diff --git a/infrastructure/backup/base/kustomization.yaml b/infrastructure/backup/base/kustomization.yaml
index 3dcdde1..f694edc 100644
--- a/infrastructure/backup/base/kustomization.yaml
+++ b/infrastructure/backup/base/kustomization.yaml
@@ -1,5 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
-- ./cronjob.yaml
-- ./restic-password.sealedsecret.yaml
\ No newline at end of file
+ - cronjob.yaml
diff --git a/infrastructure/backup/base/restic-password.sealedsecret.yaml b/infrastructure/backup/base/restic-password.sealedsecret.yaml
deleted file mode 100644
index a709027..0000000
--- a/infrastructure/backup/base/restic-password.sealedsecret.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- "kind": "SealedSecret",
- "apiVersion": "bitnami.com/v1alpha1",
- "metadata": {
- "name": "restic-gdrive-credentials",
- "namespace": "default",
- "creationTimestamp": null
- },
- "spec": {
- "template": {
- "metadata": {
- "name": "restic-gdrive-credentials",
- "namespace": "default",
- "creationTimestamp": null
- },
- "type": "Opaque"
- },
- "encryptedData": {
- "restic-password": "AgBmBxpJ+f3FHYJloHi7JgQxQwIXCs9fK1TmXbI7LH19Wm4pVco7LEAY8KZaMfa6hU50a5cZZvA18n2jS3LHzQyS5tWu+LnKChgh64ZsxGbC5yGFnX/E8LAqAKfUR7o41rx8nfBOcCMNHSg6Ik9nS4yiWI5UFaByiStZw602IBklDGZqdV4kTuAbQJQ+9GoHCWVrwcJUFFTGw6SIBY9F3AugV/9NI7AB7LeHqzF4jsoVrzUVuWtb+OSgmJQw+NHW83pte1j1CXW+4DQPRXODAvfh/fec7dhMy3Yg9ZDEq9DI5GtrspS8Trw+cWi3aPHvbE1qwC+z8nyP+CVbhk4Aq18P6ug2lqJikH6d5XE9S5C9ZTa63xF2vrdLddovpPyZZ8i6GFx9XOIByn4x8YHbYQJ4jXF6ghKyJjaEQWTNmHx+RtZ/IQL38zzQTD0DU4ySzPPDZg3VBd+jNvtxqq7U7rKKFapXvD/in+za7ASLUfva8HFRXtfWRG3QDK4ZN0I03iOAWBdpU/YbbyihVfAIwuexGHg0Tqtfldpb5TZWFRFz5JoIuUen6cWko+nru7OjU1erPgRzH/M10Xe+qTefSUJ7ZvNn1EiwXYcio/ITUFUKTlwEO4gUl8w57q6GviQfZYkI/HtByPL0F7yQh6fOcYfVKvZnVIb0nGXh6H6lzlfL5NsmwmCEd56dJxG8Br+A7XeuUjXiPb/LEZX9b7R+ClD2ytFFMqF+/Ws="
- }
- }
-}
diff --git a/infrastructure/backup/secrets/kustomization.yaml b/infrastructure/backup/secrets/kustomization.yaml
new file mode 100644
index 0000000..12529e1
--- /dev/null
+++ b/infrastructure/backup/secrets/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - rclone-config.sealedsecret.yaml
+ - restic-password.sealedsecret.yaml
diff --git a/infrastructure/backup/rclone-config.sealedsecret.yaml b/infrastructure/backup/secrets/rclone-config.sealedsecret.yaml
similarity index 100%
rename from infrastructure/backup/rclone-config.sealedsecret.yaml
rename to infrastructure/backup/secrets/rclone-config.sealedsecret.yaml
diff --git a/infrastructure/backup/secrets/restic-password.sealedsecret.yaml b/infrastructure/backup/secrets/restic-password.sealedsecret.yaml
new file mode 100644
index 0000000..9b4fc59
--- /dev/null
+++ b/infrastructure/backup/secrets/restic-password.sealedsecret.yaml
@@ -0,0 +1,22 @@
+{
+ "kind": "SealedSecret",
+ "apiVersion": "bitnami.com/v1alpha1",
+ "metadata": {
+ "name": "restic-gdrive-credentials",
+ "namespace": "backup",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "template": {
