paperless

2025-08-25 19:08:29 +02:00
parent d5fa6b405c
commit f7e2cc0578
7 changed files with 39 additions and 218 deletions
--- a/paperless/.DS_Store
+++ b/paperless/.DS_Store
--- a/paperless/backupSchedule.yaml
+++ b/paperless/backupSchedule.yaml
@@ -1,140 +1,90 @@
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-csi-hourly
+  name: paperless-csi-hourly
  namespace: velero
-  labels:
-    velero.io/storage-location: ceph-bucket
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 15-22 * * * # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "0 15-22 * * *"
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: ["paperless"]
+    ttl: 8h
+    snapshotVolumes: true
    defaultVolumesToFsBackup: false
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: ceph-bucket
-    ttl: 8h0m0s
+    csiSnapshotTimeout: 10m
 ---
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-csi-daily
+  name: paperless-csi-daily
  namespace: velero
-  labels:
-    velero.io/storage-location: ceph-bucket
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 0 * * * # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "0 0 * * *"
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: ["paperless"]
+    ttl: 168h
+    snapshotVolumes: true
    defaultVolumesToFsBackup: false
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: ceph-bucket
-    ttl: 168h0m0s
+    csiSnapshotTimeout: 10m
 ---
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-csi-weekly
+  name: paperless-csi-weekly
  namespace: velero
-  labels:
-    velero.io/storage-location: ceph-bucket
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 0 * * 1 # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "0 0 * * 1"
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: ["paperless"]
+    ttl: 730h
+    snapshotVolumes: true
    defaultVolumesToFsBackup: false
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: ceph-bucket
-    ttl: 730h0m0s
+    csiSnapshotTimeout: 10m
 ---
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-restic-daily
+  name: paperless-daily
  namespace: velero
-  labels:
-    velero.io/storage-location: aux-balancer-minio
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 0 * * * # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "30 2 * * *"            # tous les jours 02:30
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: [paperless]
+    storageLocation: default
+    ttl: 336h                       # ~14 jours
    snapshotVolumes: false
    defaultVolumesToFsBackup: true
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: aux-balancer-minio
-    ttl: 168h0m0s
+
 ---
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-restic-weekly
+  name: paperless-weekly
  namespace: velero
-  labels:
-    velero.io/storage-location: aux-balancer-minio
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 0 * * 1 # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "0 3 * * 0"             # chaque dimanche 03:00
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: [paperless]
+    storageLocation: default
+    ttl: 1344h                      # ~8 semaines
    snapshotVolumes: false
    defaultVolumesToFsBackup: true
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: aux-balancer-minio
-    ttl: 730h0m0s
 ---
 apiVersion: velero.io/v1
 kind: Schedule
 metadata:
-  name: paperless-backup-restic-monthly
+  name: paperless-monthly
  namespace: velero
-  labels:
-    velero.io/storage-location: aux-balancer-minio
 spec:
-  # Schedule is a Cron expression defining when to run the Backup
-  schedule: 0 0 1 * * # every hour
-  # Specifies whether to use OwnerReferences on backups created by this Schedule. 
-  # Notice: if set to true, when schedule is deleted, backups will be deleted too. Optional.
+  schedule: "0 4 1 * *"          # 1er du mois 04:00
  useOwnerReferencesInBackup: true
  template:
-    csiSnapshotTimeout: 10m0s
+    includedNamespaces: [paperless]
+    storageLocation: default
+    ttl: 8760h                   # ~12 mois
    snapshotVolumes: false
    defaultVolumesToFsBackup: true
-    hooks: {}
-    includedNamespaces:
-    - paperless
-    metadata: {}
-    storageLocation: aux-balancer-minio
-    ttl: 4380h0m0s
--- a/paperless/db.yaml
+++ b/paperless/db.yaml
@@ -1,32 +1,3 @@
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: paperless-db
-# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
-provisioner: rook-ceph.cephfs.csi.ceph.com
-parameters:
-  # clusterID is the namespace where the rook cluster is running
-  # If you change this namespace, also change the namespace below where the secret namespaces are defined
-  clusterID: rook-ceph
-
-  # CephFS filesystem name into which the volume shall be created
-  fsName: paperless
-
-  # Ceph pool into which the volume shall be created
-  # Required for provisionVolume: "true"
-  pool: paperless-replicated
-
-  # The secrets contain Ceph admin credentials. These are generated automatically by the operator
-  # in the same namespace as the cluster.
