HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22ce5fd6f4e82b4f3bfa9e9d8f465e36786ab590
HetznerTerra/infrastructure/addons/rancher-backup/b2-credentials-externalsecret.yaml
MichaelFisher1997 f2c506b350
All checks were successful
Deploy Cluster / Terraform (push) Successful in 48s
Details
Deploy Cluster / Ansible (push) Successful in 6m5s
Details
refactor: Replace CNPG external DB with rancher-backup operator 
Rancher 2.x uses embedded etcd, not an external PostgreSQL database.
The CATTLE_DB_CATTLE_* env vars are Rancher v1 only and were ignored.

- Remove all CNPG (CloudNativePG) cluster, operator, and related configs
- Remove external DB env vars from Rancher HelmRelease
- Remove rancher-db-password ExternalSecret
- Add rancher-backup operator HelmRelease (v106.0.2+up8.1.0)
- Add B2 credentials ExternalSecret for backup storage
- Add recurring Backup CR (daily at 03:00, 7 day retention)
- Add commented-out Restore CR for rebuild recovery
- Update Flux dependency graph accordingly
2026-03-29 21:53:16 +00:00

26 lines
619 B
YAML
Raw Blame History

apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: rancher-b2-creds
namespace: cattle-resources-system
spec:
refreshInterval: 1h
secretStoreRef:
name: doppler-hetznerterra
kind: ClusterSecretStore
target:
name: rancher-b2-creds
creationPolicy: Owner
template:
type: Opaque
data:
aws_access_key_id: "{{ .B2_ACCOUNT_ID }}"
aws_secret_access_key: "{{ .B2_APPLICATION_KEY }}"
data:
- secretKey: B2_ACCOUNT_ID
remoteRef:
key: B2_ACCOUNT_ID
- secretKey: B2_APPLICATION_KEY
remoteRef:
key: B2_APPLICATION_KEY
Reference in New Issue View Git Blame Copy Permalink