apiVersion: batch/v1
kind: CronJob
metadata:
name: restic-backblaze
spec:
successfulJobsHistoryLimit: 2
failedJobsHistoryLimit: 2
jobTemplate:
spec:
template:
spec:
restartPolicy: Never
hostname: restic-kluster
# used by restic to identify the host
containers:
# run after completion of initContainers
- name: ntfy-command-send
image: curlimages/curl
command:
- /bin/sh
- -c
args:
- >-
curl
https://ntfy.kluster.moll.re/backup
-H "Title: ${OPERATION}"
-d "Finished successfully"
env:
- name: OPERATION
value: "PLACEHOLDER"
initContainers:
- name: restic-base-container
image: restic/restic:latest
command:
- /bin/sh
- -c
# >- strips newlines
# RESTIC_ARGS Can be for instance: --verbose --dry-run
args: []
volumeMounts:
- mountPath: /data
name: backup-nfs-access
env:
# secrets live in the same namespace as per kustomization.yaml
- name: RESTIC_PASSWORD
valueFrom:
secretKeyRef:
name: restic-gdrive-credentials
key: restic-password
- name: RESTIC_REPOSITORY
valueFrom:
secretKeyRef:
name: backblaze-credentials
key: repository-string
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: backblaze-credentials
key: key-id
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: backblaze-credentials
key: key-secret
volumes:
- name: backup-nfs-access
persistentVolumeClaim:
claimName: backup-nfs-access