--- apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: &app kopia namespace: default spec: interval: 15m chart: spec: chart: app-template version: 1.1.3 sourceRef: kind: HelmRepository name: bjw-s namespace: flux-system install: createNamespace: true remediation: retries: 5 upgrade: remediation: retries: 5 values: initContainers: wait-for-repo: image: ghcr.io/onedr0p/kopia:0.12.1@sha256:ed13c180efbe3bbaf9101ebf6951666eddf9d97a08e695d366088fee9b60d508 command: - /bin/bash - -c - |- until [ -f /snapshots/kopia.repository.f ]; do printf "\e[1;32m%-6s\e[m\n" "Waiting for the Kopia repo to become ready ..." sleep 1 done volumeMounts: - name: snapshots mountPath: /snapshots image: repository: ghcr.io/onedr0p/kopia tag: 0.12.1@sha256:ed13c180efbe3bbaf9101ebf6951666eddf9d97a08e695d366088fee9b60d508 env: TZ: "${TIMEZONE}" KOPIA_PASSWORD: "none" command: kopia args: - server - --insecure - --address - 0.0.0.0:80 - --metrics-listen-addr - 0.0.0.0:8080 - --without-password - --log-level - debug service: main: ports: http: port: 80 metrics: enabled: true port: 8080 serviceMonitor: main: enabled: true endpoints: - port: metrics scheme: http path: /metrics interval: 1m scrapeTimeout: 10s ingress: main: enabled: true ingressClassName: "nginx" hosts: - host: &host "kopia.${SECRET_CLUSTER_DOMAIN}" paths: - path: / pathType: Prefix tls: - hosts: - *host podSecurityContext: supplementalGroups: - 100 persistence: config: enabled: true type: configMap name: *app subPath: repository.config mountPath: /config/repository.config readOnly: true snapshots: enabled: true type: nfs server: "${LOCAL_LAN_TRUENAS}" path: /mnt/storage/backups/kubernetes mountPath: /snapshots podAnnotations: configmap.reloader.stakater.com/reload: *app resources: requests: cpu: 10m memory: 100Mi limits: memory: 500Mi