Before you begin make sure you have PostgreSQL and object storage.
We recommend those Helm Charts for PostgreSQL and object storage if you do not have one:
Use Helm to import and install Backup Repository Helm Chart.
helm repo add riotkit-org https://riotkit-org.github.io/helm-of-revolution/
helm upgrade --install backups riotkit-org/backup-repository-server -n backup-repository --values values.yamlExample values.yaml file:
secrets:
BR_JWT_SECRET_KEY: "87GHq66A+uGkcn/AyxrnPYdd5F0XUmGlHsREbY3tcM4CpO6/dFL7z/057DHnp9nMdoYOpKxwYWrM9XyffjrBidm6/VCzfam9GwMlOac7TsidcTnSHG5IasPICb9bKE3h" # MANDATORY
BR_DB_HOSTNAME: "postgres-postgresql.backup-repository.svc.cluster.local"
BR_DB_PASSWORD: "putinchuj"
BR_DB_USERNAME: "riotkit"
BR_DB_NAME: "backup-repository"
BR_DB_PORT: "5432"
env:
AWS_SECRET_KEY: "wJaFuCKtnFEMI/CApItaliSM/bPxRfiCYEXAMPLEKEY"
AWS_ACCESS_KEY_ID: "AKIAIOSFODNN7EXAMPLE"
GIN_MODE: debug
ingress:
enabled: true
className: ""
annotations: {}
hosts:
- host: backup-repository.example.org
paths:
- path: /
pathType: ImplementationSpecificIn order to use with Ingress-Nginx you may want to adjust a few configuration options, to allow large file uploads.
# `kind: Ingress` annotations (.ingress.annotations in Helm)
nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
nginx.ingress.kubernetes.io/proxy-buffering: "off"
nginx.ingress.kubernetes.io/proxy-body-size: "0"Requirements:
- PostgreSQL
- Min.io or cloud storage
Check Min.io quickstart for the instructions on how to prepare the storage instance.
- Install PostgreSQL
- Configure pg_hba.conf to make sure you can login using IP address instead of UNIX socket (Backup Repository uses TCP/IP connection mode)
- Create database
Alternatively if you would like to use Docker to set up just the PostgreSQL, its easier:
docker run -d \
--name br_postgres \
-e POSTGRES_PASSWORD=postgres \
-e POSTGRES_USER=postgres \
-e POSTGRES_DB=postgres \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-v $$(pwd)/postgres-data:/var/lib/postgresql \
-p 5432:5432 \
postgres:14.1-alpine-
Download
backup-repositorybinary from Releases tab for selected stable version. -
Prepare configuration directory
Your configuration directory needs to have a proper structure. Every file is expected to be at given path according to the following pattern:
# for Backup Repository resources
{.metadata.namespace}/{.apiGroup}/{.apiVersion}/{kind}/{.metadata.name}.yaml
# for Secrets and ConfigMaps
{.metadata.namespace}/{.apiVersion}/{kind}/{.metadata.name}.yamlExample structure:
└── backup-repository
├── backups.riotkit.org
│ └── v1alpha1
│ ├── backupcollections
│ │ └── iwa-ait.yaml
│ └── backupusers
│ ├── admin.yaml
│ ├── some-user.yaml
│ └── unprivileged.yaml
└── v1
└── secrets
├── backup-repository-collection-secrets.yaml
└── backup-repository-passwords.yaml
- Run unpacked binary
# min.io credentials
export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE;
export AWS_SECRET_ACCESS_KEY=wJaFuCKtnFEMI/CApItaliSM/bPxRfiCYEXAMPLEKEY;
./backup-repository \
--db-hostname=127.0.0.1 \
--db-port=5432 \
--db-password=postgres \
--db-user=postgres \
--db-password=postgres \
--db-name=postgres \
--health-check-key=changeme \
--jwt-secret-key="secret key" \
--storage-io-timeout="5m" \
--listen=":8080" \
--provider=filesystem \
--config-local-path=./my-config-directory \
--storage-url="s3://mybucket?endpoint=localhost:9000&disableSSL=true&s3ForcePathStyle=true®ion=eu-central-1"