFrVfA+nU6JfowRkWC5Bt4gg4ArcR7uW6qN7Hg6EcEZf+GPG8Isdg7Bim41JijTedD6GuPvrpxTf7klLLgKcgRjjw4vjAMa1gzl9lYdMCxVrarD61Ex1z2lvmQqvpKDpTlbnXGqbYNUYq86TsN8/PyrxzquYS21j8je8b31IgAUysnOjOVwbtegbCn6EkfisDZdQTv1vJ6Ey1SShV4udk9TT5WRaKKGDELKp94CWFdHsRHClAdCUkltqBRkQHZZC2GOCO1kROiQVbKT5TAhd96uuvAG5U+GH+CokZn7PgTVzLStIxVItueFWV2/oKxpaACEiLNwPQnXAXqqL/ArGkeQN3lWZVRUBpzNKv71vIowRA48+qHt8JqRLKqfFcUzwJaiGRCfn4g7amSvqTGOKGQ/LsZAsdSIt71//wk6zJE8/ZIfSN3rqE6WSu4RC150lJI5MF6teQ0Mz+S+AyBuUw==,iv:zUoqq6FDBMas2fkWNz3zhnM+wvxBGAb2MeI1PRzmw+8=,tag:oAN/GvXfjOYwXP4uXzts4Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSd2h2N2RELzkvODM0WE1p + c1M3bEQxdDZkZ3Zlcm9uKzFWYklLWWpUYXhvCkN1bXU3YmNrY255RmkwSXFDWmt1 + dHExaGZRODhKdm1NR2xYV29CeE5vbk0KLS0tIHpBUGVaNUhKaE5UOU1hM3c0akxX + ZWRhWnBrY1FBNVQyOU0yVGFXb0QrVnMK26Nc5Bw/jOzuxXcufHcxnugG1bzqO9T8 + LNIau17zdWX5bfWGDj++ipnm8x1sPswEULal4U2Muc2Iy7GuZPhVyg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-11-20T18:08:09Z" + mac: ENC[AES256_GCM,data:ztMF0JW6BZfpXitcdFy6wG8cIvsEGB6jVY25xijONz2qhi0F9Lw4IiJwumfJ+3hFqMJUznI3IoEjhUIR54YNpmzVwn60CJIK0nVw4WrsGDg0728fuZmA4UlLi8Paynksn3ulGjaal9+K9ML266Xmo+12lf/13Q73yA9XsVy3nRk=,iv:suhFmkdB0UprQOpR6BuJZ9K1XHaDBxzTr7ViFNOCENE=,tag:nwYdO/cYPQM2GMNI4d+GEg==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.7.3 diff --git a/kubernetes/cluster-0/apps/storage/kopia-kube/config/repository.config b/kubernetes/cluster-0/apps/storage/kopia-web/config/repository.config similarity index 100% rename from kubernetes/cluster-0/apps/storage/kopia-kube/config/repository.config rename to kubernetes/cluster-0/apps/storage/kopia-web/config/repository.config diff --git a/kubernetes/cluster-0/apps/storage/kopia-kube/helm-release.yaml b/kubernetes/cluster-0/apps/storage/kopia-web/helm-release.yaml similarity index 100% rename from kubernetes/cluster-0/apps/storage/kopia-kube/helm-release.yaml rename to kubernetes/cluster-0/apps/storage/kopia-web/helm-release.yaml diff --git a/kubernetes/cluster-0/apps/storage/kopia-kube/kustomization.yaml b/kubernetes/cluster-0/apps/storage/kopia-web/kustomization.yaml similarity index 100% rename from kubernetes/cluster-0/apps/storage/kopia-kube/kustomization.yaml rename to kubernetes/cluster-0/apps/storage/kopia-web/kustomization.yaml diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/config/repository.config b/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/config/repository.config deleted file mode 100644 index 8eaef1041..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/config/repository.config +++ /dev/null @@ -1,20 +0,0 @@ -{ - "storage": { - "type": "filesystem", - "config": { - "path": "/snapshots", - "dirShards": null - } - }, - "caching": { - "cacheDirectory": "cache", - "maxCacheSize": 5242880000, - "maxMetadataCacheSize": 5242880000, - "maxListCacheDuration": 30 - }, - "hostname": "cluster", - "username": "root", - "description": "Cluster", - "enableActions": false, - "formatBlobCacheDuration": 900000000000 -} diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/helm-release.yaml b/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/helm-release.yaml deleted file mode 100644 index 984e0fc30..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/helm-release.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: &app kopia-kube - namespace: default -spec: - interval: 15m - chart: - spec: - chart: app-template - version: 1.0.1 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - install: - createNamespace: true - remediation: - retries: 5 - upgrade: - remediation: - retries: 5 - values: - initContainers: - wait-for-repo: - image: ghcr.io/onedr0p/kopia:0.12.1@sha256:88106e6bb642ee4cb58b61a335ff55992ee2c03493f1aec804422774cf7cf063 - command: - - /bin/bash - - -c - - |- - until [ -f /snapshots/kopia.repository.f ]; do - printf "\e[1;32m%-6s\e[m\n" "Waiting for the Kopia repo to become ready ..." - sleep 1 - done - volumeMounts: - - name: snapshots - mountPath: /snapshots - image: - repository: ghcr.io/onedr0p/kopia - tag: 0.12.1@sha256:88106e6bb642ee4cb58b61a335ff55992ee2c03493f1aec804422774cf7cf063 - env: - TZ: "${TIMEZONE}" - KOPIA_PASSWORD: "none" - command: kopia - args: - - server - - --insecure - - --address - - 0.0.0.0:80 - - --metrics-listen-addr - - 0.0.0.0:8080 - - --without-password - - --log-level - - debug - service: - main: - ports: - http: - port: 80 - metrics: - enabled: true - port: 8080 - serviceMonitor: - main: - enabled: true - endpoints: - - port: metrics - scheme: http - path: /metrics - interval: 1m - scrapeTimeout: 10s - ingress: - main: - enabled: true - ingressClassName: "nginx" - hosts: - - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - *host - podSecurityContext: - supplementalGroups: - - 100 - persistence: - config: - enabled: true - type: configMap - name: *app - subPath: repository.config - mountPath: /config/repository.config - readOnly: true - snapshots: - enabled: true - type: nfs - server: "${LOCAL_LAN_TRUENAS}" - path: /mnt/storage/backups/kubernetes - mountPath: /snapshots - podAnnotations: - configmap.reloader.stakater.com/reload: *app - resources: - requests: - cpu: 10m - memory: 100Mi - limits: - memory: 500Mi diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/kustomization.yaml b/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/kustomization.yaml deleted file mode 100644 index a3be0b2e2..