-  csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
-  csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
-  csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
-  csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
-
-reclaimPolicy: Delete
---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -38,7 +9,7 @@ spec:
  resources:
    requests:
      storage: 8Gi
-  storageClassName: paperless-db
+  storageClassName: cephfs-hyper
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -131,35 +102,6 @@ spec:
  sessionAffinity: None
  type: ClusterIP
 ---
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: paperless-db-backup
-# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
-provisioner: rook-ceph.cephfs.csi.ceph.com
-parameters:
-  # clusterID is the namespace where the rook cluster is running
-  # If you change this namespace, also change the namespace below where the secret namespaces are defined
-  clusterID: rook-ceph
-
-  # CephFS filesystem name into which the volume shall be created
-  fsName: paperless
-
-  # Ceph pool into which the volume shall be created
-  # Required for provisionVolume: "true"
-  pool: paperless-replicated
-
-  # The secrets contain Ceph admin credentials. These are generated automatically by the operator
-  # in the same namespace as the cluster.
-  csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
-  csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
-  csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
-  csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
-
-reclaimPolicy: Delete
---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -171,7 +113,7 @@ spec:
  resources:
    requests:
      storage: 4Gi
-  storageClassName: paperless-db-backup
+  storageClassName: cephfs-hyper
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/paperless/filesystem.yaml
+++ b/paperless/filesystem.yaml
@@ -1,42 +0,0 @@
-apiVersion: ceph.rook.io/v1
-kind: CephFilesystem
-metadata:
-  name: paperless
-  namespace: rook-ceph
-spec:
-  metadataPool:
-    failureDomain: host
-    replicated:
-      size: 3
-  dataPools:
-    - name: replicated
-      failureDomain: host
-      replicated:
-        size: 3
-  preserveFilesystemOnDelete: false
-  metadataServer:
-    activeCount: 1
-    activeStandby: true
-    placement:
-    #  nodeAffinity:
-    #    requiredDuringSchedulingIgnoredDuringExecution:
-    #      nodeSelectorTerms:
-    #      - matchExpressions:
-    #        - key: role
-    #          operator: In
-    #          values:
-    #          - mds-node
-      tolerations:
-      - key: node-role.kubernetes.io/storage-node
-        operator: Exists
-        effect: NoSchedule
-    #  podAffinity:
-    #  podAntiAffinity:
-    #  topologySpreadConstraints:
-    #resources:
-    #  limits:
-    #    cpu: "80m"
-    #    memory: "1024Mi"
-    #  requests:
-    #    cpu: "500m"
-    #    memory: "1024Mi"
--- a/paperless/ingress.yaml
+++ b/paperless/ingress.yaml
@@ -10,10 +10,10 @@ metadata:
 spec:
  tls:
  - hosts:
-    - paperless.undercloud.cf
+    - paperless.apps.undercloud.dev
    secretName: paperless-tls
  rules:
-  - host: paperless.undercloud.cf
+  - host: paperless.apps.undercloud.dev
    http:
      paths:
      - path: /
--- a/paperless/paperless.yaml
+++ b/paperless/paperless.yaml
@@ -1,32 +1,3 @@
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: paperless
-# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
-provisioner: rook-ceph.cephfs.csi.ceph.com
-parameters:
-  # clusterID is the namespace where the rook cluster is running
-  # If you change this namespace, also change the namespace below where the secret namespaces are defined
-  clusterID: rook-ceph
-
-  # CephFS filesystem name into which the volume shall be created
-  fsName: paperless
-
-  # Ceph pool into which the volume shall be created
-  # Required for provisionVolume: "true"
-  pool: paperless-replicated
-
-  # The secrets contain Ceph admin credentials. These are generated automatically by the operator
-  # in the same namespace as the cluster.
-  csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
-  csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
-  csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
-  csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
-  csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
-
-reclaimPolicy: Delete
---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -38,7 +9,7 @@ spec:
  resources:
    requests:
      storage: 8Gi
-  storageClassName: paperless
+  storageClassName: cephfs-hyper
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/vaultwarden/.DS_Store
+++ b/vaultwarden/.DS_Store