From a49c5e8514eb9ac437b2c88c9f1ae3c645405f87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Fernandes?= Date: Sat, 27 Sep 2025 10:38:43 +0000 Subject: [PATCH] project reorganization --- .devcontainer/devcontainer.json | 2 +- README.md | 141 +----------------- deploy/README.md | 61 ++++++++ .../backups/backup-borg-offsite-cronjob.yaml | 4 +- .../backups/backup-pbs-cronjob.yaml | 2 +- .../backups/backup-secrets.yaml | 0 .../backups}/borgbackup-sidekick.yaml | 0 deploy/setup.sh | 9 ++ {gitea => deploy}/ssh-ingress.yaml | 0 {gitea => deploy}/values.yaml | 0 docs/backups.md | 54 +++++++ 11 files changed, 132 insertions(+), 141 deletions(-) create mode 100644 deploy/README.md rename backups/borgbackup-offsite-cronjob.yaml => deploy/backups/backup-borg-offsite-cronjob.yaml (98%) rename backups/backup-cronjob.yaml => deploy/backups/backup-pbs-cronjob.yaml (99%) rename backups/gitea-backup-secrets.yaml => deploy/backups/backup-secrets.yaml (100%) rename {backups => deploy/backups}/borgbackup-sidekick.yaml (100%) create mode 100755 deploy/setup.sh rename {gitea => deploy}/ssh-ingress.yaml (100%) rename {gitea => deploy}/values.yaml (100%) create mode 100644 docs/backups.md diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index e5da6f5..6e1f534 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -7,7 +7,7 @@ "features": { "ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {} }, - "runArgs": ["--hostname=dev"], + "runArgs": ["--hostname=git-limbosolutions-com-dev-container"], // "features": {}, // Use 'forwardPorts' to make a list of ports inside the container available locally. diff --git a/README.md b/README.md index 517b86d..e548369 100644 --- a/README.md +++ b/README.md @@ -4,146 +4,13 @@ Welcome to public repository of my [Git Server](https://git.limbosolutions.com) Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server. -- [Setup](#setup) - - [kubernetes Namespace](#kubernetes-namespace) - - [Add Help Chart](#add-help-chart) - - [Update Helm charts](#update-helm-charts) - - [Install / Update](#install--update) - - [ssh ingress](#ssh-ingress) +- [Deploy and Setup](#deploy-and-setup) - [Backups](#backups) - - [secrets](#secrets) - - [Proxmox Backup Server (kubernetes cron job)](#proxmox-backup-server-kubernetes-cron-job) - - [Borg and Offsite sync (kubernetes cron job)](#borg-and-offsite-sync-kubernetes-cron-job) - - [borgbackup sidekick](#borgbackup-sidekick) - - [Create borgbackup-sidekick pod](#create-borgbackup-sidekick-pod) - - [Remove borgbackup-sidekick pod](#remove-borgbackup-sidekick-pod) -## Setup +## Deploy and Setup -### kubernetes Namespace - -```yaml -apiVersion: v1 -kind: Namespace -metadata: - name: git-limbosolutions-com - labels: - name: git-limbosolutions-com - -``` - -### Add Help Chart - -```bash -helm repo add gitea-charts https://dl.gitea.com/charts/ -``` - -### Update Helm charts - -```bash -helm repo update -``` - -### Install / Update - -```bash -helm upgrade --install gitea gitea-charts/gitea \ ---values ./gitea/values.yaml \ ---values ./gitea/values.private.yaml \ ---namespace=git-limbosolutions-com -``` - -### ssh ingress - -```bash -kubectl apply -f ./gitea/ssh-ingress.yaml -``` +for more information [check readme](./deploy/README.md). ## Backups -### secrets - -```bash -set -a -source ./backups/.env -set +a -envsubst < ./backups/gitea-backup-secrets.yaml | kubectl apply -n git-limbosolutions-com -f - - -SSH_ID_RSA=$(echo -n "$SSH_ID_RSA" | base64 -w 0) -BORG_KEY=$(echo -n "$BORG_KEY" | base64 -w 0) - -kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"ssh_id_rsa\":\"$SSH_ID_RSA\"}}" -n git-limbosolutions-com -kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"borg_key\":\"$BORG_KEY\"}}" -n git-limbosolutions-com -``` - -### Proxmox Backup Server (kubernetes cron job) - -```bash -# deploy cronjon -kubectl apply -f ./backups/backup-cronjob.yaml -n git-limbosolutions-com -``` - -[kubernetes cron job](/backups/backup-cronjob.yaml) - -### Borg and Offsite sync (kubernetes cron job) - -```bash -# deploy cronjon -kubectl apply -f ./backups/borgbackup-offsite-cronjob.yaml -``` - -[kubernetes cron job](/backups/borgbackup-offsite-cronjob.yaml) - -### borgbackup sidekick - -```bash -# attach to borgbackup-sidekick -POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') -kubectl exec -it ${POD_NAME} -- bash -``` - -```bash -# list borg repo -POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') -kubectl exec -it ${POD_NAME} -- bash -c "\ -borg list ${BORG_REPO} \ -" -``` - -```bash -# get borg info -POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') -kubectl exec -it ${POD_NAME} -- bash -c "\ -borg info ${BORG_REPO}\ -" -``` - -```bash -POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') -# Check if repository size is greater than 4GB -kubectl exec -it ${POD_NAME} -- bash -c "\ -MAX_SIZE=\$((4 * 1024 * 1024 * 1024)) -SIZE_IN_BYTES=\$(\${BORG_RSH} mf@backupsrv01.dev.lan \"du -b ~/borg-repos/git.limbosolutions.com --max-depth=0 | cut -f1 \") && \ -echo \"Repository size: \$((SIZE_IN_BYTES / 1024 / 1024)) MB\" && \ -if [ \$SIZE_IN_BYTES -gt \$MAX_SIZE ]; then \ - echo 'Repository size exceeds \$MAX_SIZE'; \ - exit 1; \ -else \ - echo 'Repository size is within limits for offsite sync'; \ -fi \ - -" -``` - -#### Create borgbackup-sidekick pod - -```bash -kubectl apply -f ./backups/borgbackup-sidekick.yaml -``` - -#### Remove borgbackup-sidekick pod - -```bash -# delete the sidekick pod after use -kubectl delete pod -l app=borgbackup-sidekick -``` +for more information [check readme](./docs/backups.md). diff --git a/deploy/README.md b/deploy/README.md new file mode 100644 index 0000000..966da49 --- /dev/null +++ b/deploy/README.md @@ -0,0 +1,61 @@ +# Deploy + +- [kubernetes Namespace](#kubernetes-namespace) +- [Backups](#backups) + - [secrets](#secrets) + - [Proxmox Backup Server (kubernetes cron job)](#proxmox-backup-server-kubernetes-cron-job) + - [Borg and Offsite sync (kubernetes cron job)](#borg-and-offsite-sync-kubernetes-cron-job) + +```bash +# run for setup/update +# using helm chart +./setup.sh +``` + +## kubernetes Namespace + +```yaml +apiVersion: v1 +kind: Namespace +metadata: + name: git-limbosolutions-com + labels: + name: git-limbosolutions-com + +``` + +## Backups + +### secrets + +```bash +set -a +source ./backups/.env +set +a +envsubst < ./backups/backup-secrets.yaml | kubectl apply -n git-limbosolutions-com -f - + +SSH_ID_RSA=$(echo -n "$SSH_ID_RSA" | base64 -w 0) +BORG_KEY=$(echo -n "$BORG_KEY" | base64 -w 0) + +kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"ssh_id_rsa\":\"$SSH_ID_RSA\"}}" -n git-limbosolutions-com +kubectl patch secret gitea-backup-secret --patch "{\"data\":{\"borg_key\":\"$BORG_KEY\"}}" -n git-limbosolutions-com +``` + +### Proxmox Backup Server (kubernetes cron job) + +```bash +# deploy cronjon +kubectl apply -f ./backups/backup-pbs-cronjob.yaml -n git-limbosolutions-com +``` + +[kubernetes cron job](./backups/backup-pbs-cronjob.yaml) + +### Borg and Offsite sync (kubernetes cron job) + +```bash +# deploy cronjon +kubectl apply -f ./backups/backup-borg-offsite-cronjob.yaml -n git-limbosolutions-com +``` + +[kubernetes cron job](./backups/borgbackup-offsite-cronjob.yaml) + diff --git a/backups/borgbackup-offsite-cronjob.yaml b/deploy/backups/backup-borg-offsite-cronjob.yaml similarity