+ "metadata": {
+ "name": "restic-gdrive-credentials",
+ "namespace": "backup",
+ "creationTimestamp": null
+ },
+ "type": "Opaque"
+ },
+ "encryptedData": {
+ "restic-password": "AgB5b+dgVUtVo5QPPFBYWuqNZd7vMSbTapVh7SIl1ogy+/WWpzDDSgsPvki2Qtxv11tljTQkhkhonil0aYcHgA/4LDEt9yuvB2SNpEkl+C2N5NO1Fn3sUtaDRVBT/eaUhEjXTlRN6XiYfDRgNwBVpH3AUwKHa3dqxCJ6fQazUEhn3Xymxpo/GZkScf5k+fhkBi2/YnzM9Kdl3C9r8Ekw1eg2Pan7KSkFRk1rkGuDJKdhsYBrmu632yU7x8no7rGAIzxYJpDYqJnXp6Y3nUTBMpwNibOszAwTdP+ShgnILSmi0izZrIzvvvwAjNu6hKrhPlcTx3ZA2NrClRYtXx1gqCgVmGRzonqLuzVnWzd2efWDHkb8S0QnYjN0aAeAvR6x77TdIm8b9WMhAqeheikXh9zrrB4GqLoSxpkgmRezJFBVQ01vZrjkpu+KHHfVZqKg+3ChfjdbS4CQoK7IgUSguAifOaHH6Kb81LsraKKCDEr5vynHKL6jsuvgOPSkgPtzxasQQGR7CDNHnvm1ekFTbDpQ2KyHl3Ep5LCqlB79RhuPytprePHxQJa3qxv/EEIL8zxV1qhAvKa55RQIV3pLqDbPrj9EbD7LAYMbmIsFg3nSbZZaZV55gATN4PX86EZCIaC5/WTXSNIEmyedpcyhSzCZvpQOVjWggtCzUDsgCBADmmFAtuqd/POXXNbgPprEOJXyCdLvbL9cp3lG01sw+gqq08RqPlhKn5Q="
+ }
+ }
+}
diff --git a/kluster-deployments/backup/backup.application.yaml b/kluster-deployments/backup/backup.application.yaml
index 0b57998..c004ef4 100644
--- a/kluster-deployments/backup/backup.application.yaml
+++ b/kluster-deployments/backup/backup.application.yaml
@@ -7,7 +7,7 @@ spec:
project: default
source:
repoURL: https://github.com/moll-re/k3s-infra.git
- targetRevision: HEAD
+ targetRevision: main
path: infrastructure/backup/overlays/backup
destination:
server: https://kubernetes.default.svc
diff --git a/kluster-deployments/backup/kustomization.yaml b/kluster-deployments/backup/kustomization.yaml
index 26df15e..23e4cf8 100644
--- a/kluster-deployments/backup/kustomization.yaml
+++ b/kluster-deployments/backup/kustomization.yaml
@@ -1,5 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
+ - secrets.application.yaml
- backup.application.yaml
- prune.application.yaml
diff --git a/kluster-deployments/backup/prune.application.yaml b/kluster-deployments/backup/prune.application.yaml
index 6187bc1..45a980d 100644
--- a/kluster-deployments/backup/prune.application.yaml
+++ b/kluster-deployments/backup/prune.application.yaml
@@ -7,7 +7,7 @@ spec:
project: default
source:
repoURL: https://github.com/moll-re/k3s-infra.git
- targetRevision: HEAD
+ targetRevision: main
path: infrastructure/backup/overlays/prune
destination:
server: https://kubernetes.default.svc
diff --git a/kluster-deployments/backup/secrets.application.yaml b/kluster-deployments/backup/secrets.application.yaml
new file mode 100644
index 0000000..16599f2
--- /dev/null
+++ b/kluster-deployments/backup/secrets.application.yaml
@@ -0,0 +1,18 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: restic-secrets-application
+ namespace: argocd
+spec:
+ project: default
+ source:
+ repoURL: https://github.com/moll-re/k3s-infra.git
+ targetRevision: main
+ path: infrastructure/backup/secrets
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: backup
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
\ No newline at end of file