feat: refactor cronjobs

kubernetes/apps/default/homelab/opnsense/backup/helmrelease.yaml

@@ -1,62 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: &app homelab-opnsense-backup
-  namespace: default
-spec:
-  interval: 30m
-  chart:
-    spec:
-      chart: app-template
-      version: 3.3.2
-      sourceRef:
-        kind: HelmRepository
-        name: bjw-s
-        namespace: flux-system
-  maxHistory: 2
-  install:
-    createNamespace: true
-    remediation:
-      retries: 3
-  upgrade:
-    cleanupOnFail: true
-    remediation:
-      strategy: rollback
-      retries: 3
-  uninstall:
-    keepHistory: false
-  values:
-    controllers:
-      homelab-opnsense-backup:
-        type: cronjob
-        cronjob:
-          concurrencyPolicy: Forbid
-          schedule: "@daily"
-        containers:
-          app:
-            image:
-              repository: ghcr.io/auricom/kubectl
-              tag: 1.29.2@sha256:693ced2697bb7c7349419d4035a62bd474fc41710675b344f71773d8a687dfc3
-            command: [/bin/bash, /app/opnsense-backup.sh]
-            env:
-              OPNSENSE_URL: "https://opnsense.${SECRET_INTERNAL_DOMAIN}"
-              S3_URL: "https://s3.${SECRET_INTERNAL_DOMAIN}"
-            envFrom:
-              - secretRef:
-                  name: homelab-opnsense-secret
-    service:
-      app:
-        controller: *app
-        enabled: false
-    persistence:
-      config:
-        enabled: true
-        type: configMap
-        name: homelab-opnsense-backup-configmap
-        defaultMode: 0775
-        globalMounts:
-          - path: /app/opnsense-backup.sh
-            subPath: opnsense-backup.sh
-            readOnly: true

kubernetes/apps/default/homelab/opnsense/backup/kustomization.yaml

@@ -1,15 +0,0 @@
----
-# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: default
-resources:
-  - ./helmrelease.yaml
-configMapGenerator:
-  - name: homelab-opnsense-backup-configmap
-    files:
-      - ./opnsense-backup.sh
-generatorOptions:
-  disableNameSuffixHash: true
-  annotations:
-    kustomize.toolkit.fluxcd.io/substitute: disabled

kubernetes/apps/default/homelab/opnsense/backup/opnsense-backup.sh

@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-set -o nounset
-set -o errexit
-
-config_filename="$(date "+%Y%m%d-%H%M%S").xml"
-
-http_host=${S3_URL#*//}
-http_host=${http_host%:*}
-http_request_date=$(date -R)
-http_filepath="opnsense/${config_filename}"
-http_signature=$(
-    printf "PUT\n\ntext/xml\n%s\n/%s" "${http_request_date}" "${http_filepath}" \
-        | openssl sha1 -hmac "${AWS_SECRET_ACCESS_KEY}" -binary \
-        | base64
-)
-
-echo "Download Opnsense config file ..."
-curl -fsSL \
-    --user "${OPNSENSE_KEY}:${OPNSENSE_SECRET}" \
-    --output "/tmp/${config_filename}" \
-    "${OPNSENSE_URL}/api/core/backup/download/this"
-
-echo "Upload backup to s3 bucket ..."
-curl -fsSL \
-    -X PUT -T "/tmp/${config_filename}" \
-    -H "Host: ${http_host}" \
-    -H "Date: ${http_request_date}" \
-    -H "Content-Type: text/xml" \
-    -H "Authorization: AWS ${AWS_ACCESS_KEY_ID}:${http_signature}" \
-    "${S3_URL}/${http_filepath}"