diff --git a/.gitignore b/.gitignore index badefc2..d3ed621 100644 --- a/.gitignore +++ b/.gitignore @@ -25,8 +25,6 @@ logs/ # config files my-auth.edn my-config.edn -auth-local.edn -config-local.edn auth.edn config.edn diff --git a/auth-local.edn b/auth-local.edn new file mode 100644 index 0000000..d924c44 --- /dev/null +++ b/auth-local.edn @@ -0,0 +1,7 @@ +{:postgres-db-user "nextcloud" + :postgres-db-password "dbpass" + :nextcloud-admin-user "cloudadmin" + :nextcloud-admin-password "cloudpassword" + :aws-access-key-id "" + :aws-secret-access-key "" + :restic-password "test-password"} diff --git a/config-local.edn b/config-local.edn new file mode 100644 index 0000000..67b820b --- /dev/null +++ b/config-local.edn @@ -0,0 +1,6 @@ +{:fqdn "cloudhost" + :issuer :staging + :nextcloud-data-volume-path "/var/cloud" + :postgres-data-volume-path "/var/postgres" + :restic-repository "s3://k3stesthost/mybucket" + :local-integration-test true} diff --git a/src/main/cljc/dda/c4k_nextcloud/backup.cljc b/src/main/cljc/dda/c4k_nextcloud/backup.cljc index c3d32e8..4a499c9 100644 --- a/src/main/cljc/dda/c4k_nextcloud/backup.cljc +++ b/src/main/cljc/dda/c4k_nextcloud/backup.cljc @@ -29,8 +29,11 @@ (defn generate-cron [] (yaml/from-string (yaml/load-resource "backup/cron.yaml"))) -(defn generate-backup-restore-deployment [] - (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))) +(defn generate-backup-restore-deployment [my-conf] + (let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))] + (if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf))) + (cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt") + backup-restore-yaml))) (defn generate-secret [my-auth] (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth] diff --git a/src/main/cljc/dda/c4k_nextcloud/core.cljc b/src/main/cljc/dda/c4k_nextcloud/core.cljc index 030dd62..d95eb36 100644 --- a/src/main/cljc/dda/c4k_nextcloud/core.cljc +++ b/src/main/cljc/dda/c4k_nextcloud/core.cljc @@ -43,7 +43,7 @@ [(yaml/to-string (backup/generate-config config)) (yaml/to-string (backup/generate-secret config)) (yaml/to-string (backup/generate-cron)) - (yaml/to-string (backup/generate-backup-restore-deployment))])))) + (yaml/to-string (backup/generate-backup-restore-deployment config))])))) (defn-spec generate any? [my-config config? diff --git a/src/main/resources/backup/backup-restore-deployment.yaml b/src/main/resources/backup/backup-restore-deployment.yaml index 68c7e19..85787f6 100644 --- a/src/main/resources/backup/backup-restore-deployment.yaml +++ b/src/main/resources/backup/backup-restore-deployment.yaml @@ -56,6 +56,8 @@ spec: key: restic-repository - name: RESTIC_PASSWORD_FILE value: /var/run/secrets/backup-secrets/restic-password + - name: CERTIFICATE_FILE + value: "" volumeMounts: - name: cloud-data-volume mountPath: /var/backups @@ -65,6 +67,9 @@ spec: - name: cloud-secret-volume mountPath: /var/run/secrets/cloud-secrets readOnly: true + - name: localstack-secret-volume + mountPath: /var/run/secrets/localstack-secrets + readOnly: true volumes: - name: cloud-data-volume persistentVolumeClaim: @@ -74,4 +79,7 @@ spec: secretName: cloud-secret - name: backup-secret-volume secret: - secretName: backup-secret \ No newline at end of file + secretName: backup-secret + - name: localstack-secret-volume + secret: + secretName: localstack-secret \ No newline at end of file diff --git a/src/test/resources/local-integration-test/setup-local-s3-on-k3d.sh b/src/test/resources/local-integration-test/setup-local-s3-on-k3d.sh index e44bdd9..bfc9d83 100755 --- a/src/test/resources/local-integration-test/setup-local-s3-on-k3d.sh +++ b/src/test/resources/local-integration-test/setup-local-s3-on-k3d.sh @@ -22,7 +22,7 @@ function main() echo export ENDPOINT=$(kubectl get ingress -o jsonpath="{$.items[*].status.loadBalancer.ingress[*].ip}") - sudo bash -c "echo \"$ENDPOINT k3stesthost cloudhost\" >> /etc/hosts" + sudo bash -c "echo \"$ENDPOINT k3stesthost cloudhost\" >> /etc/hosts" # Remove this, works for testing, but fills your /etc/hosts echo until curl --silent --fail k3stesthost:80 k3stesthost/health | grep -o '"s3": "available"'