mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 04:59:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

authentik cnpg backup and restore

Browse Source
This commit is contained in:
Michael Thomson
2025-06-10 12:03:07 -04:00
parent c9f9d7ed8f
commit a70c3c6359
3 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apps/authentik/backblaze-secret.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: backblaze-secret
namespace: authentik
spec:
encryptedData:
ACCESS_KEY_ID: AgCruRRqYpPLNTkAUH+X/pO1/Zjae1kxe0nF00/HhEvYbTpkrhH9TDwvEhcTMMMWqnj+ujH3xnLl+IlqJRKryqegNgpXpoizGVRKCfjUQwlIdXZK83wIuMLHxynOO7VsOwnEjxEZKX2UvDna0RcaIiI3FD5kKI8/0o4Fwjr0LXKsPG9fhM5H+TjqHwE9tGoG722PPwWCnUiBXJ2p7kQjfmLj+kuwIZ+5nOSYiX8gy+EEt1kyYX11OrNtTGSZVowATp7Ti36UF5zaQXkwaiAZZ7nbyiughitcOraaDzr0+8MrA4kVDK2aV+XIsVx2XeKq1E+Cyj42Vkyumt76F2VYwHMlR8XcY+Uvj+t3wAYPapaKgwWf2xE7tBEB6l4NMTZl6+5czE5Djw091cCk6kR/OFtHG8X35UolEinZBjgMALbyD6wpAg9tzvtjvOEqU5M79CqaiAIfnZWmPSRqU/EN0SgeiYJ4XcEYZ7ZTd4DAes/w+42aDkUXvli0jmKwJF401oxsqSHHTKg61Hd5BhbDFeIlV64EVIC/cIF5Srn3z5Gveu5IUJjOGHUhedQiv/zT8t4Tp7vVVyZvvh+eYsxMkIDWStVneA3xJm0/XnVKPBE/QkqVXVcnv6oikjX4lLl7d0KBIlkIG87vJFFX8PEv/gXgx4Y4R1as4a/gAW9q6gHeMXtAR/Cg59VV+jrcx5E4mzJTLXZjVCVQocFswd4OjRVF26Yvw/Rwjwdb
ACCESS_SECRET_KEY: AgCUA+XC9CLv81ur5o+7ONsJf/YUM8I4bhBa6Lzd3Lg9e7q4jXcb6amtyxoSUdWFk8kL+v9P+PKazfxxB8lYiufuk00WAhMspicDncb2tQrhHT8vRNhlMnvkV0eBVYidgQo98OvGCEwR09qrja/KC162ArxrWyfUtPme5Oxit/QpDrMm/PX80fGP2bgGq9gV2jp4N3ktwb/QpwvslDw41IPPfQMzTgUyf+m3dLRnQHs/2xvt9uiok8unCJZoaBwdDYVY7EKvQ+HdEzLJEqZo4Gr9VFepyDdXJ3ZbykaBwqVv3beYs/zIjXnSnNX5hmSITFz0OUlB2UPs9yr7ugJCIckQ9hH2ZBLUAe3Q+AUIveKgOKRjD45JsldIsn8Qx0M6SrbyIlrx4ds2cY1iD2knKVpGcPna7rrLB9oPYr44tJxXv243bKKGlCg4g4kqmUq6r8v3HbVN0A+KlCFNa6FHvBn3X4j4AylHhzWdOgdwRiyGUivqFpLBNx2P71VdizrmhDeA0seobHvmKoPRJPob7QASo6H8nEjc+z2hfqsBhQxHSo5JdXxbuJHbzZEjGeMn/d9iBkvNk8Rg00MfU3b4Dd3TIr97eC3A57ZCx8PiVbIlFhAvGiHB70swRiypGWLmuNmYj29QHFe+YjaiyrbIHeFNi5svL+YBvN15aMsAMx+Vu87Wb3b6vJyPWiX4BIyiJwuJbVv2ADOzQY2dVpfBgLVlWGdr4apThVDxZ4+b2tYJ
template:
metadata:
creationTimestamp: null
name: backblaze-secret
namespace: authentik

29
apps/authentik/cluster.yaml
View File

@@ -18,7 +18,36 @@ spec:
owner: authentik
secret:
name: authentik-postgres-credentials
recovery:
source: clusterBackup
storage:
size: 8Gi
storageClass: longhorn-pg
externalClusters:
- name: clusterBackup
barmanObjectStore:
destinationPath: "s3://mthomson-cnpg-backup@us-west-004/authentik"
endpointURL: s3.us-west-004.backblazeb2.com
s3Credentials:
accessKeyId:
name: backblaze-secret
key: ACCESS_KEY_ID
secretAccessKey:
name: backblaze-secret
key: ACCESS_SECRET_KEY
wal:
maxParallel: 8
backup:
barmanObjectStore:
destinationPath: "s3://mthomson-cnpg-backup@us-west-004/authentik"
endpointURL: s3.us-west-004.backblazeb2.com
s3Credentials:
accessKeyId:
name: backblaze-secret
key: ACCESS_KEY_ID
secretAccessKey:
name: backblaze-secret
key: ACCESS_SECRET_KEY

11
apps/authentik/scheduled-backup.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: postgresql.cnpg.io/v1
kind: ScheduledBackup
metadata:
name: scheduled-backup
namespace: authentik
spec:
schedule: "0 0 0 * * *"
backupOwnerReference: self
immediate: true
cluster:
name: authentik-postgres