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-kube/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml -namespace: default -configMapGenerator: - - name: kopia-kube - files: - - ./config/repository.config -generatorOptions: - disableNameSuffixHash: true diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/config/repository.config b/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/config/repository.config deleted file mode 100644 index 8eaef1041..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/config/repository.config +++ /dev/null @@ -1,20 +0,0 @@ -{ - "storage": { - "type": "filesystem", - "config": { - "path": "/snapshots", - "dirShards": null - } - }, - "caching": { - "cacheDirectory": "cache", - "maxCacheSize": 5242880000, - "maxMetadataCacheSize": 5242880000, - "maxListCacheDuration": 30 - }, - "hostname": "cluster", - "username": "root", - "description": "Cluster", - "enableActions": false, - "formatBlobCacheDuration": 900000000000 -} diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/helm-release.yaml b/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/helm-release.yaml deleted file mode 100644 index f0a88f918..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/helm-release.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: &app kopia-workstations - namespace: default -spec: - interval: 15m - chart: - spec: - chart: app-template - version: 1.0.1 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - install: - createNamespace: true - remediation: - retries: 5 - upgrade: - remediation: - retries: 5 - values: - initContainers: - wait-for-repo: - image: ghcr.io/onedr0p/kopia:0.12.1@sha256:88106e6bb642ee4cb58b61a335ff55992ee2c03493f1aec804422774cf7cf063 - command: - - /bin/bash - - -c - - |- - until [ -f /snapshots/kopia.repository.f ]; do - printf "\e[1;32m%-6s\e[m\n" "Waiting for the Kopia repo to become ready ..." - sleep 1 - done - volumeMounts: - - name: snapshots - mountPath: /snapshots - image: - repository: ghcr.io/onedr0p/kopia - tag: 0.12.1@sha256:88106e6bb642ee4cb58b61a335ff55992ee2c03493f1aec804422774cf7cf063 - env: - TZ: "${TIMEZONE}" - KOPIA_PASSWORD: "none" - command: kopia - args: - - server - - --insecure - - --address - - 0.0.0.0:80 - - --metrics-listen-addr - - 0.0.0.0:8080 - - --without-password - - --log-level - - debug - service: - main: - ports: - http: - port: 80 - metrics: - enabled: true - port: 8080 - serviceMonitor: - main: - enabled: true - endpoints: - - port: metrics - scheme: http - path: /metrics - interval: 1m - scrapeTimeout: 10s - ingress: - main: - enabled: true - ingressClassName: "nginx" - hosts: - - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - *host - podSecurityContext: - supplementalGroups: - - 100 - persistence: - config: - enabled: true - type: configMap - name: *app - subPath: repository.config - mountPath: /config/repository.config - readOnly: true - snapshots: - enabled: true - type: nfs - server: "${LOCAL_LAN_TRUENAS}" - path: /mnt/storage/backups/kopia-workstations - mountPath: /snapshots - podAnnotations: - configmap.reloader.stakater.com/reload: *app - resources: - requests: - cpu: 10m - memory: 100Mi - limits: - memory: 500Mi diff --git a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/kustomization.yaml b/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/kustomization.yaml deleted file mode 100644 index 982329bb7..000000000 --- a/kubernetes/cluster-0/apps/storage/kopia/kopia-workstations/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml -namespace: default -configMapGenerator: - - name: kopia-workstations - files: - - ./config/repository.config -generatorOptions: - disableNameSuffixHash: true diff --git a/kubernetes/cluster-0/apps/storage/kustomization.yaml b/kubernetes/cluster-0/apps/storage/kustomization.yaml index 7b31bd9c5..d50230323 100644 --- a/kubernetes/cluster-0/apps/storage/kustomization.yaml +++ b/kubernetes/cluster-0/apps/storage/kustomization.yaml @@ -2,7 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - kopia + - borgserver + - kopia-web - resilio-sync - smartctl-exporter - truecommand