From 3fd74309f2d5a78ae3ccb71e2236fdc4b0728cf2 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Tue, 3 Mar 2026 11:08:05 +0700 Subject: [PATCH 1/2] Move backups to garage --- Pulumi.prod.yaml | 4 ++-- host.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Pulumi.prod.yaml b/Pulumi.prod.yaml index 96901ca..ecb4544 100644 --- a/Pulumi.prod.yaml +++ b/Pulumi.prod.yaml @@ -18,9 +18,9 @@ config: infra-happyDomain:postgres_password: secure: AAABAB/ISsauXbqLKv4BkjAI/9RdUZkIAuTxlDIepxH9qYQD00KvOTbCLVHbPEq17P6P5mZS/75XIvk6UHgb infra-happyDomain:restic_aws_access_key_id: - secure: AAABAI89qmSeNjBH6OpF/Ym9eEDEG4Y1JbLC6uRwHMk+IllpgTVxOuBO/NG9JA3RgHgFsw== + secure: AAABAG/raKlyTXrxLC6+gg2kpj4vRaXycD+H7Gkuhfpx690R9dCUOzvOTs9vFEcI20oxJpURLzBnwg== infra-happyDomain:restic_aws_secret_access_key: - secure: AAABAM39hDfydSv0IZVLZf1fSwIJJAD94ve2wsELAJYxdtn2Pe7C5TXplaAAR8qH/56wS23n24BJGQcLgjv+Hy+vwUoIu+zs + secure: AAABAMgiejCeRH3kMr+sWh/rWVAg7fQmExtz3eu/vBNEisytxQl7JZ5NXTsM/pQohBIl1wlxVAqRxBoh25Ne7iOs4eE+uJydf6k47rHWW/t0SCSbtxuVV5PwwpertzsG infra-happyDomain:restic_password: secure: AAABADIJzvbIRfqwrfVyNgjJKVW1uBH8Bhld1dKYJyMXVRPXTcenUPJ/oA9dPDqGlur0J1UdnKpaUPjIU8xf oci:fingerprint: diff --git a/host.go b/host.go index fdc3265..067ee2b 100644 --- a/host.go +++ b/host.go @@ -131,8 +131,8 @@ func setupHostMain(ctx *pulumi.Context, ocicfg *config.Config, compartment *iden "LISTMONK_S3_HOST": storens, "LISTMONK_S3_REGION": pulumi.String(ocicfg.Require("region")), "POSTGRES_PASSWORD": cfg.RequireSecret("postgres_password"), - "RESTIC_REPOSITORY": pulumi.String("s3:storage.nemunai.re/zbackup-happydomain"), - "RESTIC_REPOSITORY_POSTGRES": pulumi.String("s3:storage.nemunai.re/zbackup-postgres-happydomain"), + "RESTIC_REPOSITORY": pulumi.String("s3:blob.nemunai.re/zbackup-happydomain"), + "RESTIC_REPOSITORY_POSTGRES": pulumi.String("s3:blob.nemunai.re/zbackup-postgres-happydomain"), "RESTIC_PASSWORD": cfg.RequireSecret("restic_password"), "RESTIC_AWS_ACCESS_KEY_ID": cfg.RequireSecret("restic_aws_access_key_id"), "RESTIC_AWS_SECRET_ACCESS_KEY": cfg.RequireSecret("restic_aws_secret_access_key"), From 40c8c044cb23b05b3e653cb1d145ef4c2c397e82 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Tue, 3 Mar 2026 11:08:11 +0700 Subject: [PATCH 2/2] caddy: Save caddy state between upgrade --- cloud-init.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-init.yaml b/cloud-init.yaml index 7911e87..b693200 100644 --- a/cloud-init.yaml +++ b/cloud-init.yaml @@ -394,7 +394,7 @@ runcmd: - docker run -d --restart unless-stopped --network local --shm-size=512MB -v /var/backups/postgres/:/var/backups/postgres/ -v /etc/pgsql-init/:/docker-entrypoint-initdb.d/ -v /var/lib/postgres/data:/var/lib/postgresql/data -e POSTGRES_PASSWORD=$(cloud-init query ds.metadata.POSTGRES_PASSWORD) -e POSTGRES_MULTIPLE_DATABASES="fider,listmonk" -e POSTGRES_PASSWORD_fider -e POSTGRES_PASSWORD_listmonk --log-driver syslog --log-opt "syslog-address=unixgram:///dev/log" --log-opt syslog-facility=daemon --log-opt tag=postgres --name postgres --pull always --name postgres postgres:alpine # Launch web server - - docker run -d --restart unless-stopped --network local -v /etc/caddy:/etc/caddy -v /srv/:/srv/ -p 80:80 -p 443:443 --log-driver syslog --log-opt "syslog-address=unixgram:///dev/log" --log-opt syslog-facility=daemon --log-opt tag=caddy --name caddy caddy:latest + - docker run -d --restart unless-stopped --network local -v /etc/caddy:/etc/caddy -v /srv/:/srv/ -v /var/lib/caddy/:/data/caddy -p 80:80 -p 443:443 --log-driver syslog --log-opt "syslog-address=unixgram:///dev/log" --log-opt syslog-facility=daemon --log-opt tag=caddy --name caddy caddy:latest # Launch container - /root/launch_container_app.sh