mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
116 lines
4.8 KiB
YAML
116 lines
4.8 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: &app gitea-external-backup
|
|
namespace: &namespace default
|
|
spec:
|
|
interval: 15m
|
|
chart:
|
|
spec:
|
|
chart: raw
|
|
version: v0.3.1
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: dysnix
|
|
namespace: flux-system
|
|
install:
|
|
createNamespace: true
|
|
remediation:
|
|
retries: 5
|
|
upgrade:
|
|
remediation:
|
|
retries: 5
|
|
dependsOn:
|
|
- name: gitea
|
|
namespace: default
|
|
values:
|
|
resources:
|
|
- apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: *app
|
|
namespace: *namespace
|
|
spec:
|
|
schedule: "@daily"
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
name: *app
|
|
spec:
|
|
containers:
|
|
- name: *app
|
|
image: ghcr.io/auricom/kubectl:1.25.4@sha256:7db75d1783f0db0ef03d886bcc33856e70f160dfa055f51f2c433a95848faf78
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- "/bin/bash"
|
|
- "-c"
|
|
- |
|
|
#!/bin/bash
|
|
|
|
set -o nounset
|
|
set -o errexit
|
|
|
|
mkdir -p ~/.ssh
|
|
cp /opt/id_rsa ~/.ssh/id_rsa
|
|
chmod 600 ~/.ssh/id_rsa
|
|
|
|
ssh -o StrictHostKeyChecking=no homelab@${LOCAL_LAN_TRUENAS} << 'EOF'
|
|
|
|
set -o nounset
|
|
set -o errexit
|
|
|
|
WORK_DIR="/mnt/storage/backups/apps/gitea"
|
|
|
|
ORGANISATIONS=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/orgs" --header "Authorization: Bearer ${SECRET_GITEA_API_TOKEN}" | jq --raw-output .[].username)
|
|
ORGANISATIONS+=" auricom"
|
|
|
|
for org in $ORGANISATIONS
|
|
do
|
|
mkdir -p $WORK_DIR/$org
|
|
if [ $org == "auricom" ]; then
|
|
keyword="users"
|
|
else
|
|
keyword="orgs"
|
|
fi
|
|
REPOSITORIES=$(curl --silent --location --request GET "https://gitea.${SECRET_CLUSTER_DOMAIN}/api/v1/$keyword/$org/repos?limit=1000" --header "Authorization: Bearer ${SECRET_GITEA_API_TOKEN}" | jq --raw-output .[].name)
|
|
for repo in $REPOSITORIES
|
|
do
|
|
if [ -d "$WORK_DIR/$org/$repo" ]; then
|
|
echo "INFO: pull $org/$repo..."
|
|
cd $WORK_DIR/$org/$repo
|
|
git remote show origin -n | grep -c main &> /dev/null && MAIN_BRANCH="main" || MAIN_BRANCH="master"
|
|
git fetch --all
|
|
test $? -ne 0 && exit 1
|
|
git reset --hard origin/$MAIN_BRANCH
|
|
test $? -ne 0 && exit 1
|
|
git pull origin $MAIN_BRANCH
|
|
test $? -ne 0 && exit 1
|
|
echo "INFO: clean $org/$repo..."
|
|
git fetch --prune
|
|
for branch in $(git branch -vv | grep ': gone]' | awk '{print $1}')
|
|
do
|
|
git branch -D $branch
|
|
done
|
|
else
|
|
echo "INFO: clone $org/$repo..."
|
|
cd $WORK_DIR/$org
|
|
git clone git@gitea.${SECRET_DOMAIN}:$org/$repo.git
|
|
test $? -ne 0 && exit 1
|
|
fi
|
|
done
|
|
done
|
|
echo "INFO: Backup done"
|
|
curl -m 10 --retry 5 https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/Xk21W4T5mC?status=up&msg=OK&ping=
|
|
EOF
|
|
volumeMounts:
|
|
- name: secret
|
|
mountPath: /opt/id_rsa
|
|
subPath: deployment_rsa_priv_key
|
|
volumes:
|
|
- name: secret
|
|
secret:
|
|
secretName: gitea-config
|
|
restartPolicy: Never
|