diff --git a/backup/README.md b/backup/README.md new file mode 100644 index 0000000..d898089 --- /dev/null +++ b/backup/README.md @@ -0,0 +1,8 @@ +# backups + +## borgbackup cockpit (companion scripts) + +``` bash +borg list ${BORG_REPO} +borg list ${BORG_REPO}::gitea-data-2025-03-12_02:00:06 +``` diff --git a/backup/backup-cronjob.yaml b/backup/backup-cronjob.yaml index 021a98a..c776b34 100644 --- a/backup/backup-cronjob.yaml +++ b/backup/backup-cronjob.yaml @@ -17,16 +17,16 @@ spec: command: ["sh", "-c"] args: - | - echo "INFO: Starting export" + #echo "INFO: Starting export" . /root/.gitea-inline-config/database export PGPASSWORD=$PASSWD - echo "INFO: Exporting database" + #echo "INFO: Exporting database" pg_dump -h gitea-postgresql.git-limbosolutions-com.svc.cluster.local -U $USER -d $NAME > /data/postgresql-export/db_backup.sql if [ $? -ne 0 ]; then echo "ERROR: Exporting database failed" exit 1 fi - echo "INFO: Exporting database finished" + #echo "INFO: Exporting database finished" volumeMounts: @@ -64,7 +64,7 @@ spec: args: - | proxmox-backup-client backup gitea-data.pxar:/data/gitea-data postgresql-data.pxar:/data/postgresql-data postgresql-export.pxar:/data/postgresql-export --include-dev /data/postgresql-data --include-dev /data/postgresql-export --include-dev /data/gitea-data --backup-id "gitea-full" -ns git.limbosolutions.com - echo "INFO: git.limbosolutions.com finished" + echo "INFO: Backup git.limbosolutions.com finished" volumeMounts: - name: gitea-shared-storage diff --git a/backup/borbackup-offsite-cronjob.yaml b/backup/borbackup-offsite-cronjob.yaml index be98cde..e4162d7 100644 --- a/backup/borbackup-offsite-cronjob.yaml +++ b/backup/borbackup-offsite-cronjob.yaml @@ -18,16 +18,16 @@ spec: command: ["sh", "-c"] args: - | - echo "INFO: Starting export" + #echo "INFO: Starting export" . /root/.gitea-inline-config/database export PGPASSWORD=$PASSWD - echo "INFO: Exporting database" + #echo "INFO: Exporting database" pg_dump -h gitea-postgresql.git-limbosolutions-com.svc.cluster.local -U $USER -d $NAME > /data/postgresql-export/db_backup.sql if [ $? -ne 0 ]; then echo "ERROR: Exporting database failed" exit 1 fi - echo "INFO: Exporting database finished" + #echo "INFO: Exporting database finished" volumeMounts: @@ -86,7 +86,7 @@ spec: ${BORG_RSH} mf@backupsrv01.dev.lan \ "rclone sync ~/borg-repos/git.limbosolutions.com mf.onedrive:.backups/git.limbosolutions.com/borg" && - echo "INFO: borg repo offsite sync finished" + echo "INFO: Backup git.limbosolutions.com (offsite) finished" volumeMounts: - name: gitea-data diff --git a/backup/borgbackup-cockpit-deploy.yaml b/backup/borgbackup-cockpit-deploy.yaml new file mode 100644 index 0000000..8853874 --- /dev/null +++ b/backup/borgbackup-cockpit-deploy.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: borgbackup-cockpit + namespace: git-limbosolutions-com + labels: + app: borgbackup-cockpit +spec: + replicas: 1 + selector: + matchLabels: + app: borgbackup-cockpit + template: + metadata: + labels: + app: borgbackup-cockpit + spec: + containers: + - name: borg-client + image: git.limbosolutions.com/kb/borg-backup:latest + resources: + limits: + memory: "512Mi" + cpu: "500m" + requests: + memory: "256Mi" + cpu: "250m" + env: + - name: BORG_REPO + valueFrom: + secretKeyRef: + name: gitea-backup-secret + key: BORG_REPO + + - name: BORG_PASSPHRASE + valueFrom: + secretKeyRef: + name: gitea-backup-secret + key: BORG_PASSPHRASE + + - name: BORG_RSH + value: ssh -o StrictHostKeyChecking=no + + - name: BORG_KEY_FILE + value: /root/.borg/key + + command: ["sh", "-c"] + args: + - | + while true; do + sleep 1s + done + + volumeMounts: + + - name: gitea-backup-secret + mountPath: /root/.borg/key + subPath: BORG_KEY_FILE + + - name: gitea-backup-secret + mountPath: /root/.ssh/id_rsa + subPath: SSH_ID_RSA + volumes: + - name: gitea-backup-secret + secret: + secretName: gitea-backup-secret + defaultMode: 0600 + diff --git a/backup/gitea-backup-secret-deploy.sh b/backup/gitea-backup-secret-deploy.sh index db6a0d5..53132df 100755 --- a/backup/gitea-backup-secret-deploy.sh +++ b/backup/gitea-backup-secret-deploy.sh @@ -2,7 +2,10 @@ # set source env variables . ./.env + +# set variables in env file as export export $(cut -d= -f1 ./.env) -envsubst < gitea-backup-secret.yaml | kubectl apply -f - \ No newline at end of file +envsubst < gitea-backup-secret.yaml | kubectl apply -f - + diff --git a/backup/gitea-backup-secret.yaml b/backup/gitea-backup-secret.yaml index 2e85212..aa9a50c 100644 --- a/backup/gitea-backup-secret.yaml +++ b/backup/gitea-backup-secret.yaml @@ -4,7 +4,8 @@ kind: Secret metadata: name: gitea-backup-secret namespace: git-limbosolutions-com -data: +type: Opaque +stringData: PBS_REPOSITORY: ${PBS_REPOSITORY} PBS_PASSWORD: ${PBS_PASSWORD} PBS_FINGERPRINT: ${PBS_FINGERPRINT}