107 lines
2.8 KiB
YAML
107 lines
2.8 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: gitea-backup
|
|
namespace: gitea-backup
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: gitea-backup
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs: ["get", "list"]
|
|
- apiGroups: [""]
|
|
resources: ["pods/exec"]
|
|
verbs: ["create"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: gitea-backup
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: gitea-backup
|
|
namespace: gitea-backup
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: gitea-backup
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: gitea-backup
|
|
namespace: gitea-backup
|
|
spec:
|
|
schedule: "0 3 */7 * *"
|
|
successfulJobsHistoryLimit: 1
|
|
failedJobsHistoryLimit: 1
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
spec:
|
|
serviceAccountName: gitea-backup
|
|
restartPolicy: OnFailure
|
|
nodeSelector:
|
|
node-role: primary
|
|
containers:
|
|
- name: backup
|
|
image: bitnami/kubectl:latest
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
set -e
|
|
echo "Finding Gitea pod..."
|
|
GITEA_POD=$(kubectl get pod -n gitea -l app=gitea -o jsonpath='{.items[0].metadata.name}')
|
|
echo "Running gitea dump in pod $GITEA_POD..."
|
|
kubectl exec -n gitea $GITEA_POD -- rm -f /tmp/gitea-backup.zip
|
|
kubectl exec -n gitea $GITEA_POD -- gitea dump \
|
|
--config /data/gitea/conf/app.ini \
|
|
--file /tmp/gitea-backup.zip \
|
|
--type zip
|
|
echo "Copying backup to NFS..."
|
|
rm -f /backup/gitea-backup.zip
|
|
kubectl cp gitea/$GITEA_POD:/tmp/gitea-backup.zip /backup/gitea-backup.zip
|
|
echo "Cleaning up temp file..."
|
|
kubectl exec -n gitea $GITEA_POD -- rm /tmp/gitea-backup.zip
|
|
echo "Backup complete: /backup/gitea-backup.zip"
|
|
volumeMounts:
|
|
- name: backup
|
|
mountPath: /backup
|
|
volumes:
|
|
- name: backup
|
|
persistentVolumeClaim:
|
|
claimName: gitea-backup-pvc
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolume
|
|
metadata:
|
|
name: gitea-backup-pv
|
|
spec:
|
|
capacity:
|
|
storage: 50Gi
|
|
accessModes:
|
|
- ReadWriteMany
|
|
nfs:
|
|
server: 192.168.7.183
|
|
path: /home/nik/backups/gitea
|
|
persistentVolumeReclaimPolicy: Retain
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: gitea-backup-pvc
|
|
namespace: gitea-backup
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 50Gi
|
|
volumeName: gitea-backup-pv
|
|
storageClassName: ""
|