Automated upload for observability.t09.de

2025-08-01 08:54:11 +00:00 · 2025-08-01 08:54:11 +00:00 · 07539b26e7
commit 07539b26e7
parent 993e9b4f14
2 changed files with 80 additions and 1 deletions
--- a/otc/observability.t09.de/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
+++ b/otc/observability.t09.de/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
@ -0,0 +1,79 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: forgejo-s3-backup
+  namespace: gitea
+spec:
+  schedule: "0 1 * * *"
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: rclone
+            image: rclone/rclone:1.70
+            imagePullPolicy: IfNotPresent
+            env:
+            - name: SOURCE_BUCKET
+              valueFrom:
+                secretKeyRef:
+                  name: forgejo-cloud-credentials
+                  key: bucket-name
+            - name: AWS_ACCESS_KEY_ID
+              valueFrom:
+                secretKeyRef:
+                  name: forgejo-cloud-credentials
+                  key: access-key
+            - name: AWS_SECRET_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: forgejo-cloud-credentials
+                  key: secret-key
+            volumeMounts:
+            - name: rclone-config
+              mountPath: /config/rclone
+              readOnly: true
+            - name: backup-dir
+              mountPath: /backup
+              readOnly: false
+            command:
+            - /bin/sh
+            - -c
+            - |
+              rclone sync source:/${SOURCE_BUCKET}/packages /backup -v --ignore-checksum
+          restartPolicy: OnFailure
+          volumes:
+          - name: rclone-config
+            secret:
+              secretName: forgejo-s3-backup
+          - name: backup-dir
+            persistentVolumeClaim:
+              claimName: s3-backup
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: s3-backup
+  namespace: gitea
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 50Gi
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: forgejo-s3-backup
+  namespace: gitea
+type: Opaque
+stringData:
+  rclone.conf: |
+    [source]
+    type = s3
+    provider = HuaweiOBS
+    env_auth = true
+    endpoint = obs.eu-de.otc.t-systems.com
+    region = eu-de
+    acl = private
--- a/otc/observability.t09.de/stacks/forgejo/forgejo-server/values.yaml
+++ b/otc/observability.t09.de/stacks/forgejo/forgejo-server/values.yaml
@ -1,4 +1,4 @@
-# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant. 
+# This is only used for deploying older versions of infra-catalogue where the bucket name is not an output of the terragrunt modules# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant. 
 strategy:
  type: Recreate