shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reapply "feat: add backups for postgres"

Browse Source 
This reverts commit d5d242601f.
This commit is contained in:
Shahab Dogar
2025-09-06 20:49:22 +05:00
parent 1b6e98f626
commit 12466975f4
4 changed files with 88 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
1password/secrets.json
View File

@@ -82,6 +82,7 @@
},
{
"name": "cloudflare-r2-token",
"namespace": "postgres-system",
"itemPath": "vaults/Private/items/cloudflare"
}
]

37
flake.lock generated
View File

@@ -18,6 +18,42 @@
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"krew2nix": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1716272275,
"narHash": "sha256-JWDyPhAJp263EVVsGrKwrJU+xdDReHsDmSe7A190/Cg=",
"owner": "eigengrau",
"repo": "krew2nix",
"rev": "0c1fecaab044dba1249c5d09366891ec467b4ad2",
"type": "github"
},
"original": {
"owner": "eigengrau",
"repo": "krew2nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1756819007,
@@ -37,6 +73,7 @@
"root": {
"inputs": {
"flake-utils": "flake-utils",
"krew2nix": "krew2nix",
"nixpkgs": "nixpkgs"
}
},

13
flake.nix
View File

@@ -4,9 +4,14 @@
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-utils.url = "github:numtide/flake-utils";
krew2nix = {
url = "github:eigengrau/krew2nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { nixpkgs, flake-utils, ... }: flake-utils.lib.eachDefaultSystem (system:
outputs = { nixpkgs, flake-utils, krew2nix, ... }: flake-utils.lib.eachDefaultSystem (system:
let
lib = nixpkgs.lib;
@@ -19,12 +24,16 @@
];
};
};
kubectl = krew2nix.packages.${system}.kubectl;
in {
# Define the devShell for the current system
devShell = pkgs.mkShell {
buildInputs = with pkgs; [
kubernetes-helm
kubectl
(kubectl.withKrewPlugins (plugins: with plugins; [
cnpg
]))
nil
terraform
tflint

43
postgres/index.ts
View File

@@ -35,7 +35,7 @@ export class PostgresCluster extends Construct {
namespace: options.namespace,
});
const destinationPath = "s3://rihla-backups/";
const destinationPath = "s3://homelab-backups/";
const endpointURL = options.backupR2EndpointURL;
const barmanConfiguration = {
@@ -321,7 +321,7 @@ export class PostgresCluster extends Construct {
},
spec: {
instances: 3,
maxSyncReplicas: 0,
maxSyncReplicas: 1,
primaryUpdateStrategy: "unsupervised",
certificates: {
serverCASecret: certNames.server,
@@ -346,12 +346,47 @@ export class PostgresCluster extends Construct {
],
enableSuperuserAccess: false,
bootstrap: {
initdb: {
recovery: {
source: "clusterBackup",
database: "postgres",
owner: options.primaryUser,
secret: {
name: options.initSecretName,
},
postInitSQL: [`CREATE USER ${options.primaryUser} SUPERUSER;`],
},
},
externalClusters: [
{
name: "clusterBackup",
plugin: {
name: "barman-cloud.cloudnative-pg.io",
parameters: {
barmanObjectName: "r2-postgres-backup-store",
serverName: "postgres-cluster",
},
},
},
],
managed: {
services: {
disabledDefaultServices: ["ro", "r"],
additional: [
{
selectorType: "rw",
serviceTemplate: {
metadata: {
name: "postgres-cluster",
annotations: {
"external-dns.alpha.kubernetes.io/hostname":
"postgres.dogar.dev",
},
},
spec: {
type: "LoadBalancer",
},
},
},
],
},
},
storage: {