jahanson/theshire
1
0
Fork 0
Code Issues 1 Pull requests 4 Projects Releases Packages Wiki Activity Actions

Templating volsync.

Browse source
This commit is contained in:
Joseph Hanson 2024-01-17 15:18:22 -06:00
parent 703fd34ac0
commit d8833bd684
7 changed files with 167 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
kubernetes/apps/default/qbittorrent/app/helmrelease.yaml
View file

@ -136,11 +136,7 @@ spec:
persistence: persistence:
config: config:
enabled: true enabled: true
existingClaim: qbittorrent-config existingClaim: qbittorrent
advancedMounts:
main:
main:
- path: /config
media: media:
type: nfs type: nfs
server: 10.1.1.30 server: 10.1.1.30

9
kubernetes/apps/default/qbittorrent/app/kustomization.yaml Normal file
View file

@ -0,0 +1,9 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
- ../../../../templates/volsync
generatorOptions:
disableNameSuffixHash: true

11
kubernetes/apps/default/qbittorrent/ks.yaml
View file

@ -3,13 +3,13 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1 apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization kind: Kustomization
metadata: metadata:
name: &appname qbittorrent name: &app qbittorrent
namespace: flux-system namespace: flux-system
spec: spec:
targetNamespace: default targetNamespace: default
commonMetadata: commonMetadata:
labels: labels:
app.kubernetes.io/name: *appname app.kubernetes.io/name: *app
interval: 10m interval: 10m
path: "./kubernetes/apps/default/qbittorrent/app" path: "./kubernetes/apps/default/qbittorrent/app"
prune: true prune: true
@ -21,6 +21,13 @@ spec:
- name: local-path-provisioner - name: local-path-provisioner
- name: volsync - name: volsync
- name: external-secrets-stores - name: external-secrets-stores
postBuild:
substitute:
APP: *app
VOLSYNC_CAPACITY: 2Gi
VOLSYNC_ACCESSMODES: ReadWriteMany
VOLSYNC_STORAGECLASS: ceph-filesystem
VOLSYNC_SNAPSHOTCLASS: csi-ceph-filesystem
# --- # ---
# # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json # # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
# apiVersion: kustomize.toolkit.fluxcd.io/v1 # apiVersion: kustomize.toolkit.fluxcd.io/v1

15
kubernetes/templates/volsync/claim.yaml Normal file
View file

@ -0,0 +1,15 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: "${APP}"
spec:
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
dataSourceRef:
kind: ReplicationDestination
apiGroup: volsync.backube
name: "${APP}-dst"
resources:
requests:
storage: "${VOLSYNC_CAPACITY}"
storageClassName: "${VOLSYNC_STORAGECLASS:-ceph-block}"

8
kubernetes/templates/volsync/kustomization.yaml Normal file
View file

@ -0,0 +1,8 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./claim.yaml
- ./minio.yaml
- ./r2.yaml

75
kubernetes/templates/volsync/minio.yaml Normal file
View file

@ -0,0 +1,75 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: "${APP}-volsync"
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: "${APP}-volsync-secret"
template:
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ .REPOSITORY_TEMPLATE }}/${APP}"
RESTIC_PASSWORD: "{{ .RESTIC_PASSWORD }}"
AWS_ACCESS_KEY_ID: "{{ .volsync_access_key }}"
AWS_SECRET_ACCESS_KEY: "{{ .volsync_secret_key }}"
dataFrom:
- extract:
key: minio
- extract:
key: volsync-minio-template
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: "${APP}"
spec:
sourcePVC: "${APP}"
trigger:
schedule: "0 * * * *"
restic:
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
pruneIntervalDays: 7
repository: "${APP}-volsync-secret"
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-local-hostpath}"
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
storageClassName: "${VOLSYNC_STORAGECLASS:-ceph-block}"
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
moverSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
retain:
hourly: 24
daily: 7
weekly: 5
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationdestination_v1alpha1.json
apiVersion: volsync.backube/v1alpha1
kind: ReplicationDestination
metadata:
name: "${APP}-dst"
spec:
trigger:
manual: restore-once
restic:
repository: "${APP}-volsync-secret"
copyMethod: Snapshot # must be Snapshot
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-local-hostpath}"
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
storageClassName: "${VOLSYNC_STORAGECLASS:-ceph-block}"
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
capacity: "${VOLSYNC_CAPACITY}"
# moverSecurityContext:
# runAsUser: 568
# runAsGroup: 568
# fsGroup: 568

50
kubernetes/templates/volsync/r2.yaml Normal file
View file

@ -0,0 +1,50 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: "${APP}-volsync-r2"
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: "${APP}-volsync-r2-secret"
template:
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ .REPOSITORY_TEMPLATE }}/${APP}"
RESTIC_PASSWORD: "{{ .RESTIC_PASSWORD }}"
AWS_ACCESS_KEY_ID: "{{ .AWS_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "{{ .AWS_SECRET_ACCESS_KEY }}"
dataFrom:
- extract:
key: cloudflare
- extract:
key: volsync-r2-template
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: "${APP}-r2"
spec:
sourcePVC: "${APP}"
trigger:
schedule: "0 0 * * *"
restic:
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
pruneIntervalDays: 7
repository: "${APP}-volsync-r2-secret"
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-local-hostpath}"
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
storageClassName: "${VOLSYNC_STORAGECLASS:-ceph-block}"
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
moverSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
retain:
daily: 7