refactoring (documentation review for runme)

README.md

@@ -1,33 +1,102 @@
-# git.limbosolutions.com
-
-Welcome to public repository of my [Git Server](https://git.limbosolutions.com)
-
-Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server.
-
-- [gitea - helm chart](#gitea---helm-chart)
-  - [add chart](#add-chart)
-  - [update chart](#update-chart)
-  - [Upgrade / Install](#upgrade--install)
-
-## gitea - helm chart
-
-### add chart
-
-``` bash
-helm repo add gitea-charts https://dl.gitea.com/charts/
-```
-
-### update chart
-
-``` bash
-helm repo update
-```
-
-### Upgrade / Install
-
-``` bash
-helm upgrade --install gitea gitea-charts/gitea \
---values ./gitea/values.yaml \
---values ./gitea/values.private.yaml \
---namespace=git-limbosolutions-com
-```
+# git.limbosolutions.com
+
+Welcome to public repository of my [Git Server](https://git.limbosolutions.com)
+
+Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server.
+
+- [Setup](#setup)
+  - [kubernetes Namespace](#kubernetes-namespace)
+  - [Add Help Chart](#add-help-chart)
+  - [Update Helm charts](#update-helm-charts)
+  - [Upgrade / Install](#upgrade--install)
+- [Backups](#backups)
+  - [kubernetes cron job - Proxmox Backup Server](#kubernetes-cron-job---proxmox-backup-server)
+  - [kubernetes cron job - Borg and Offsite sync](#kubernetes-cron-job---borg-and-offsite-sync)
+  - [borgbackup sidekick](#borgbackup-sidekick)
+    - [Create borgbackup-sidekick pod](#create-borgbackup-sidekick-pod)
+    - [Remove borgbackup-sidekick pod](#remove-borgbackup-sidekick-pod)
+
+## Setup
+
+### kubernetes Namespace
+
+```yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: git-limbosolutions-com
+  labels:
+    name: git-limbosolutions-com
+
+```
+
+### Add Help Chart
+
+```bash
+helm repo add gitea-charts https://dl.gitea.com/charts/
+```
+
+### Update Helm charts
+
+```bash
+helm repo update
+```
+
+### Upgrade / Install
+
+```bash
+helm upgrade --install gitea gitea-charts/gitea \
+--values ./gitea/values.yaml \
+--values ./gitea/values.private.yaml \
+--namespace=git-limbosolutions-com
+```
+
+## Backups
+
+### kubernetes cron job - Proxmox Backup Server
+
+[kubernetes cron job](/backups/backup-cronjob.yaml)
+
+### kubernetes cron job - Borg and Offsite sync
+
+```bash
+# deploy secrets      
+. ./backups/.env
+# set variables in env file as export
+export $(cut -d= -f1 ./backups/.env)
+envsubst < ./backups/gitea-backup-secret.yaml | kubectl apply -f -
+
+```
+
+[kubernetes cron job](/backups/borgbackup-offsite-cronjob.yaml)
+
+### borgbackup sidekick
+
+```bash
+# list borg repo
+POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
+kubectl exec -it ${POD_NAME} -- bash -c "\
+borg list ${BORG_REPO} \
+"
+```
+
+```bash
+# get borg info
+POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}')
+kubectl exec -it ${POD_NAME} -- bash -c "\
+borg info ${BORG_REPO}\
+"
+```
+
+#### Create borgbackup-sidekick pod
+
+```bash
+kubectl apply -f ./backups/borgbackup-sidekick.yaml
+```
+
+#### Remove borgbackup-sidekick pod
+
+```bash
+# delete the sidekick pod after use
+kubectl delete pod -l app=borgbackup-sidekick
+```

backup/README.md

@@ -1,37 +0,0 @@
-# backups
-
-## borgbackup cockpit (companion scripts)
-
-Not in use anymore, the cron job already performs the following actions. Keeping it for now for notes purposes.
-
-### list current backups
-
-```bash
-POD_NAME=$(kubectl get pod -l app=borgbackup-cockpit -o jsonpath='{.items[0].metadata.name}')
-kubectl exec -it ${POD_NAME} -- borg list ${BORG_REPO}
-```
-
-### purge backups
-
-```bash
-POD_NAME=$(kubectl get pod -l app=borgbackup-cockpit -o jsonpath='{.items[0].metadata.name}')
-kubectl exec -it ${POD_NAME} -- bash -c "\
-borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 ${BORG_REPO}  --glob-archives='gitea-data*' && \
-borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 ${BORG_REPO}  --glob-archives='postgresql-export*'"
-```
-
-### clean up space
-
-```bash
-POD_NAME=$(kubectl get pod -l app=borgbackup-cockpit -o jsonpath='{.items[0].metadata.name}')
-kubectl exec -it ${POD_NAME} -- bash -c "\
-borg compact ${BORG_REPO} --verbose"
-```
-
-### Get info
-
-```bash
-POD_NAME=$(kubectl get pod -l app=borgbackup-cockpit -o jsonpath='{.items[0].metadata.name}')
-kubectl exec -it ${POD_NAME} -- bash -c "\
-borg info ${BORG_REPO} --json"
-```

backups/borgbackup-sidekick.yaml

@@ -0,0 +1,59 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: borgbackup-sidekick
+  namespace: git-limbosolutions-com
+  labels:
+    app: borgbackup-sidekick
+spec:
+  containers:
+      - name: borgbackup-sidekick
+        image: git.limbosolutions.com/kb/borg-backup:latest
+        resources:
+          limits:
+            memory: "512Mi"
+            cpu: "500m"
+          requests:
+            memory: "256Mi"
+            cpu: "250m"
+        env:
+          - name: BORG_REPO
+            valueFrom:
+              secretKeyRef:
+                name: gitea-backup-secret
+                key: BORG_REPO
+
+          - name: BORG_PASSPHRASE
+            valueFrom:
+              secretKeyRef:
+                name: gitea-backup-secret
+                key: BORG_PASSPHRASE
+
+          - name: BORG_RSH
+            value: ssh -o StrictHostKeyChecking=no
+
+          - name: BORG_KEY_FILE
+            value: /root/.borg/key
+
+        command: ["sh", "-c"]
+        args:
+        - |
+          while true; do
+             sleep 1s
+          done
+
+        volumeMounts:
+        
+          - name: gitea-backup-secret
+            mountPath: /root/.borg/key
+            subPath: BORG_KEY_FILE
+
+          - name: gitea-backup-secret
+            mountPath: /root/.ssh/id_rsa
+            subPath: SSH_ID_RSA
+  volumes:
+    - name: gitea-backup-secret
+      secret:
+        secretName: gitea-backup-secret
+        defaultMode: 0600
+

gitea/helm-up.sh

@@ -1,4 +0,0 @@
-helm upgrade --install gitea gitea-charts/gitea \
---values ./values.yaml \
---values ./values.private.yaml \
---namespace=git-limbosolutions-com

namespace.yaml

@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: git-limbosolutions-com
-  labels:
-    name: git-limbosolutions-com