c4k-nextcloud/src/main/resources/backup/backup-restore-deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: backup-restore
  namespace: nextcloud
spec:
  replicas: 0
  selector:
    matchLabels:
      app: backup-restore
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: backup-restore
        app.kubernetes.io/name: backup-restore
        app.kubernetes.io/part-of: cloud
    spec:
      containers:
      - name: backup-app
        image: domaindrivenarchitecture/c4k-cloud-backup
        imagePullPolicy: IfNotPresent
        command: ["/entrypoint-start-and-wait.sh"]
        env:
        - name: POSTGRES_USER
          valueFrom:
            secretKeyRef:
              name: postgres-secret
              key: postgres-user
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgres-secret
              key: postgres-password
        - name: POSTGRES_DB
          valueFrom:
            configMapKeyRef:
              name: postgres-config
              key: postgres-db
        - name: POSTGRES_HOST
          value: "postgresql-service:5432"
        - name: POSTGRES_SERVICE
          value: "postgresql-service"
        - name: POSTGRES_PORT
          value: "5432"
        - name: AWS_DEFAULT_REGION
          value: eu-central-1
        - name: AWS_ACCESS_KEY_ID_FILE
          value: /var/run/secrets/backup-secrets/aws-access-key-id
        - name: AWS_SECRET_ACCESS_KEY_FILE
          value: /var/run/secrets/backup-secrets/aws-secret-access-key
        - name: RESTIC_REPOSITORY
          valueFrom:
            configMapKeyRef:
              name: backup-config
              key: restic-repository
        - name: RESTIC_PASSWORD_FILE
          value: /var/run/secrets/backup-secrets/restic-password
        - name: CERTIFICATE_FILE
          value: ""
        volumeMounts:
        - name: cloud-data-volume
          mountPath: /var/backups
        - name: backup-secret-volume
          mountPath: /var/run/secrets/backup-secrets
          readOnly: true
        - name: cloud-secret-volume
          mountPath: /var/run/secrets/cloud-secrets
          readOnly: true
        - name: rotation-credential-secret-volume
          mountPath: /var/run/secrets/rotation-credential-secret
          readOnly: true
      volumes:
      - name: cloud-data-volume
        persistentVolumeClaim:
          claimName: cloud-pvc
      - name: cloud-secret-volume
        secret:
          secretName: cloud-secret
      - name: backup-secret-volume
        secret:
          secretName: backup-secret
      - name: rotation-credential-secret-volume
        secret:
          secretName: rotation-credential-secret
Local integration test 2021-12-15 12:49:57 +00:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: backup-restore`
Add namespace 2024-03-22 12:42:31 +00:00			`namespace: nextcloud`
Local integration test 2021-12-15 12:49:57 +00:00			`spec:`
			`replicas: 0`
			`selector:`
			`matchLabels:`
			`app: backup-restore`
			`strategy:`
			`type: Recreate`
			`template:`
			`metadata:`
			`labels:`
			`app: backup-restore`
			`app.kubernetes.io/name: backup-restore`
			`app.kubernetes.io/part-of: cloud`
			`spec:`
			`containers:`
			`- name: backup-app`
			`image: domaindrivenarchitecture/c4k-cloud-backup`
			`imagePullPolicy: IfNotPresent`
			`command: ["/entrypoint-start-and-wait.sh"]`
			`env:`
			`- name: POSTGRES_USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-secret`
			`key: postgres-user`
			`- name: POSTGRES_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-secret`
			`key: postgres-password`
			`- name: POSTGRES_DB`
			`valueFrom:`
			`configMapKeyRef:`
			`name: postgres-config`
			`key: postgres-db`
			`- name: POSTGRES_HOST`
			`value: "postgresql-service:5432"`
			`- name: POSTGRES_SERVICE`
			`value: "postgresql-service"`
			`- name: POSTGRES_PORT`
			`value: "5432"`
			`- name: AWS_DEFAULT_REGION`
			`value: eu-central-1`
			`- name: AWS_ACCESS_KEY_ID_FILE`
			`value: /var/run/secrets/backup-secrets/aws-access-key-id`
			`- name: AWS_SECRET_ACCESS_KEY_FILE`
			`value: /var/run/secrets/backup-secrets/aws-secret-access-key`
			`- name: RESTIC_REPOSITORY`
			`valueFrom:`
			`configMapKeyRef:`
			`name: backup-config`
			`key: restic-repository`
			`- name: RESTIC_PASSWORD_FILE`
			`value: /var/run/secrets/backup-secrets/restic-password`
			`- name: CERTIFICATE_FILE`
			`value: ""`
			`volumeMounts:`
			`- name: cloud-data-volume`
			`mountPath: /var/backups`
			`- name: backup-secret-volume`
			`mountPath: /var/run/secrets/backup-secrets`
			`readOnly: true`
			`- name: cloud-secret-volume`
			`mountPath: /var/run/secrets/cloud-secrets`
			`readOnly: true`
add rotation-credential-volume to backup-restore-deployment 2024-04-12 09:27:23 +00:00			`- name: rotation-credential-secret-volume`
			`mountPath: /var/run/secrets/rotation-credential-secret`
			`readOnly: true`
Local integration test 2021-12-15 12:49:57 +00:00			`volumes:`
			`- name: cloud-data-volume`
			`persistentVolumeClaim:`
			`claimName: cloud-pvc`
			`- name: cloud-secret-volume`
			`secret:`
			`secretName: cloud-secret`
			`- name: backup-secret-volume`
			`secret:`
			`secretName: backup-secret`
add rotation-credential-volume to backup-restore-deployment 2024-04-12 09:27:23 +00:00			`- name: rotation-credential-secret-volume`
			`secret:`
			`secretName: rotation-credential-secret`