This repository has been archived by the owner on Jan 15, 2024. It is now read-only.
forked from Sovetnikov/nxs-backup
-
Notifications
You must be signed in to change notification settings - Fork 2
/
files+psql.values.yml
179 lines (168 loc) · 5.03 KB
/
files+psql.values.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
releasePrefix: "-"
envs:
ALERT_SYSTEM_URL: "https://you.alert-system.ru/alert"
PSQL_PORT: 6432
PSQL_USER: backup-user@app_db # `@<db_name>` uses if user don't have db with same name
secretEnvs:
SMPT_USR: [email protected]
SMPT_PASS: b64:YmFja3VwX3NtdHBfcGFzcw==
PSQL_HOST: 'rc1a-b70n6w4sg4g4r2wd.mdb.yandexcloud.net'
PSQL_PASS: secure_psql_user_pass
ALERT_AUTH_KEY: b64:c2VjdXJlX2FsZXJ0X2FwaV9rZXk=
S3_ACCESS_KEY: ""
S3_SECRET_KEY: ""
defaultImage: registry.nixys.ru/public/nxs-backup
defaultImageTag: 3.0.0-alpine
configMaps:
configs:
data:
main: |
project_name: My Project
server_name: k8s-backup
loglevel: info
notifications:
mail:
message_level: "err"
smtp_server: smtp.email.com
smtp_port: 465
smtp_user: ENV:SMPT_USR
smtp_password: ENV:SMPT_PASS
recipients:
webhooks:
- webhook_url: ENV:ALERT_SYSTEM_URL
message_level: "warn"
extra_headers:
"X-Auth-Key": ENV:ALERT_AUTH_KEY
payload_message_key: "triggerMessage"
extra_payload:
"isEmergencyAlert": false
"rawTriggerMessage": false
"monitoringURL": "-"
include_jobs_configs: ["conf.d/*.yaml"]
jobs: []
storage_connects:
- name: selectel_s3
s3_params:
bucket_name: Backups
access_key_id: ENV:S3_ACCESS_KEY
secret_access_key: ENV:S3_SECRET_KEY
endpoint: s3.storage.selcloud.ru
region: ru-1
files: |
job_name: "files backup"
type: desc_files
tmp_dir: /var/nxs-backup/tmp_dump
sources:
- name: upload
save_abs_path: yes
targets:
- /var/www/project/upload
excludes:
- log
- tmp
gzip: true
- name: data
save_abs_path: yes
targets:
- /var/www/project/data
excludes:
- log
- tmp/*
gzip: true
storages_options:
- storage_name: local
backup_path: /var/nxs-backup/files
retention:
days: 3
weeks: 0
months: 0
- storage_name: selectel_s3
backup_path: /nxs-backup/files
retention:
days: 30
weeks: 0
months: 12
database: |
job_name: psql backup
type: postgresql
tmp_dir: /var/nxs-backup/tmp_dump
sources:
- name: app_db
connect:
db_host: ENV:PSQL_HOST
db_port: ENV:PSQL_PORT
db_user: ENV:PSQL_USER
db_password: ENV:PSQL_PASS
psql_ssl_mode: verify-full
psql_ssl_root_cert: '/var/lib/secrets/psql_root.crt'
target_dbs:
- app_db
excludes:
- postgres
- app_db.information_schema
- app_db.app_schema.tmp
gzip: true
db_extra_keys: ''
storages_options:
- storage_name: local
backup_path: /var/nxs-backup/databases
retention:
days: 3
weeks: 0
months: 0
- storage_name: selectel_s3
backup_path: /nxs-backup/files
retention:
days: 30
weeks: 0
months: 12
secrets:
secret-files:
data:
psql_root.crt: |
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzVENDQXNXZ0F3SUJBZ0lLUHhiNXNBQUFBQUFBRnpBTkJna3Foa2lHOXcwQkFRMEZBREFmTVIwd0d3WUQKLi4uCmJ3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRkdUQ0NBd0dnQXdJQkFnSVFKTU03Wkl5MlNZeENCZ0s3V2NGd25qQU5CZ2txaGtpRzl3MEJBUTBGQURBZgouLi4KTHB1UUtiU2JJRVJzbVIrUXFRPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
pvcs:
nxs-backup:
accessModes:
- ReadWriteOnce
- ReadWriteMany
size: 1000Gi
cronJobs:
nxs-backup:
affinity:
nodeAffinity: {}
podAntiAffinity: {}
podAffinity: {}
schedule: "0 1 * * *"
containers:
- command: nxs-backup start
volumeMounts:
- name: secret-files
mountPath: /var/lib/secrets
- name: configs
mountPath: /etc/nxs-backup
- name: nxs-backup
mountPath: /var/nxs-backup
- name: app-data
mountPath: /var/www/project
volumes:
- name: nxs-backup
type: pvc
- name: secret-files
type: secret
- type: configMap
name: configs
items:
- key: main
path: nxs-backup.conf
- key: files
path: conf.d/files.conf
- key: database
path: conf.d/database.conf
extraVolumes:
- name: app-data
persistentVolumeClaim:
claimName: my-app-data-pvc
restartPolicy: OnFailure