c4k-nextcloud/main/resources/backup/cron.yaml

65 lines
No EOL
2.3 KiB
YAML

apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cloud-backup
labels:
app.kubernetes.part-of: cloud
spec:
schedule: "10 23 * * *"
successfulJobsHistoryLimit: 0
failedJobsHistoryLimit: 0
jobTemplate:
spec:
template:
spec:
containers:
- name: backup-app
image: domaindrivenarchitecture/meissa-cloud-backup
imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"]
env:
- name: POSTGRES_USER_FILE
value: /var/run/secrets/cloud-secrets/postgres-user
- name: POSTGRES_DB_FILE
value: /var/run/secrets/cloud-secrets/postgres-db
- name: POSTGRES_PASSWORD_FILE
value: /var/run/secrets/cloud-secrets/postgres-password
- name: POSTGRES_HOST
value: "postgresql-service:5432"
- name: POSTGRES_SERVICE
value: "postgresql-service"
- name: POSTGRES_PORT
value: "5432"
- name: AWS_DEFAULT_REGION
value: eu-central-1
- name: AWS_ACCESS_KEY_ID_FILE
value: /var/run/secrets/backup-secrets/aws-access-key-id
- name: AWS_SECRET_ACCESS_KEY_FILE
value: /var/run/secrets/backup-secrets/aws-secret-access-key
- name: RESTIC_REPOSITORY
valueFrom:
configMapKeyRef:
name: backup-config
key: restic-repository
- name: RESTIC_PASSWORD_FILE
value: /var/run/secrets/backup-secrets/restic-password
volumeMounts:
- name: cloud-data-volume
mountPath: /var/backups
- name: backup-secret-volume
mountPath: /var/run/secrets/backup-secrets
readOnly: true
- name: cloud-secret-volume
mountPath: /var/run/secrets/cloud-secrets
readOnly: true
volumes:
- name: cloud-data-volume
persistentVolumeClaim:
claimName: cloud-pvc
- name: cloud-secret-volume
secret:
secretName: cloud-secret
- name: backup-secret-volume
secret:
secretName: backup-secret
restartPolicy: OnFailure