From 491be80842ee8f525e7c90b4e8e0cf955ce0a3a8 Mon Sep 17 00:00:00 2001
From: Richard Robert Reitz <richard-robert.reitz@telekom.de>
Date: Thu, 31 Jul 2025 15:24:39 +0200
Subject: [PATCH] fix(s3backup): doing a local backup first and then push it to
 remote, which is still on the same OBS store

---
 .../manifests/forgejo-s3-backup-cronjob.yaml  | 43 ++++++++++++++-----
 1 file changed, 33 insertions(+), 10 deletions(-)

diff --git a/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml b/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
index 769cd0d..d7b78e6 100644
--- a/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
+++ b/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
@@ -4,7 +4,7 @@ metadata:
   name: forgejo-s3-backup
   namespace: gitea
 spec:
-  schedule: "24 * * * *"
+  schedule: "0 2 * * *"
   jobTemplate:
     spec:
       template:
@@ -26,20 +26,41 @@ spec:
                   key: secret-key
             volumeMounts:
             - name: rclone-config
-              mountPath: /etc/rclone
+              mountPath: /config/rclone
               readOnly: true
+            - name: backup-dir
+              mountPath: /backup_dir
+              readOnly: false
             command:
             - /bin/sh
             - -c
             - |
-              sleep 7d
-              # rclone sync remote-source:packages remote-destination:packages --config /etc/rclone/config
+              rm -Rf /backup_dir/backup || true
+              mkdir -p /backup_dir/backup
+              rclone sync remote-source:/edp-forgejo-non-prod-observability/packages /backup_dir/backup -v --ignore-checksum
+              rclone sync /backup_dir/backup remote-destination:/edp-forgejo-non-prod-observability/hackathon3 -v --ignore-checksum
+              rm -Rf /backup_dir/backup || true
           restartPolicy: OnFailure
           volumes:
           - name: rclone-config
             secret:
               secretName: forgejo-s3-backup
-
+          - name: backup-dir
+            persistentVolumeClaim:
+              claimName: s3-temp-data
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: s3-temp-data
+  namespace: gitea
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 50Gi
 ---
 apiVersion: v1
 kind: Secret
@@ -48,17 +69,19 @@ metadata:
   namespace: gitea
 type: Opaque
 stringData:
-  config: |
+  rclone.conf: |
     [remote-source]
     type = s3
-    provider = AWS
+    provider = HuaweiOBS
     env_auth = true
-    endpoint = https://edp-forgejo-non-prod-observability.obs.eu-de.otc.t-systems.com
+    endpoint = obs.eu-de.otc.t-systems.com
     region = eu-de
+    acl = private
 
     [remote-destination]
     type = s3
-    provider = AWS
+    provider = HuaweiOBS
     env_auth = true
-    endpoint = https://edp-forgejo-backup-test-manu.obs.eu-de.otc.t-systems.com 
+    endpoint = obs.eu-de.otc.t-systems.com
     region = eu-de
+    acl = private