backup revision

backup/README.md

@@ -0,0 +1,8 @@
+# backups
+
+## borgbackup cockpit (companion scripts)
+
+```  bash
+borg list ${BORG_REPO}
+borg list ${BORG_REPO}::gitea-data-2025-03-12_02:00:06 
+```

backup/backup-cronjob.yaml

@@ -17,16 +17,16 @@ spec:
               command: ["sh", "-c"]
               args:
                 - |
-                  echo "INFO: Starting export"
+                  #echo "INFO: Starting export"
                   . /root/.gitea-inline-config/database
                   export PGPASSWORD=$PASSWD
-                  echo "INFO: Exporting database"
+                  #echo "INFO: Exporting database"
                   pg_dump -h gitea-postgresql.git-limbosolutions-com.svc.cluster.local -U $USER -d $NAME > /data/postgresql-export/db_backup.sql
                   if [ $? -ne 0 ]; then
                     echo "ERROR: Exporting database failed"
                     exit 1
                   fi 
-                  echo "INFO: Exporting database finished"
+                  #echo "INFO: Exporting database finished"
 
               volumeMounts:
 
@@ -64,7 +64,7 @@ spec:
               args:
                 - |
                   proxmox-backup-client backup gitea-data.pxar:/data/gitea-data postgresql-data.pxar:/data/postgresql-data postgresql-export.pxar:/data/postgresql-export --include-dev /data/postgresql-data --include-dev /data/postgresql-export --include-dev /data/gitea-data --backup-id "gitea-full" -ns git.limbosolutions.com
-                  echo "INFO: git.limbosolutions.com finished"
+                  echo "INFO: Backup git.limbosolutions.com finished"
 
               volumeMounts:
               - name: gitea-shared-storage

backup/borbackup-offsite-cronjob.yaml

@@ -18,16 +18,16 @@ spec:
               command: ["sh", "-c"]
               args:
                 - |
-                  echo "INFO: Starting export"
+                  #echo "INFO: Starting export"
                   . /root/.gitea-inline-config/database
                   export PGPASSWORD=$PASSWD
-                  echo "INFO: Exporting database"
+                  #echo "INFO: Exporting database"
                   pg_dump -h gitea-postgresql.git-limbosolutions-com.svc.cluster.local -U $USER -d $NAME > /data/postgresql-export/db_backup.sql
                   if [ $? -ne 0 ]; then
                     echo "ERROR: Exporting database failed"
                     exit 1
                   fi 
-                  echo "INFO: Exporting database finished"
+                  #echo "INFO: Exporting database finished"
 
               volumeMounts:
                 
@@ -86,7 +86,7 @@ spec:
 
                 ${BORG_RSH} mf@backupsrv01.dev.lan \
                 "rclone sync ~/borg-repos/git.limbosolutions.com mf.onedrive:.backups/git.limbosolutions.com/borg" &&
-                echo "INFO: borg repo offsite sync finished"
+                echo "INFO: Backup git.limbosolutions.com (offsite) finished"
 
               volumeMounts:
                 - name: gitea-data

backup/borgbackup-cockpit-deploy.yaml

@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: borgbackup-cockpit
+  namespace: git-limbosolutions-com
+  labels:
+    app: borgbackup-cockpit
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: borgbackup-cockpit
+  template:
+    metadata:
+      labels:
+        app: borgbackup-cockpit
+    spec:
+      containers:
+          - name: borg-client
+            image: git.limbosolutions.com/kb/borg-backup:latest
+            resources:
+              limits:
+                memory: "512Mi"
+                cpu: "500m"
+              requests:
+                memory: "256Mi"
+                cpu: "250m"
+            env:
+              - name: BORG_REPO
+                valueFrom:
+                  secretKeyRef:
+                    name: gitea-backup-secret
+                    key: BORG_REPO
+
+              - name: BORG_PASSPHRASE
+                valueFrom:
+                  secretKeyRef:
+                    name: gitea-backup-secret
+                    key: BORG_PASSPHRASE
+
+              - name: BORG_RSH
+                value: ssh -o StrictHostKeyChecking=no
+
+              - name: BORG_KEY_FILE
+                value: /root/.borg/key
+
+            command: ["sh", "-c"]
+            args:
+            - |
+              while true; do
+                 sleep 1s
+              done
+
+            volumeMounts:
+            
+              - name: gitea-backup-secret
+                mountPath: /root/.borg/key
+                subPath: BORG_KEY_FILE
+
+              - name: gitea-backup-secret
+                mountPath: /root/.ssh/id_rsa
+                subPath: SSH_ID_RSA
+      volumes:
+        - name: gitea-backup-secret
+          secret:
+            secretName: gitea-backup-secret
+            defaultMode: 0600
+

backup/gitea-backup-secret-deploy.sh

@@ -2,7 +2,10 @@
 
 # set source env variables
 . ./.env
+
+# set variables in env file as export
 export $(cut -d= -f1 ./.env)
 
 
 envsubst < gitea-backup-secret.yaml | kubectl apply -f -
+

backup/gitea-backup-secret.yaml

@@ -4,7 +4,8 @@ kind: Secret
 metadata:
   name: gitea-backup-secret
   namespace: git-limbosolutions-com
-data:
+type: Opaque
+stringData:
   PBS_REPOSITORY: ${PBS_REPOSITORY}
   PBS_PASSWORD: ${PBS_PASSWORD}
   PBS_FINGERPRINT: ${PBS_FINGERPRINT}