fix(s3backup): doing a local backup first and then push it to remote, which is still on the same OBS store

2025-07-31 15:24:39 +02:00 · 2025-07-31 15:24:39 +02:00 · 491be80842
commit 491be80842
parent e7d14a89cd
1 changed files with 33 additions and 10 deletions
--- a/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
+++ b/template/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
@ -4,7 +4,7 @@ metadata:
  name: forgejo-s3-backup
  namespace: gitea
 spec:
-  schedule: "24 * * * *"
+  schedule: "0 2 * * *"
  jobTemplate:
    spec:
      template:
@ -26,20 +26,41 @@ spec:
                  key: secret-key
            volumeMounts:
            - name: rclone-config
-              mountPath: /etc/rclone
+              mountPath: /config/rclone
              readOnly: true
+            - name: backup-dir
+              mountPath: /backup_dir
+              readOnly: false
            command:
            - /bin/sh
            - -c
            - |
-              sleep 7d
-              # rclone sync remote-source:packages remote-destination:packages --config /etc/rclone/config
+              rm -Rf /backup_dir/backup || true
+              mkdir -p /backup_dir/backup
+              rclone sync remote-source:/edp-forgejo-non-prod-observability/packages /backup_dir/backup -v --ignore-checksum
+              rclone sync /backup_dir/backup remote-destination:/edp-forgejo-non-prod-observability/hackathon3 -v --ignore-checksum
+              rm -Rf /backup_dir/backup || true
          restartPolicy: OnFailure
          volumes:
          - name: rclone-config
            secret:
              secretName: forgejo-s3-backup
-
+          - name: backup-dir
+            persistentVolumeClaim:
+              claimName: s3-temp-data
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: s3-temp-data
+  namespace: gitea
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 50Gi
 ---
 apiVersion: v1
 kind: Secret
@ -48,17 +69,19 @@ metadata:
  namespace: gitea
 type: Opaque
 stringData:
-  config: |
+  rclone.conf: |
    [remote-source]
    type = s3
-    provider = AWS
+    provider = HuaweiOBS
    env_auth = true
-    endpoint = https://edp-forgejo-non-prod-observability.obs.eu-de.otc.t-systems.com
+    endpoint = obs.eu-de.otc.t-systems.com
    region = eu-de
+    acl = private

    [remote-destination]
    type = s3
-    provider = AWS
+    provider = HuaweiOBS
    env_auth = true
-    endpoint = https://edp-forgejo-backup-test-manu.obs.eu-de.otc.t-systems.com 
+    endpoint = obs.eu-de.otc.t-systems.com
    region = eu-de
+    acl = private