| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 |
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: duplicati
- namespace: plex
- spec:
- strategy:
- type: Recreate
- selector:
- matchLabels:
- app: duplicati
- replicas: 1
- template:
- metadata:
- labels:
- app: duplicati
- annotations:
- backup.velero.io/backup-volumes-excludes: plex,media2,data
- spec:
- containers:
- - name: duplicati
- image: lscr.io/linuxserver/duplicati:2.2.0
- ports:
- - containerPort: 8200
- name: http-web-svc
- env:
- - name: TZ
- value: Etc/UTC
- - name: PUID
- value: "1000"
- - name: PGID
- value: "1000"
- - name: DUPLICATI__WEBSERVICE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: duplicati
- key: DUPLICATI__WEBSERVICE_PASSWORD
- - name: SETTINGS_ENCRYPTION_KEY
- valueFrom:
- secretKeyRef:
- name: duplicati
- key: DUPLICATI__WEBSERVICE_PASSWORD
- volumeMounts:
- - mountPath: "/plex"
- name: plex
- - mountPath: "/media2"
- name: media2
- - mountPath: "/data"
- name: data
- - mountPath: "/config"
- name: config
- volumes:
- - name: plex
- persistentVolumeClaim:
- claimName: plex-pvc
- - name: media2
- persistentVolumeClaim:
- claimName: media2-pvc
- - name: data
- persistentVolumeClaim:
- claimName: data-ec-pvc
- - name: config
- persistentVolumeClaim:
- claimName: duplicati-pvc
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: duplicati-service
- namespace: plex
- spec:
- selector:
- app: duplicati
- type: ClusterIP
- ports:
- - name: duplicati-web-port
- protocol: TCP
- port: 8200
- targetPort: http-web-svc
- ---
- apiVersion: batch/v1
- kind: CronJob
- metadata:
- name: duplicati-run-tree
- namespace: plex
- spec:
- schedule: "0 0 * * 0"
- jobTemplate:
- spec:
- template:
- spec:
- containers:
- - name: tree
- image: alpine:3.18.4
- imagePullPolicy: IfNotPresent
- env:
- - name: NTFY_AUTH
- valueFrom:
- secretKeyRef:
- name: duplicati
- key: NTFY_AUTH
- command:
- - /bin/sh
- - -c
- - (tree /plex > /plex/tree.txt && tree /media2 > /media2/tree.txt) || curl -u $NTFY_AUTH -d 'error generating media tree' https://ntfy.jibby.org/media-tree
- volumeMounts:
- - mountPath: "/plex"
- name: plex
- - mountPath: "/media2"
- name: media2
- volumes:
- - name: plex
- persistentVolumeClaim:
- claimName: plex-pvc
- - name: media2
- persistentVolumeClaim:
- claimName: media2-pvc
- restartPolicy: OnFailure
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: duplicati
- namespace: plex
- annotations:
- traefik.ingress.kubernetes.io/router.entrypoints: websecure
- traefik.ingress.kubernetes.io/router.middlewares: kube-system-lanonly@kubernetescrd
- spec:
- rules:
- - host: duplicati.lan.jibby.org
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: duplicati-service
- port:
- number: 8200
- ---
- apiVersion: external-secrets.io/v1
- kind: ExternalSecret
- metadata:
- name: duplicati
- namespace: plex
- spec:
- target:
- name: duplicati
- deletionPolicy: Delete
- template:
- type: Opaque
- data:
- DUPLICATI__WEBSERVICE_PASSWORD: |-
- {{ .password }}
- NTFY_AUTH: |-
- {{ .ntfyuser }}:{{ .ntfypass }}
- data:
- - secretKey: password
- sourceRef:
- storeRef:
- name: bitwarden-login
- kind: ClusterSecretStore
- remoteRef:
- key: 15ef8c69-b0ed-4ca0-8871-b33b003c29de
- property: password
- - secretKey: ntfyuser
- sourceRef:
- storeRef:
- name: bitwarden-login
- kind: ClusterSecretStore
- remoteRef:
- key: 674fbf3d-531a-4ca6-afec-b1d7012d1a8a
- property: username
- - secretKey: ntfypass
- sourceRef:
- storeRef:
- name: bitwarden-login
- kind: ClusterSecretStore
- remoteRef:
- key: 674fbf3d-531a-4ca6-afec-b1d7012d1a8a
- property: password
|
