eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/ansible/roles
History
Erich Blume dc69b8c68b C1: fix borgmatic shower SQLite dump (ssh to ringtail) (#357) 
## Summary

Nightly borgmatic backups have been failing for 2 days. Root cause: the
shower SQLite dump `before_backup` hook (added in PR #349) referenced
`kubectl --context=k3s-ringtail`, but indri's kubeconfig deliberately
doesn't carry the ringtail credentials. The hook's failure aborted the
entire run, taking out *both* the local sifaka repo and the BorgBase
offsite. Verified the last good archive was `indri-2026-05-11T02:00`.

## Approach

ssh into ringtail and run `k3s kubectl` there — no indri-side
kubeconfig needed. `/etc/rancher/k3s/k3s.yaml` is mode 644 so no sudo
required, and the existing ssh access from indri to ringtail works.

Inline-shell quoting got hairy fast (fish on ringtail rejected `POD=...`
bash syntax; the nix shower image lacks `tar` so `kubectl cp` fails).
Pulled the dump logic into `~/bin/borgmatic-k8s-sqlite-dump`, deployed
by the ansible role. Each dump entry now declares a `target`:

- `local:<context>` — local kubectl with explicit context (mealie)
- `ssh:<user@host>` — ssh + `k3s kubectl` on the cluster host (shower)

Bytes come back via `kubectl exec ... -- cat` instead of `kubectl cp`
since `cp` needs `tar` in the pod (nix-built containers don't bundle it).

## Test plan

- [x] `mise run provision-indri -- --tags borgmatic --check --diff` shows expected diff
- [x] Apply, helper script deployed at `~/bin/borgmatic-k8s-sqlite-dump`
- [x] Helper invoked directly with `ssh:eblume@ringtail` produces a valid 288 KB SQLite file
- [x] Full `borgmatic create` completes without errors — both mealie.db (1.7 MB) and shower.db (288 KB) appear in `~/.local/share/borgmatic/k8s-dumps/`, archive `indri-2026-05-13T17:31:02` written to sifaka borg repo

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: #357
2026-05-13 18:55:50 -07:00
..
alloy Add Forgejo metrics + upstream latency histogram to Fly proxy dashboard 2026-04-17 15:05:59 -07:00
borgmatic C1: fix borgmatic shower SQLite dump (ssh to ringtail) (#357) 2026-05-13 18:55:50 -07:00
borgmatic_metrics Add offsite backup for immich photo library to BorgBase (#315) 2026-03-27 19:43:05 -07:00
caddy C1: deploy adelaide-baby-shower-app to ringtail k3s (#349) 2026-05-11 13:47:18 -07:00
cv C1: deploy adelaide-baby-shower-app to ringtail k3s (#349) 2026-05-11 13:47:18 -07:00
devpi Migrate devpi from minikube to indri (launchd) (#341) 2026-04-29 13:38:36 -07:00
docs C1: migrate cv + docs from minikube to indri-native (#342) 2026-04-29 14:55:11 -07:00
forgejo Add Forgejo metrics + upstream latency histogram to Fly proxy dashboard 2026-04-17 15:05:59 -07:00
forgejo_actions_secrets Expose Forgejo publicly at forge.eblu.me (#278) 2026-03-03 08:40:41 -08:00
forgejo_metrics Add Forgejo repository health metrics and Grafana dashboard (#245) 2026-02-22 11:16:03 -08:00
jellyfin Add SSO login button to Jellyfin login page 2026-02-21 20:08:57 -08:00
jellyfin_metrics Migrate Ansible op calls to op read URI syntax (#125) 2026-02-08 10:52:43 -08:00
minikube Add storage-provisioner health check to minikube Ansible role 2026-04-04 12:04:25 -07:00
minikube_metrics
sifaka_exporters Operations and observability for sifaka NAS (#135) 2026-02-09 17:44:05 -08:00
zot Bump zot registry to v2.1.15 (#293) 2026-03-14 10:00:40 -07:00
zot_metrics