Add recurring backup job for our data to lewis.dmz via NFS

Add documentation on our Longhorn usage Migrate Hedgedoc uploads to Longhorn Fix mounting of data disk on Lewis
2024-05-20 17:47:49 +02:00 · 2024-05-20 17:47:49 +02:00 · 790746a4ce
commit 790746a4ce
parent 05a49f4e35
7 changed files with 117 additions and 25 deletions
--- a/kubenix-modules/custom-types.nix
+++ b/kubenix-modules/custom-types.nix
@ -31,5 +31,12 @@
      version = "v1";
      kind = "ClusterIssuer";
    };
+
+    recurringJob = {
+      attrName = "recurringJobs";
+      group = "longhorn.io";
+      version = "v1beta1";
+      kind = "RecurringJob";
+    };
  };
 }
--- a/kubenix-modules/hedgedoc.nix
+++ b/kubenix-modules/hedgedoc.nix
@ -62,7 +62,7 @@
            };

            volumes = {
-              uploads.persistentVolumeClaim.claimName = "hedgedoc";
+              uploads.persistentVolumeClaim.claimName = "hedgedoc-uploads";
              config.configMap.name = "hedgedoc-config";
            };
          };
@ -70,6 +70,23 @@
      };
    };

+    # pods.testje.spec = {
+    #   containers.testje = {
+    #     image = "nginx";
+
+    #     volumeMounts = [
+    #       {
+    #         name = "uploads";
+    #         mountPath = "/hedgedoc/public/uploads";
+    #       }
+    #     ];
+    #   };
+
+    #   volumes = {
+    #     uploads.persistentVolumeClaim.claimName = "hedgedoc-uploads";
+    #   };
+    # };
+
    services.hedgedoc.spec = {
      selector.app = "hedgedoc";

@ -78,11 +95,47 @@
        targetPort = "web";
      };
    };
+
+    persistentVolumeClaims.hedgedoc-uploads.spec = {
+      accessModes = [ "ReadWriteOnce" ];
+      resources.requests.storage = "50Mi";
+      storageClassName = "";
+    };
+
+    persistentVolumes.hedgedoc-uploads.spec = {
+      accessModes = [ "ReadWriteOnce" ];
+      capacity.storage = "50Mi";
+
+      claimRef = {
+        name = "hedgedoc-uploads";
+        namespace = "default";
+      };
+
+      csi = {
+        driver = "driver.longhorn.io";
+        fsType = "ext4";
+
+        volumeAttributes = {
+          dataLocality = "disabled";
+          fromBackup = "";
+          fsType = "ext4";
+          numberOfReplicas = "2";
+          recurringJobSelector = lib.generators.toYAML { } [{
+            name = "backup-nfs";
+            isGroup = false;
+          }];
+          staleReplicaTimeout = "30";
+          unmapMarkSnapChainRemoved = "ignored";
+        };
+        volumeHandle = "hedgedoc-uploads";
+      };
+
+      persistentVolumeReclaimPolicy = "Delete";
+      volumeMode = "Filesystem";
+    };
  };

  lab = {
-    nfsVolumes.hedgedoc.path = "hedgedoc/uploads";
-
    ingresses.hedgedoc = {
      host = "md.kun.is";

--- a/kubenix-modules/inbucket.nix
+++ b/kubenix-modules/inbucket.nix
@ -1,4 +1,4 @@
-{ myLib, ... }: {
+{ lib, myLib, ... }: {
  kubernetes.resources = {
    deployments.inbucket = {
      metadata.labels.app = "inbucket";
@ -17,14 +17,7 @@
                web.containerPort = 9000;
                smtp.containerPort = 2500;
              };
-
-              volumeMounts = [{
-                name = "storage";
-                mountPath = "/storage";
-              }];
            };
-
-            volumes.storage.persistentVolumeClaim.claimName = "inbucket";
          };
        };
      };
@ -51,12 +44,6 @@
        }];
      };
    };
-
-    persistentVolumeClaims.inbucket.spec = {
-      accessModes = [ "ReadWriteOnce" ];
-      storageClassName = "longhorn";
-      resources.requests.storage = "30Mi";
-    };
  };

  lab.ingresses.inbucket = {
--- a/kubenix-modules/longhorn.nix
+++ b/kubenix-modules/longhorn.nix
@ -1,4 +1,4 @@
-{ nixhelm, system, ... }: {
+{ lib, nixhelm, system, ... }: {
  config = {
    kubernetes = {
      helm.releases.longhorn = {
@ -8,6 +8,8 @@
          defaultSettings = {
            defaultDataPath = "/mnt/longhorn";
            storageMinimalAvailablePercentage = 0;
+            allowRecurringJobWhileVolumeDetached = true;
+            backupTarget = "nfs://lewis.dmz:/mnt/data/nfs/longhorn-backup";
          };

          persistence = {
@ -46,6 +48,13 @@
            }];
          };
        };
+
+        recurringJobs.backup-nfs.spec = {
+          cron = "0 1 * * *"; # One o'clock at night
+          task = "backup";
+          retain = 2; # We don't need many, as we also make Borg backups.
+          concurrency = 1;
+        };
      };
    };
  };