From 7f41e57435ac9fda807c312a8406122803783664 Mon Sep 17 00:00:00 2001
From: William P <me@williamtpeebles.com>
Date: Wed, 26 Feb 2025 23:22:26 -0500
Subject: [PATCH] fix velero

---
 system-apps/velero/values.yaml | 74 ++++++++++++++++------------------
 1 file changed, 34 insertions(+), 40 deletions(-)

diff --git a/system-apps/velero/values.yaml b/system-apps/velero/values.yaml
index 38aa3cd..b44d000 100644
--- a/system-apps/velero/values.yaml
+++ b/system-apps/velero/values.yaml
@@ -107,12 +107,12 @@ dnsPolicy: ClusterFirst
 # Init containers to add to the Velero deployment's pod spec. At least one plugin provider image is required.
 # If the value is a string then it is evaluated as a template.
 initContainers:
-  # - name: velero-plugin-for-aws
-  #   image: velero/velero-plugin-for-aws:v1.10.0
-  #   imagePullPolicy: IfNotPresent
-  #   volumeMounts:
-  #     - mountPath: /target
-  #       name: plugins
+  - name: velero-plugin-for-aws
+    image: velero/velero-plugin-for-aws:v1.10.0
+    imagePullPolicy: IfNotPresent
+    volumeMounts:
+      - mountPath: /target
+        name: plugins
 
 # SecurityContext to use for the Velero deployment. Optional.
 # Set fsGroup for `AWS IAM Roles for Service Accounts`
@@ -181,7 +181,25 @@ extraVolumes: []
 extraVolumeMounts: []
 
 # Extra K8s manifests to deploy
-extraObjects: []
+extraObjects:
+  - apiVersion: external-secrets.io/v1beta1
+    kind: ExternalSecret
+    metadata:
+      name: minio-credentials
+      namespace: velero
+    spec:
+      refreshInterval: 1h
+      secretStoreRef:
+        name: weyma-vault
+        kind: ClusterSecretStore
+      target:
+        name: minio-credentials
+        creationPolicy: Owner
+      data:
+      - secretKey: credentials
+        remoteRef:
+          key: velero
+          property: credentials
   # - apiVersion: secrets-store.csi.x-k8s.io/v1
   #   kind: SecretProviderClass
   #   metadata:
@@ -318,11 +336,11 @@ configuration:
   backupStorageLocation:
     # name is the name of the backup storage location where backups should be stored. If a name is not provided,
     # a backup storage location will be created with the name "default". Optional.
-  - name:
+  - name: weyma-truenas
     # provider is the name for the backup storage location provider.
-    provider:
+    provider: velero.io/aws
     # bucket is the name of the bucket to store backups in. Required.
-    bucket:
+    bucket: weyma-talos-velero
     # caCert defines a base64 encoded CA bundle to use when verifying TLS connections to the provider. Optional.
     caCert:
     # prefix is the directory under which all Velero data should be stored within the bucket. Optional.
@@ -336,12 +354,15 @@ configuration:
     accessMode: ReadWrite
     credential:
       # name of the secret used by this backupStorageLocation.
-      name:
+      name: minio-credentials
       # name of key that contains the secret data to be used.
-      key:
+      key: credentials
     # Additional provider-specific configuration. See link above
     # for details of required/optional fields for your provider.
-    config: {}
+    config:
+      region: us-east-1
+      s3Url: 10.69.42.20:9000
+      insecureSkipTLSVerify: true
     #  region:
     #  s3ForcePathStyle:
     #  s3Url:
@@ -361,33 +382,6 @@ configuration:
     # annotations allows adding arbitrary annotations to this BackupStorageLocation resource. Optional.
     annotations: {}
 
-  # Parameters for the VolumeSnapshotLocation(s). Configure multiple by adding other element(s) to the volumeSnapshotLocation slice.
-  # See https://velero.io/docs/v1.6/api-types/volumesnapshotlocation/
-  volumeSnapshotLocation:
-    # name is the name of the volume snapshot location where snapshots are being taken. Required.
-  - name:
-    # provider is the name for the volume snapshot provider.
-    provider:
-    credential:
-      # name of the secret used by this volumeSnapshotLocation.
-      name:
-      # name of key that contains the secret data to be used.
-      key:
-    # Additional provider-specific configuration. See link above
-    # for details of required/optional fields for your provider.
-    config: {}
-  #    region:
-  #    apiTimeout:
-  #    resourceGroup:
-  #    The ID of the subscription where volume snapshots should be stored, if different from the cluster’s subscription. If specified, also requires `configuration.volumeSnapshotLocation.config.resourceGroup`to be set. (Azure only)
-  #    subscriptionId:
-  #    incremental:
-  #    snapshotLocation:
-  #    project:
-
-    # annotations allows adding arbitrary annotations to this VolumeSnapshotLocation resource. Optional.
-    annotations: {}
-
   # These are server-level settings passed as CLI flags to the `velero server` command. Velero
   # uses default values if they're not passed in, so they only need to be explicitly specified
   # here if using a non-default value. The `velero server` default values are shown in the