diff --git a/k8s-supplements/ansible/roles/netbox-backup/meta/main.yaml b/k8s-supplements/ansible/roles/netbox-backup/meta/main.yaml new file mode 100644 index 0000000000000000000000000000000000000000..2a47de6f17908deb876e312eeef323636afc8c03 --- /dev/null +++ b/k8s-supplements/ansible/roles/netbox-backup/meta/main.yaml @@ -0,0 +1,5 @@ +--- +galaxy_info: + license: Apache-2.0 + authors: Tarook Authors +... diff --git a/k8s-supplements/ansible/roles/netbox-backup/tasks/main.yaml b/k8s-supplements/ansible/roles/netbox-backup/tasks/main.yaml new file mode 100644 index 0000000000000000000000000000000000000000..17c8fd3a28bbbdebe0270475047bdf50dead24cf --- /dev/null +++ b/k8s-supplements/ansible/roles/netbox-backup/tasks/main.yaml @@ -0,0 +1,27 @@ +--- +- name: Create namespace for Netbox backup + when: yk8s_k8s_service_layer_netbox_backup_enabled + kubernetes.core.k8s: + apply: true + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ netbox_backup_helm_release_namespace }}" + validate: + fail_on_error: true + strict: true + register: k8s_apply + until: k8s_apply is not failed + retries: "{{ error_retries }}" + delay: "{{ error_delay }}" + +- name: "{{ yk8s_k8s_service_layer_netbox_backup_enabled | ternary('I','Uni') }}nstall Netbox backup" + kubernetes.core.helm: + chart_repo_url: "{{ netbox_backup_helm_chart_repo_url }}" + chart_ref: "{{ netbox_backup_helm_chart_ref }}" + release_namespace: "{{ netbox_backup_helm_release_namespace }}" + release_name: "{{ netbox_backup_helm_release_name }}" + release_state: "{{ yk8s_k8s_service_layer_netbox_backup_enabled | ternary('present','absent') }}" + chart_version: "{{ netbox_backup_helm_chart_version }}" + values: "{{ netbox_backup_helm_values }}" diff --git a/nix/yk8s/k8s-supplements/netbox-backup.nix b/nix/yk8s/k8s-supplements/netbox-backup.nix new file mode 100644 index 0000000000000000000000000000000000000000..01519a6cd60a20c2290dc54808b89411fd854165 --- /dev/null +++ b/nix/yk8s/k8s-supplements/netbox-backup.nix @@ -0,0 +1,111 @@ +{ + config, + lib, + yk8s-lib, + ... +}: let + cfg = config.yk8s.k8s-service-layer.netbox-backup; + inherit (lib) mkEnableOption mkOption types; + inherit (yk8s-lib) mkTopSection; + inherit (yk8s-lib.options) mkHelmReleaseOptions; + inherit (yk8s-lib.types) s3BucketName s3BucketNamePrefix; + inherit (yk8s-lib.transform) warnIfZero; +in { + options.yk8s.k8s-service-layer.netbox-backup = mkTopSection { + _docs.preface = '' + Automated Netbox database backups can be configured in this section. + When enabled, it periodically creates a dump of the Netbox Postgres database + and stores it in an S3-compatible object storage bucket. It uses the Helm chart + `netboxbackup `__ + present in the Yaook operator Helm chart repository. + ''; + + enabled = mkEnableOption "Netbox backups"; + + helm = mkHelmReleaseOptions { + descriptionName = "netbox-backup"; + defaultRepoUrl = "https://charts.yaook.cloud/operator/stable/"; + defaultChartRef = "netboxbackup"; + # renovate: datasource=helm depName=netboxbackup registryUrl=https://charts.yaook.cloud/operator/stable/ + defaultChartVersion = "0.20251021.0"; + defaultReleaseNamespace = "yaook-bmc"; + defaultReleaseName = "netbox-backup"; + valuesDocUrl = "https://gitlab.com/yaook/operator/-/blob/devel/yaook/helm_builder/Charts/netboxbackup/values-template.yaml.j2"; + + chartOptions = { + schedule = mkOption { + description = '' + Cron-style schedule for Netbox backups. + ''; + type = types.nonEmptyStr; + default = "0 3 * * *"; + }; + + metrics_port = mkOption { + description = "Metrics port for backup-shifter."; + type = types.port; + default = 9100; + apply = v: warnIfZero "config.yk8s.k8s-service-layer.netbox-backup.metrics_port should not be zero" v; + }; + + targets.s3 = { + bucket = mkOption { + description = "Name of the S3 bucket where Netbox backups are stored."; + type = s3BucketName; + default = "netbox-backup"; + }; + + addressingStyle = mkOption { + description = '' + Addressing style used for the S3 bucket storing Netbox backups. + One of "path", "virtual", or "auto". + ''; + type = types.enum [ "path" "virtual" "auto" ]; + default = "path"; + }; + + credentialRef.name = mkOption { + description = "Kubernetes Secret containing S3 credentials."; + type = types.str; + default = "netbox-backup-s3-credentials"; + }; + + filePrefix = mkOption { + description = "Prefix for backup file names in S3."; + type = s3BucketNamePrefix; + default = "netboxbackup"; + }; + }; + }; + }; + }; + + config.yk8s.k8s-service-layer.netbox-backup.helm.values = { + namespace = cfg.helm.release_namespace; + priorityClassName = "system-cluster-critical"; + serviceMonitor = { + enabled = config.yk8s.kubernetes.monitoring.enabled; + additionalLabels = config.yk8s.k8s-service-layer.prometheus.common_labels; + }; + }; + + config.yk8s._inventory_packages = [ + (yk8s-lib.mkGroupVarsFile { + inherit cfg; + unflat = [ + ["helm" "values"] + ]; + ansible_prefix = "netbox_backup_"; + inventory_path = "all/netbox-backup.yaml"; + transformations = [ + ( + c: + yk8s-lib.removeAttrsByPath c [ + ["helm" "values" "targets" "s3" "endpoint"] + ] + ) + ]; + only_if_enabled = true; + }) + ]; +}