⚰️ kopia tasks

.taskfiles/kopia.yaml

@@ -1,75 +0,0 @@
----
-version: "3"
-
-x-preconditions: &preconditions
-  - &has-app
-    msg: "App '{{.APP}}' not found"
-    sh: kubectl get deployment,statefulset -A | awk '/{{.APP}}\s/{print $1}' | grep .
-  - &has-cronjob
-    msg: "CronJob '{{.APP}}-{{.CLAIM}}-snapshot' in namespace '{{.NAMESPACE}}' not found"
-    sh: kubectl get cronjob -n {{.NAMESPACE}} {{.APP}}-{{.CLAIM}}-snapshot
-  - &has-claim
-    msg: "Claim '{{.CLAIM}}' in namespace '{{.NAMESPACE}}' not found"
-    sh: kubectl get pvc -n {{.NAMESPACE}} {{.CLAIM}}
-  - &has-restore-job-file
-    msg: "File '{{.PROJECT_DIR}}/tools/kopia-restore.yaml' not found"
-    sh: "test -f {{.PROJECT_DIR}}/tools/kopia-restore.yaml"
-
-x-vars: &vars
-  NAMESPACE:
-    sh: kubectl get deployment,statefulset -A | awk '/{{.APP}}\s/{print $1}'
-  NAME:
-    sh: kubectl get deployment,statefulset -n {{.NAMESPACE}} | awk '/{{.APP}}\s/{print $1}'
-  SNAPSHOT: '{{.SNAPSHOT | default "latest"}}'
-  TS: '{{now | date "20060102150405"}}'
-
-tasks:
-  list:
-    desc: List all existing snapshots for an app and claim (task snapshot:list APP=plex CLAIM=plex [KOPIA_NAMESPACE=<namespace>])
-    cmds:
-      - kubectl -n {{.KOPIA_NAMESPACE | default "default"}} exec -it deployment/kopia -c kopia -- kopia snapshot list /data/{{.NAMESPACE}}/{{.APP}}/{{.CLAIM}} {{.CLI_ARGS}}
-    vars: *vars
-    preconditions:
-      - sh: kubectl -n {{.KOPIA_NAMESPACE | default "default"}} get deployment kopia
-        msg: |
-          deployment/kopia in namespace/{{.KOPIA_NAMESPACE | default "default"}} not found
-
-  create:
-    desc: Create a snapshot job for an app and claim (task snapshot:create APP=plex CLAIM=plex [TIMEOUT=<timeout>])
-    cmds:
-      - |
-        kubectl -n {{.NAMESPACE}} create job --from=cronjob/{{.APP}}-{{.CLAIM}}-snapshot {{.APP}}-{{.CLAIM}}-snapshot-{{.TS}} --dry-run=client --output yaml \
-          | yq eval "del(.spec.template.spec.initContainers)" - \
-          | kubectl apply -f -
-      - sleep 2
-      - kubectl -n {{.NAMESPACE}} wait pod --for condition=ready --selector=job-name={{.APP}}-{{.CLAIM}}-snapshot-{{.TS}} --timeout={{.TIMEOUT | default "1m"}}
-      - kubectl -n {{.NAMESPACE}} logs --selector=job-name={{.APP}}-{{.CLAIM}}-snapshot-{{.TS}} -f
-      - kubectl -n {{.NAMESPACE}} delete job {{.APP}}-{{.CLAIM}}-snapshot-{{.TS}}
-    vars: *vars
-    preconditions: *preconditions
-
-  restore:
-    desc: Create a restore job for an app and claim (task snapshot:restore APP=plex CLAIM=plex [SNAPSHOT=(latest|<snapshot-id>) KOPIA_NAMESPACE=<namespace> TIMEOUT=<timeout>])
-    cmds:
-      - flux -n {{.NAMESPACE}} suspend helmrelease {{.APP}}
-      - kubectl -n {{.NAMESPACE}} scale {{.NAME}} --replicas 0
-      - kubectl -n {{.NAMESPACE}} wait pod --for delete --selector="app.kubernetes.io/name={{.APP}}" --timeout=2m
-      - envsubst < <(cat ./kubernetes/tools/kopia-restore.yaml) | kubectl apply -f -
-      - sleep 2
-      - kubectl -n {{.NAMESPACE}} wait job --for condition=complete {{.APP}}-{{.CLAIM}}-restore --timeout={{.TIMEOUT | default "60m"}}
-      - flux -n {{.NAMESPACE}} resume helmrelease {{.APP}}
-      - kubectl -n {{.NAMESPACE}} logs job/{{.APP}}-{{.CLAIM}}-restore
-      - kubectl -n {{.NAMESPACE}} delete job {{.APP}}-{{.CLAIM}}-restore
-    vars: *vars
-    env:
-      APP: "{{.APP}}"
-      NAMESPACE: "{{.NAMESPACE}}"
-      CLAIM: "{{.CLAIM}}"
-      SNAPSHOT:
-        sh: |
-          if [[ {{.SNAPSHOT}} == "latest" ]]; then
-            kubectl exec deployment/kopia -n {{.KOPIA_NAMESPACE | default "default"}} -c kopia -- kopia snapshot list /data/{{.NAMESPACE}}/{{.APP}}/{{.CLAIM}} --json | jq --raw-output '.[-1] | .id'
-          else
-            echo {{.SNAPSHOT}}
-          fi
-    preconditions: *preconditions

