Erich Blume
735b643429
## Summary - Deploy miniflux in k8s via ArgoCD - Expose via Tailscale Ingress at feed.tail8d86e.ts.net - Retire brew PostgreSQL (no longer needed) - Rename k8s-pg to pg (canonical hostname) - Remove ansible miniflux and postgresql roles - Update borgmatic to backup pg.tail8d86e.ts.net - Update all zk documentation ## Deployment and Testing - [x] Miniflux pod running in k8s - [x] User login works at https://feed.tail8d86e.ts.net - [x] Feeds and entries visible - [x] brew miniflux and postgresql stopped - [x] Tailscale services migrated (feed, pg) - [x] zk documentation updated - [x] Run ansible to apply role removals - [ ] Verify borgmatic backup with new pg hostname 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.tail8d86e.ts.net/eblume/blumeops/pulls/33
52 lines
1.6 KiB
YAML
52 lines
1.6 KiB
YAML
---
|
|
borgmatic_config: /Users/erichblume/.config/borgmatic/config.yaml
|
|
borgmatic_config_dir: /Users/erichblume/.config/borgmatic
|
|
borgmatic_log_dir: /Users/erichblume/Library/Logs
|
|
|
|
# Full path to borg binary since LaunchAgent doesn't have homebrew in PATH
|
|
borgmatic_local_path: /opt/homebrew/bin/borg
|
|
|
|
# Schedule: runs daily at 2:00 AM
|
|
borgmatic_schedule_hour: 2
|
|
borgmatic_schedule_minute: 0
|
|
|
|
# Source directories to back up
|
|
borgmatic_source_directories:
|
|
- /Users/erichblume/code/personal/zk
|
|
- /opt/homebrew/var/forgejo
|
|
- /Users/erichblume/.config/borgmatic
|
|
- /Users/erichblume/Documents
|
|
- /Users/erichblume/Pictures
|
|
- /Users/erichblume/devpi
|
|
- /opt/homebrew/var/loki
|
|
|
|
# Backup repository
|
|
borgmatic_repositories:
|
|
- path: /Volumes/backups/borg/
|
|
label: sifaka-borg-backups
|
|
encryption: repokey
|
|
append_only: true
|
|
|
|
# Exclude patterns
|
|
borgmatic_exclude_patterns:
|
|
# Exclude mirrored PyPI cache (only backup private packages)
|
|
- /Users/erichblume/devpi/+files/root/pypi
|
|
|
|
# Encryption passcommand (reads borg passphrase)
|
|
borgmatic_encryption_passcommand: cat /Users/erichblume/.borg/config.yaml
|
|
|
|
# Retention policy
|
|
borgmatic_keep_daily: 7
|
|
borgmatic_keep_monthly: 12
|
|
borgmatic_keep_yearly: 1000
|
|
|
|
# PostgreSQL databases to backup (streamed via pg_dump)
|
|
# Password is read from ~/.pgpass (managed by this role)
|
|
# pg_dump_command must be full path since LaunchAgent doesn't have homebrew in PATH
|
|
borgmatic_pg_dump_command: /opt/homebrew/opt/postgresql@18/bin/pg_dump
|
|
borgmatic_postgresql_databases:
|
|
# k8s PostgreSQL (CloudNativePG)
|
|
- name: miniflux
|
|
hostname: pg.tail8d86e.ts.net
|
|
port: 5432
|
|
username: borgmatic
|