The helper wrote its staging copy to /tmp, but minimal nix images (mealie)
have no /tmp, so the dump failed 'unable to open database file'. Write it
next to the source DB instead (always on a writable volume); works for any
image, shower included.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The borgmatic k8s-sqlite-dump helper runs python3 (stdlib sqlite3 .backup)
inside the pod, but the minimal Nix mealie image had no python3 on PATH, so
the mealie SQLite backup produced a 0-byte file. Add pkgs.python3 (same
nixpkgs build mealie uses, so negligible closure growth), matching shower.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The .pgpass is a hardcoded port list, not derived from the database list,
so repointing teslamate/paperless to :5434 left them without credentials
(pg_dump would fail 'no password supplied'). Add the 5434 entry.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The wave-1 cutover moved paperless + teslamate (postgres) and mealie (SQLite)
to ringtail, but borgmatic and the Grafana TeslaMate datasource still pointed
at the minikube-hosted copies — so the migrated live data was unbacked and
the dashboards would break when the minikube DBs are dropped.
- Add a Tailscale Service (blumeops-pg-ringtail) + Caddy L4 route
pg.ops.eblu.me:5434 for the ringtail blumeops-pg cluster.
- Repoint borgmatic teslamate + paperless postgres dumps to :5434 and the
mealie SQLite dump to the ringtail kubectl target (ssh:eblume@ringtail).
- Repoint the Grafana TeslaMate datasource to pg.ops.eblu.me:5434.
Closes the post-cutover backup gap and unblocks the wave-1 decommission.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