Taskfile.yml

@@ -10,7 +10,6 @@ vars:
 includes:
   an: .taskfiles/Ansible/Tasks.yml
   fx: .taskfiles/Flux/Tasks.yml
-  kopia: .taskfiles/kopia.yaml
   ku: .taskfiles/Kubernetes/Tasks.yml
   vs: .taskfiles/VolSync/Tasks.yml
 

kubernetes/apps/default/emqx/app/emqx/helmrelease.yaml

@@ -40,6 +40,9 @@ spec:
       dashboard:
         enabled: true
         ingressClassName: nginx
+        annotations:
+          hajimari.io/appName: "EMQX"
+          hajimari.io/icon: simple-icons:eclipsemosquitto
         path: /
         pathType: Prefix
         hosts:

kubernetes/apps/default/home-assistant/app/helmrelease.yaml

@@ -51,7 +51,7 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
-        annotaions:
+        annotations:
           hajimari.io/icon: mdi:home-assistant
         hosts:
           - host: &host "hass.${SECRET_CLUSTER_DOMAIN}"

kubernetes/apps/default/jellyseer/app/helmrelease.yaml

@@ -42,6 +42,8 @@ spec:
       main:
         enabled: true
         ingressClassName: "nginx"
+        annotations:
+          hajimari.io/icon: mdi:eye-circle
         hosts:
           - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
             paths:

kubernetes/apps/flux-system/addons/webhooks/github/ingress.yaml

@@ -6,6 +6,7 @@ metadata:
   namespace: flux-system
   annotations:
     external-dns.home.arpa/enabled: "true"
+    hajimari.io/enable: "false"
 spec:
   ingressClassName: "nginx"
   rules:

kubernetes/apps/monitoring/loki/app/helmrelease.yaml

@@ -107,6 +107,8 @@ spec:
       ingress:
         enabled: true
         ingressClassName: "nginx"
+        annotations:
+          hajimari.io/enable: "false"
         hosts:
           - host: &host "loki.${SECRET_CLUSTER_DOMAIN}"
             paths:

kubernetes/apps/monitoring/thanos/app/helmrelease.yaml

@@ -46,6 +46,7 @@ spec:
         hostname: &host "thanos-query.${SECRET_CLUSTER_DOMAIN}"
         annotations:
           auth.home.arpa/enabled: "true"
+          hajimari.io/enable: "false"
         ingressClassName: "nginx"
         tls: true
         extraTls:
@@ -74,6 +75,8 @@ spec:
         enabled: true
         hostname: &host "thanos-compactor.${SECRET_CLUSTER_DOMAIN}"
         ingressClassName: "nginx"
+        annotations:
+          hajimari.io/enable: "false"
         tls: true
         extraTls:
           - hosts:

tools/kopia-restore.yaml

@@ -1,42 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: ${APP}-${CLAIM}-restore
-  namespace: ${NAMESPACE}
-spec:
-  ttlSecondsAfterFinished: 3600
-  template:
-    spec:
-      automountServiceAccountToken: false
-      restartPolicy: OnFailure
-      containers:
-        - name: restore
-          image: ghcr.io/onedr0p/kopia:0.12.1@sha256:01ed9b934fa40216f17ffc8a906cf7a7e21c8d41a93f5ed571f2e5efa43844a7
-          env:
-            - name: KOPIA_PASSWORD
-              value: "none"
-          command:
-            - /bin/bash
-            - -c
-            - |-
-              shopt -s dotglob
-              printf "\e[1;32m%-6s\e[m\n" "[01/04] Connect to repo ..."      && kopia repo connect filesystem --path=/snapshots --override-hostname=cluster --override-username=root
-              printf "\e[1;32m%-6s\e[m\n" "[02/04] Remove previous data ..." && rm -rf /data/${NAMESPACE}/${APP}/${CLAIM}/*
-              printf "\e[1;32m%-6s\e[m\n" "[03/04] Restore snapshot ..."     && kopia snap restore "${SNAPSHOT}" /data/${NAMESPACE}/${APP}/${CLAIM}
-              printf "\e[1;32m%-6s\e[m\n" "[04/04] Disconnect from repo ..." && kopia repo disconnect
-          volumeMounts:
-            - name: data
-              mountPath: /data/${NAMESPACE}/${APP}/${CLAIM}
-            - name: snapshots
-              mountPath: /snapshots
-          securityContext:
-            privileged: true
-      volumes:
-        - name: data
-          persistentVolumeClaim:
-            claimName: ${CLAIM}
-        - name: snapshots
-          nfs:
-            server: 192.168.9.10
-            path: /mnt/storage/backups/kubernetes