K3S/addons/velero/role/tasks/main.yml

---
- name: Add vmware-tanzu Helm repo
  kubernetes.core.helm_repository:
    name: vmware-tanzu
    repo_url: "{{ velero_chart_repo }}"
  environment:
    KUBECONFIG: "{{ k3s_kubeconfig_path }}"

- name: Create velero bucket in MinIO
  kubernetes.core.k8s:
    state: present
    definition:
      apiVersion: batch/v1
      kind: Job
      metadata:
        name: velero-bucket-init
        namespace: "{{ velero_namespace }}"
      spec:
        ttlSecondsAfterFinished: 300
        template:
          spec:
            restartPolicy: OnFailure
            containers:
              - name: mc
                image: "{{ velero_mc_image }}"
                command:
                  - /bin/sh
                  - -c
                  - |
                    mc alias set backend "{{ velero_s3_url }}" "$KEY" "$SECRET" &&
                    mc mb --ignore-existing "backend/{{ velero_s3_bucket }}"
                env:
                  - name: KEY
                    value: "{{ velero_s3_access_key }}"
                  - name: SECRET
                    value: "{{ velero_s3_secret_key }}"
  environment:
    KUBECONFIG: "{{ k3s_kubeconfig_path }}"

- name: Deploy Velero via Helm
  kubernetes.core.helm:
    name: velero
    chart_ref: vmware-tanzu/velero
    chart_version: "{{ velero_version }}"
    release_namespace: "{{ velero_namespace }}"
    create_namespace: true
    wait: true
    timeout: "10m0s"
    values:
      initContainers:
        - name: velero-plugin-for-aws
          image: "velero/velero-plugin-for-aws:{{ velero_aws_plugin_version }}"
          imagePullPolicy: IfNotPresent
          volumeMounts:
            - mountPath: /target
              name: plugins
      credentials:
        useSecret: true
        secretContents:
          cloud: |
            [default]
            aws_access_key_id={{ velero_s3_access_key }}
            aws_secret_access_key={{ velero_s3_secret_key }}
      configuration:
        backupStorageLocation:
          - name: default
            provider: aws
            bucket: "{{ velero_s3_bucket }}"
            default: true
            config:
              region: "{{ velero_s3_region }}"
              s3ForcePathStyle: "{{ velero_s3_force_path_style | string }}"
              s3Url: "{{ velero_s3_url }}"
              publicUrl: "{{ velero_s3_public_url }}"
        volumeSnapshotLocation:
          - name: default
            provider: aws
            config:
              region: "{{ velero_s3_region }}"
      resources: "{{ velero_resources }}"
  environment:
    KUBECONFIG: "{{ k3s_kubeconfig_path }}"

- name: Create daily backup schedule
  kubernetes.core.k8s:
    state: present
    definition:
      apiVersion: velero.io/v1
      kind: Schedule
      metadata:
        name: "{{ velero_schedule_name }}"
        namespace: "{{ velero_namespace }}"
      spec:
        schedule: "{{ velero_schedule_cron }}"
        template:
          ttl: "{{ velero_schedule_ttl }}"
          storageLocation: default
  environment:
    KUBECONFIG: "{{ k3s_kubeconfig_path }}"
  when: velero_schedule_enabled | bool

- name: Show Velero access info
  ansible.builtin.debug:
    msg:
      - "══════════════════════════════════════════════"
      - " Velero установлен"
      - "══════════════════════════════════════════════"
      - " Namespace:  {{ velero_namespace }}"
      - " S3 endpoint:{{ velero_s3_url }}"
      - " S3 bucket:  {{ velero_s3_bucket }}"
      - "{% if velero_schedule_enabled %} Расписание: {{ velero_schedule_cron }} (TTL: {{ velero_schedule_ttl }}){% endif %}"
      - "──────────────────────────────────────────────"
      - " Ручной backup:   velero backup create my-backup --wait"
      - " Список backups:  velero backup get"
      - " Восстановление:  velero restore create --from-backup my-backup"
      - "══════════════════════════════════════════════"