diff options
Diffstat (limited to 'cluster/prod/app/backup/deploy/backup-garage.hcl')
| -rw-r--r-- | cluster/prod/app/backup/deploy/backup-garage.hcl | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/cluster/prod/app/backup/deploy/backup-garage.hcl b/cluster/prod/app/backup/deploy/backup-garage.hcl new file mode 100644 index 0000000..f9d64d1 --- /dev/null +++ b/cluster/prod/app/backup/deploy/backup-garage.hcl @@ -0,0 +1,72 @@ +job "backup-garage" { + datacenters = ["neptune", "bespin"] + type = "batch" + + priority = "60" + + periodic { + cron = "@daily" + // Do not allow overlapping runs. + prohibit_overlap = true + } + + group "backup-garage" { + task "main" { + driver = "docker" + + config { + image = "lxpz/backup_garage:9" + network_mode = "host" + volumes = [ + "secrets/rclone.conf:/etc/secrets/rclone.conf" + ] + } + + template { + data = <<EOH +GARAGE_ADMIN_TOKEN={{ key "secrets/garage/admin_token" }} +GARAGE_ADMIN_API_URL=http://localhost:3903 +GARAGE_ACCESS_KEY={{ key "secrets/backup/garage/s3_access_key_id" }} +TARGET_BACKUP_DIR={{ key "secrets/backup/garage/target_sftp_directory" }} +EOH + destination = "secrets/env_vars" + env = true + } + + template { + data = <<EOH +[garage] +type = s3 +provider = Other +env_auth = false +access_key_id = {{ key "secrets/backup/garage/s3_access_key_id" }} +secret_access_key = {{ key "secrets/backup/garage/s3_secret_access_key" }} +endpoint = http://localhost:3900 +region = garage + +[backup] +type = sftp +host = {{ key "secrets/backup/garage/target_sftp_host" }} +user = {{ key "secrets/backup/garage/target_sftp_user" }} +port = {{ key "secrets/backup/garage/target_sftp_port" }} +key_pem = {{ key "secrets/backup/garage/target_sftp_key_pem" | replaceAll "\n" "\\n" }} +shell_type = unix +EOH + destination = "secrets/rclone.conf" + } + + resources { + cpu = 500 + memory = 200 + memory_max = 4000 + } + + restart { + attempts = 2 + interval = "30m" + delay = "15s" + mode = "fail" + } + } + } +} |