index 98% rename from backups/borgbackup-offsite-cronjob.yaml rename to deploy/backups/backup-borg-offsite-cronjob.yaml index 9f5484b..46302e8 100644 --- a/backups/borgbackup-offsite-cronjob.yaml +++ b/deploy/backups/backup-borg-offsite-cronjob.yaml @@ -2,10 +2,10 @@ apiVersion: batch/v1 kind: CronJob metadata: - name: gitea-backup-offsite + name: backup-borg-offsite namespace: git-limbosolutions-com spec: - schedule: "0 2 * * *" + schedule: "0 16 * * 0" #every sunday at 4pm jobTemplate: spec: backoffLimit: 1 diff --git a/backups/backup-cronjob.yaml b/deploy/backups/backup-pbs-cronjob.yaml similarity index 99% rename from backups/backup-cronjob.yaml rename to deploy/backups/backup-pbs-cronjob.yaml index caf9d63..2160359 100644 --- a/backups/backup-cronjob.yaml +++ b/deploy/backups/backup-pbs-cronjob.yaml @@ -1,7 +1,7 @@ apiVersion: batch/v1 kind: CronJob metadata: - name: gitea-backup + name: backup-pbs namespace: git-limbosolutions-com spec: schedule: "0 1 * * *" diff --git a/backups/gitea-backup-secrets.yaml b/deploy/backups/backup-secrets.yaml similarity index 100% rename from backups/gitea-backup-secrets.yaml rename to deploy/backups/backup-secrets.yaml diff --git a/backups/borgbackup-sidekick.yaml b/deploy/backups/borgbackup-sidekick.yaml similarity index 100% rename from backups/borgbackup-sidekick.yaml rename to deploy/backups/borgbackup-sidekick.yaml diff --git a/deploy/setup.sh b/deploy/setup.sh new file mode 100755 index 0000000..46de766 --- /dev/null +++ b/deploy/setup.sh @@ -0,0 +1,9 @@ +helm repo add gitea-charts https://dl.gitea.com/charts/ +helm repo update + +helm upgrade --install gitea gitea-charts/gitea \ +--values ./values.yaml \ +--values ./values.private.yaml \ +--namespace=git-limbosolutions-com + +kubectl apply -f ./ssh-ingress.yaml \ No newline at end of file diff --git a/gitea/ssh-ingress.yaml b/deploy/ssh-ingress.yaml similarity index 100% rename from gitea/ssh-ingress.yaml rename to deploy/ssh-ingress.yaml diff --git a/gitea/values.yaml b/deploy/values.yaml similarity index 100% rename from gitea/values.yaml rename to deploy/values.yaml diff --git a/docs/backups.md b/docs/backups.md new file mode 100644 index 0000000..1e27daa --- /dev/null +++ b/docs/backups.md @@ -0,0 +1,54 @@ +# borgbackup sidekick + +```bash +# attach to borgbackup-sidekick +POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') +kubectl exec -it ${POD_NAME} -- bash +``` + +```bash +# list borg repo +POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') +kubectl exec -it ${POD_NAME} -- bash -c "\ +borg list ${BORG_REPO} \ +" +``` + +```bash +# get borg info +POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') +kubectl exec -it ${POD_NAME} -- bash -c "\ +borg info ${BORG_REPO}\ +" +``` + +```bash +POD_NAME=$(kubectl get pod -l app=borgbackup-sidekick -n git-limbosolutions-com -o jsonpath='{.items[0].metadata.name}') +# Check if repository size is greater than 4GB +kubectl exec -it ${POD_NAME} -- bash -c "\ +MAX_SIZE=\$((4 * 1024 * 1024 * 1024)) +SIZE_IN_BYTES=\$(\${BORG_RSH} mf@backupsrv01.dev.lan \"du -b ~/borg-repos/git.limbosolutions.com --max-depth=0 | cut -f1 \") && \ +echo \"Repository size: \$((SIZE_IN_BYTES / 1024 / 1024)) MB\" && \ +if [ \$SIZE_IN_BYTES -gt \$MAX_SIZE ]; then \ + echo 'Repository size exceeds \$MAX_SIZE'; \ + exit 1; \ +else \ + echo 'Repository size is within limits for offsite sync'; \ +fi \ + +" +``` + +**Create borgbackup-sidekick pod:** + +```bash +kubectl apply -f ../deploy/backups/borgbackup-sidekick.yaml +``` + +**Remove borgbackup-sidekick pod:** + +```bash +# delete the sidekick pod after use +kubectl delete pod -l app=borgbackup-sidekick +``` +