diff --git a/charts/caduser/v0.1.0/questions.yaml b/charts/caduser/v0.1.0/questions.yaml index d38d2ac..cb3035a 100644 --- a/charts/caduser/v0.1.0/questions.yaml +++ b/charts/caduser/v0.1.0/questions.yaml @@ -156,6 +156,76 @@ questions: type: string required: false +# PostgreSQL Backup (Barman Cloud) +- variable: postgresql.backup.enabled + default: false + description: "Habilitar backup com Barman Cloud (S3)?" + label: "Backup Habilitado" + type: boolean + group: Banco de Dados - Backup + required: false + show_subquestion_if: true + show_if: "postgresql.enabled=true" + subquestions: + - variable: postgresql.backup.destinationPath + default: "" + description: "Caminho de destino no S3 (ex: s3://bucket-name/path/to/backups)" + label: "Caminho de Destino S3" + type: string + required: true + - variable: postgresql.backup.retentionPolicy + default: "30d" + description: "Política de retenção de backups (ex: 30d para 30 dias)" + label: "Política de Retenção" + type: string + required: false + - variable: postgresql.backup.s3.endpointURL + default: "" + description: "URL do endpoint S3 (ex: https://s3.amazonaws.com ou endpoint MinIO)" + label: "S3 Endpoint URL" + type: string + required: true + - variable: postgresql.backup.s3.region + default: "" + description: "Região AWS (necessário para AWS S3, opcional para MinIO)" + label: "Região AWS" + type: string + required: false + - variable: postgresql.backup.s3.accessKeyId + default: "" + description: "Access Key ID para acesso ao S3" + label: "Access Key ID" + type: string + required: true + - variable: postgresql.backup.s3.secretAccessKey + default: "" + description: "Secret Access Key para acesso ao S3" + label: "Secret Access Key" + type: password + required: true + - variable: postgresql.backup.wal.compression + default: "gzip" + description: "Tipo de compressão para WAL (gzip, bzip2, snappy)" + label: "Compressão WAL" + type: enum + options: + - "gzip" + - "bzip2" + - "snappy" + - "none" + required: false + - variable: postgresql.backup.data.compression + default: "gzip" + description: "Tipo de compressão para dados (gzip, bzip2, snappy)" + label: "Compressão de Dados" + type: enum + options: + - "gzip" + - "bzip2" + - "snappy" + - "none" + required: false + # Memcached - variable: memcached.enabled default: true diff --git a/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml b/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml index 11a0a12..7295f5b 100644 --- a/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml +++ b/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml @@ -31,4 +31,12 @@ spec: superuserSecret: name: {{ .Values.postgresql.superuserSecret }} {{- end }} + +{{- if .Values.postgresql.backup.enabled }} + plugins: + - name: barman-cloud.cloudnative-pg.io + isWALArchiver: true + parameters: + barmanObjectName: {{ .Values.postgresql.clusterName }} +{{- end }} {{- end }} diff --git a/charts/caduser/v0.1.0/templates/postgresql-objectstore.yaml b/charts/caduser/v0.1.0/templates/postgresql-objectstore.yaml new file mode 100644 index 0000000..7aeb2e0 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/postgresql-objectstore.yaml @@ -0,0 +1,31 @@ +{{- if .Values.postgresql.backup.enabled }} +apiVersion: barmancloud.cnpg.io/v1 +kind: ObjectStore +metadata: + name: {{ .Values.postgresql.clusterName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: + configuration: + destinationPath: {{ .Values.postgresql.backup.destinationPath }} + endpointURL: {{ .Values.postgresql.backup.s3.endpointURL }} + s3Credentials: + accessKeyId: + name: {{ .Values.postgresql.backup.s3.secretName }} + key: ACCESS_KEY_ID + secretAccessKey: + name: {{ .Values.postgresql.backup.s3.secretName }} + key: ACCESS_SECRET_KEY +{{- if .Values.postgresql.backup.s3.region }} + s3: + region: {{ .Values.postgresql.backup.s3.region }} +{{- end }} + data: + compression: {{ .Values.postgresql.backup.data.compression }} + jobs: {{ .Values.postgresql.backup.data.jobs }} + wal: + compression: {{ .Values.postgresql.backup.wal.compression }} + maxParallel: {{ .Values.postgresql.backup.wal.maxParallel }} + retentionPolicy: {{ .Values.postgresql.backup.retentionPolicy | quote }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/postgresql-s3-secret.yaml b/charts/caduser/v0.1.0/templates/postgresql-s3-secret.yaml new file mode 100644 index 0000000..5867a7a --- /dev/null +++ b/charts/caduser/v0.1.0/templates/postgresql-s3-secret.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.postgresql.enabled .Values.postgresql.backup.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.postgresql.backup.s3.secretName }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +type: Opaque +stringData: + ACCESS_KEY_ID: {{ .Values.postgresql.backup.s3.accessKeyId | quote }} + ACCESS_SECRET_KEY: {{ .Values.postgresql.backup.s3.secretAccessKey | quote }} +{{- end }} diff --git a/charts/caduser/v0.1.0/values.yaml b/charts/caduser/v0.1.0/values.yaml index 2423696..443fe53 100644 --- a/charts/caduser/v0.1.0/values.yaml +++ b/charts/caduser/v0.1.0/values.yaml @@ -99,6 +99,36 @@ postgresql: cpu: 1000m memory: 512Mi + # Barman Cloud backup configuration + backup: + enabled: false + # Destination path in S3 bucket (e.g., s3://bucket-name/path/to/backups) + destinationPath: "" + # Retention policy (e.g., "30d" for 30 days) + retentionPolicy: "30d" + + # S3 configuration + s3: + # S3 endpoint URL (e.g., https://s3.amazonaws.com or MinIO endpoint) + endpointURL: "" + # AWS region (optional, required for AWS S3) + region: "" + # Secret name containing S3 credentials (ACCESS_KEY_ID and ACCESS_SECRET_KEY keys) + secretName: caduser-pg-s3-credentials + # S3 access credentials (used to create the secret) + accessKeyId: "" + secretAccessKey: "" + + # WAL archiving configuration + wal: + compression: gzip + maxParallel: 2 + + # Data backup configuration + data: + compression: gzip + jobs: 2 + memcached: enabled: true image: