shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔧 use raw chart for jobs

Browse Source
This commit is contained in:
auricom
2022-10-26 02:04:11 +02:00
parent f16f0fa25d
commit dc289e0e5b
26 changed files with 560 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
cluster/apps/development/gitea/backup-job.yaml
View File

@@ -1,92 +0,0 @@
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: gitea-repositories-backup
namespace: default
spec:
schedule: "@daily"
jobTemplate:
spec:
template:
metadata:
name: gitea-repositories-backup
spec:
containers:
- name: gitea-repositories-backup
image: ghcr.io/auricom/kubectl:v1.25.0@sha256:75d43a3131e25f10139174e77e689eafb1b40ed9d9094d5c8c96eba5571aeefd
imagePullPolicy: IfNotPresent
env:
- name: ENV_GITEA_API_TOKEN
valueFrom:
secretKeyRef:
name: gitea-config
key: apiToken
command:
- "/bin/bash"
- "-c"
- |
#!/bin/bash
set -o nounset
set -o errexit
mkdir -p ~/.ssh
cp /opt/id_rsa ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh -o StrictHostKeyChecking=no homelab@${LOCAL_LAN_TRUENAS} << 'EOF'
WORK_DIR="/mnt/storage/backups/apps/gitea"
ORGANISATIONS=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/orgs" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].username)
ORGANISATIONS+=" auricom"
for org in $ORGANISATIONS
do
mkdir -p $WORK_DIR/$org
if [ $org == "auricom" ]; then
keyword="users"
else
keyword="orgs"
fi
REPOSITORIES=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/$keyword/$org/repos?limit=1000" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].name)
for repo in $REPOSITORIES
do
if [ -d "$WORK_DIR/$org/$repo" ]; then
echo "INFO: pull $org/$repo..."
cd $WORK_DIR/$org/$repo
git remote show origin -n | grep -c main &> /dev/null && MAIN_BRANCH="main" || MAIN_BRANCH="master"
git fetch --all
test $? -ne 0 && exit 1
git reset --hard origin/$MAIN_BRANCH
test $? -ne 0 && exit 1
git pull origin $MAIN_BRANCH
test $? -ne 0 && exit 1
echo "INFO: clean $org/$repo..."
git fetch --prune
for branch in $(git branch -vv | grep ': gone]' | awk '{print $1}')
do
git branch -D $branch
done
else
echo "INFO: clone $org/$repo..."
cd $WORK_DIR/$org
git clone git@gitea.${SECRET_DOMAIN}:$org/$repo.git
test $? -ne 0 && exit 1
fi
done
done
echo "INFO: Backup done"
EOF
curl -m 10 --retry 5 http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-gitea-repositories-backup
volumeMounts:
- name: secret
mountPath: /opt/id_rsa
subPath: deployment_rsa_priv_key
volumes:
- name: secret
secret:
secretName: gitea-config
restartPolicy: Never

119
cluster/apps/development/gitea/external-backup/helm-release.yaml Normal file
View File

@@ -0,0 +1,119 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: &app gitea-external-backup
namespace: &namespace default
spec:
interval: 15m
chart:
spec:
chart: raw
version: v0.3.1
sourceRef:
kind: HelmRepository
name: dysnix-charts
namespace: flux-system
install:
createNamespace: true
remediation:
retries: 5
upgrade:
remediation:
retries: 5
dependsOn:
- name: gitea
namespace: default
values:
resources:
- apiVersion: batch/v1
kind: CronJob
metadata:
name: *app
namespace: *namespace
spec:
schedule: "@daily"
jobTemplate:
spec:
template:
metadata:
name: *app
spec:
containers:
- name: *app
image: ghcr.io/auricom/kubectl:v1.25.0@sha256:75d43a3131e25f10139174e77e689eafb1b40ed9d9094d5c8c96eba5571aeefd
imagePullPolicy: IfNotPresent
env:
- name: ENV_GITEA_API_TOKEN
valueFrom:
secretKeyRef:
name: gitea-config
key: apiToken
command:
- "/bin/bash"
- "-c"
- |
#!/bin/bash
set -o nounset
set -o errexit
mkdir -p ~/.ssh
cp /opt/id_rsa ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh -o StrictHostKeyChecking=no homelab@${LOCAL_LAN_TRUENAS} << 'EOF'
WORK_DIR="/mnt/storage/backups/apps/gitea"
ORGANISATIONS=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/orgs" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].username)
ORGANISATIONS+=" auricom"
for org in $ORGANISATIONS
do
mkdir -p $WORK_DIR/$org
if [ $org == "auricom" ]; then
keyword="users"
else
keyword="orgs"
fi
REPOSITORIES=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/$keyword/$org/repos?limit=1000" --header "Authorization: Bearer ${ENV_GITEA_API_TOKEN}" | jq --raw-output .[].name)
for repo in $REPOSITORIES
do
if [ -d "$WORK_DIR/$org/$repo" ]; then
echo "INFO: pull $org/$repo..."
cd $WORK_DIR/$org/$repo
git remote show origin -n | grep -c main &> /dev/null && MAIN_BRANCH="main" || MAIN_BRANCH="master"
git fetch --all
test $? -ne 0 && exit 1
git reset --hard origin/$MAIN_BRANCH
test $? -ne 0 && exit 1
git pull origin $MAIN_BRANCH
test $? -ne 0 && exit 1
echo "INFO: clean $org/$repo..."
git fetch --prune
for branch in $(git branch -vv | grep ': gone]' | awk '{print $1}')
do
git branch -D $branch
done
else
echo "INFO: clone $org/$repo..."
cd $WORK_DIR/$org
git clone git@gitea.${SECRET_DOMAIN}:$org/$repo.git
test $? -ne 0 && exit 1
fi
done
done
echo "INFO: Backup done"
EOF
curl -m 10 --retry 5 http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-gitea-repositories-backup
volumeMounts:
- name: secret
mountPath: /opt/id_rsa
subPath: deployment_rsa_priv_key
volumes:
- name: secret
secret:
secretName: gitea-config
restartPolicy: Never

4
cluster/apps/development/gitea/external-backup/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml

2
cluster/apps/development/gitea/kustomization.yaml
View File

@@ -4,4 +4,4 @@ resources:
- secret.sops.yaml
- volume.yaml
- helm-release.yaml
- backup-job.yaml
- external-backup