apiVersion: batch/v1 kind: CronJob metadata: name: backup-borg-offsite namespace: git-limbosolutions-com spec: schedule: "0 16 * * 0" #every sunday at 4pm jobTemplate: spec: backoffLimit: 1 template: metadata: labels: app: offsite-backup spec: restartPolicy: Never initContainers: - name: postgres-export image: postgres:latest command: ["sh", "-c"] args: - | set -e . /root/.gitea-inline-config/database export PGPASSWORD=$PASSWD pg_dump -h gitea-postgresql.git-limbosolutions-com.svc.cluster.local -U $USER -d $NAME > /data/postgresql-export/db_backup.sql volumeMounts: - name: backup-var-data mountPath: /data/postgresql-export subPath: postgresql-export - name: gitea-inline-config mountPath: /root/.gitea-inline-config readOnly: true containers: - name: borg-client image: git.limbosolutions.com/kb/borg-backup:latest imagePullPolicy: Always # resources: # limits: # memory: "512Mi" # cpu: "500m" # requests: # memory: "256Mi" # cpu: "250m" env: - name: BORG_REPO valueFrom: secretKeyRef: name: gitea-backup-secret key: borg_repo - name: BORG_PASSPHRASE valueFrom: secretKeyRef: name: gitea-backup-secret key: borg_passphrase - name: OFFSITE_TARGET_FOLDER valueFrom: secretKeyRef: name: gitea-backup-secret key: offsite_target_folder - name: BORG_RSH value: ssh -p 2222 -o StrictHostKeyChecking=no -o LogLevel=ERROR - name: REPO_SYNC_MAX_SIZE value: "10737418240" # 10GB - name: MODE value: SHELL args: - | set -e SCRIPT_START_TIME=$(date +%s) # while true; do # sleep 5 # done borg create ${BORG_REPO}::postgresql-export-$(date +%Y%m%d%H%M%S) /data/postgresql-export borg create ${BORG_REPO}::gitea-data-$(date +%Y%m%d%H%M%S) /data/gitea-data #cleanup borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 ${BORG_REPO} --glob-archives='gitea-data*' borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 ${BORG_REPO} --glob-archives='postgresql-export*' borg compact ${BORG_REPO} # check repo size REPO_SIZE_IN_BYTES=$(remote-get-folder-size) echo "Repository size: $((REPO_SIZE_IN_BYTES / 1024 / 1024))MB" if [ $REPO_SIZE_IN_BYTES -gt $REPO_SYNC_MAX_SIZE ]; then \ echo "ERROR: Repository size $((REPO_SIZE_IN_BYTES / 1024 / 1024))MB exceeds $((REPO_SYNC_MAX_SIZE / 1024 / 1024))MB"; exit 1; else # Repository size is within limits for offsite sync # ssh to backup server and enforce rclone to onedrive remote-connect "rclone sync $SSH_FOLDER $OFFSITE_TARGET_FOLDER --progress" && \ echo "INFO: Finished Backup of git.limbosolutions.com (offsite) ($((SCRIPT_DURATION / 60 / 60)):$((SCRIPT_DURATION / 60)):$((SCRIPT_DURATION % 60))) " fi #outputs info borg info ${BORG_REPO} #borg info ${BORG_REPO} --json volumeMounts: - name: gitea-data mountPath: /data/gitea-data - name: backup-var-data mountPath: /data/postgresql-export subPath: postgresql-export - name: gitea-backup-secret mountPath: /root/.ssh/id_rsa subPath: ssh_id_rsa readOnly: true - name: gitea-backup-secret mountPath: /app/borg/key subPath: borg_key volumes: - name: gitea-data persistentVolumeClaim: claimName: gitea-shared-storage - name: gitea-inline-config secret: secretName: gitea-inline-config - name: gitea-backup-secret secret: secretName: gitea-backup-secret defaultMode: 0600 - name: backup-var-data emptyDir: {}