104 lines
3.1 KiB
YAML
104 lines
3.1 KiB
YAML
# gitea-backup.yaml
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: gitea-backup-script
|
|
namespace: gitea
|
|
data:
|
|
backup.sh: |
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
BACKUP_DIR="/backup/gitea"
|
|
DATE=$(date +%Y%m%d_%H%M%S)
|
|
BACKUP_FILE="gitea_${DATE}.zip"
|
|
RETENTION_DAYS=30
|
|
|
|
echo "[$(date)] Starting Gitea backup..."
|
|
|
|
# Create backup directory (may fail if permissions issue, that's ok)
|
|
mkdir -p ${BACKUP_DIR} 2>/dev/null || true
|
|
|
|
# Change to temp directory for dump
|
|
cd /tmp
|
|
|
|
# Run Gitea dump
|
|
if gitea dump -c /data/gitea/conf/app.ini --type zip; then
|
|
echo "[$(date)] ✓ Gitea dump successful"
|
|
|
|
# Find the created dump file
|
|
DUMP_FILE=$(ls -t gitea-dump-*.zip 2>/dev/null | head -1)
|
|
|
|
if [ -n "$DUMP_FILE" ] && [ -f "$DUMP_FILE" ]; then
|
|
# Move to backup directory with our naming convention
|
|
mv "$DUMP_FILE" ${BACKUP_DIR}/${BACKUP_FILE}
|
|
SIZE=$(du -h ${BACKUP_DIR}/${BACKUP_FILE} | cut -f1)
|
|
echo "[$(date)] Backup size: ${SIZE}"
|
|
else
|
|
echo "[$(date)] ✗ ERROR: Dump file not found!"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "[$(date)] ✗ Gitea dump failed!"
|
|
exit 1
|
|
fi
|
|
|
|
# Cleanup old backups
|
|
echo "[$(date)] Cleaning up backups older than ${RETENTION_DAYS} days..."
|
|
find ${BACKUP_DIR} -name "gitea_*.zip" -mtime +${RETENTION_DAYS} -delete 2>/dev/null || true
|
|
|
|
# List recent backups
|
|
echo "[$(date)] Recent backups:"
|
|
ls -lh ${BACKUP_DIR} 2>/dev/null | tail -5 || echo "Could not list backups"
|
|
|
|
echo "[$(date)] Gitea backup completed successfully"
|
|
---
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: gitea-backup
|
|
namespace: gitea
|
|
spec:
|
|
schedule: "0 3 * * *"
|
|
successfulJobsHistoryLimit: 3
|
|
failedJobsHistoryLimit: 3
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
spec:
|
|
securityContext:
|
|
runAsUser: 1000 # Run as git user
|
|
runAsGroup: 1000 # Run as git group
|
|
fsGroup: 1000 # Set filesystem group
|
|
containers:
|
|
- name: gitea-backup
|
|
image: gitea/gitea:1.24 # Match your version
|
|
command: ["/bin/bash", "/scripts/backup.sh"]
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
runAsNonRoot: true
|
|
volumeMounts:
|
|
- name: backup-script
|
|
mountPath: /scripts
|
|
- name: gitea-data
|
|
mountPath: /data
|
|
- name: backup-storage
|
|
mountPath: /backup
|
|
- name: tmp
|
|
mountPath: /tmp
|
|
volumes:
|
|
- name: backup-script
|
|
configMap:
|
|
name: gitea-backup-script
|
|
defaultMode: 0755
|
|
- name: gitea-data
|
|
persistentVolumeClaim:
|
|
claimName: gitea-shared-storage # Adjust to your PVC name
|
|
- name: backup-storage
|
|
hostPath:
|
|
path: /mnt/backup/k8s-backups # Fixed path
|
|
type: DirectoryOrCreate
|
|
- name: tmp
|
|
emptyDir: {}
|
|
restartPolicy: OnFailure
|