From 0a9c20b78cbdd7c17724942dcc80ad3f942e7ce8 Mon Sep 17 00:00:00 2001
From: Grant <5445379+grantdhunter@users.noreply.github.com>
Date: Mon, 10 Mar 2025 21:11:17 -0600
Subject: [PATCH] Add backups

---
 README.md     |  5 +++++
 helmfile.lock | 17 ++++++++++-------
 helmfile.yaml | 40 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 55 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 28ee38a..c0b985f 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,11 @@ bws run 'helmfile apply'
 kubectl label namespace rook-ceph pod-security.kubernetes.io/enforce=privileged
 ```
 
+#### k8up
+This requires some CRDs which can be installed via:
+```sh
+kubectl apply -f https://github.com/k8up-io/k8up/releases/download/k8up-4.8.4/k8up-crd.yaml --server-side
+```
 #### Traefik
 ```sh
 kubectl create secret generic digitalocean-api-key --from-literal=token=$DIGITAL_OCEAN_API_TOKEN
diff --git a/helmfile.lock b/helmfile.lock
index de36966..ff7a580 100644
--- a/helmfile.lock
+++ b/helmfile.lock
@@ -2,10 +2,13 @@ version: 0.170.1
 dependencies:
 - name: ghost
   repository: https://charts.bitnami.com/bitnami
-  version: 22.1.17
+  version: 22.1.19
 - name: ghost
   repository: https://charts.bitnami.com/bitnami
-  version: 22.1.17
+  version: 22.1.19
+- name: k8up
+  repository: https://k8up-io.github.io/k8up
+  version: 4.8.4
 - name: mariadb
   repository: https://charts.bitnami.com/bitnami
   version: 20.4.1
@@ -20,12 +23,12 @@ dependencies:
   version: 5.7.2
 - name: rook-ceph
   repository: https://charts.rook.io/release
-  version: v1.16.4
+  version: v1.16.5
 - name: rook-ceph-cluster
   repository: https://charts.rook.io/release
-  version: v1.16.4
+  version: v1.16.5
 - name: traefik
   repository: https://traefik.github.io/charts
-  version: 34.4.0
-digest: sha256:ae3af00aca7e75b01aeac08d366f89f2025cb82e07620502af0801f1e619538f
-generated: "2025-03-01T19:29:55.83351644-07:00"
+  version: 34.4.1
+digest: sha256:639b864ac6cbaa4164f58c388865d7a2796abbfacec9e69c5c077e1452cb557c
+generated: "2025-03-09T19:02:38.355742026-06:00"
diff --git a/helmfile.yaml b/helmfile.yaml
index 8d237e2..73820d0 100644
--- a/helmfile.yaml
+++ b/helmfile.yaml
@@ -11,6 +11,10 @@ repositories:
     url: https://charts.bitnami.com/bitnami
   - name: crunchydata
     url: git+https://github.com/grantdhunter/postgres-operator@helm?ref=main
+  - name: immich
+    url: https://immich-app.github.io/immich-charts
+  - name: k8up-io
+    url: https://k8up-io.github.io/k8up
 releases:
   # networking
   - name: metallb
@@ -89,6 +93,8 @@ releases:
         value: {{ requiredEnv "GOATCHAT_REGISTRATION_SHARED_SECRET"}}
       - name: adminApiSharedSecret
         value: {{ requiredEnv "GOATCHAT_REGISTRATION_ADMIN_API_SHARE_SECRET"}}
+
+  # ghost blogs
   - name: kgnot-ghost
     namespace: ghost
     createNamespace: true
@@ -107,3 +113,37 @@ releases:
     setString:
       - name: ghostUsername
         value: {{ requiredEnv "GHOST_53LL_USER_NAME" }}
+
+  # backup
+  - name: k8up
+    namespace: k8up
+    createNamespace: true
+    chart: k8up-io/k8up
+  # backups
+  - name: k8up-backup
+    namespace: ghost
+    chart: ./k8up-backup
+    createNamespace: true    
+    values:
+      - ./k8up-backup/values_override.yaml
+    setString:
+      - name: credentials.id
+        value:  {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
+      - name: credentials.key
+        value:  {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
+      - name: repoPassword
+        value:  {{ requiredEnv "k8UP_REPO_PASSWORD" }}
+  - name: goatchat-backup
+    namespace: goatchat
+    chart: ./k8up-backup
+    createNamespace: true    
+    values:
+      - ./k8up-backup/values_override.yaml
+    setString:
+      - name: credentials.id
+        value:  {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
+      - name: credentials.key
+        value:  {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
+      - name: repoPassword
+        value:  {{ requiredEnv "k8UP_REPO_PASSWORD" }}
+