setup cron local mail reporting and longhorn recurring backup job

2025-09-01 19:38:50 +02:00
parent 2d4cb5d8a5
commit 6d3adb5834
11 changed files with 278 additions and 25 deletions
--- a/argocd/templates/longhorn_backup_target.yaml
+++ b/argocd/templates/longhorn_backup_target.yaml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: longhorn-vault-secret-reader
+  namespace: longhorn-system
+---
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultAuth
+metadata:
+  name: longhorn-vault-secret-reader
+  namespace: longhorn-system
+spec:
+  method: kubernetes
+  mount: kubernetes
+  kubernetes:
+    role: longhorn
+    serviceAccount: longhorn-vault-secret-reader # le même que dans TF
+    audiences:
+      - vault
+---
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultStaticSecret
+metadata:
+  name: longhorn-gcs-backup-credentials
+  namespace: longhorn-system
+spec:
+  type: kv-v2
+  mount: kvv2
+
+  path: longhorn/gcs-backup
+  
+  destination:
+    name: longhorn-gcs-backup-credentials
+    create: true
+  
+  refreshAfter: 1h
+
+  vaultAuthRef: longhorn-vault-secret-reader
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: longhorn-default-resource
+  namespace: longhorn-system
+data:
+  default-resource.yaml: |
+    "backup-target": "s3://arcodange-backup@us-east-1/"
+    "backup-target-credential-secret": "longhorn-gcs-backup-credentials"
+    "backupstore-poll-interval": "180"