--- # Schedule 2: Daily stateful backup (with volume data) apiVersion: velero.io/v1 kind: Schedule metadata: name: daily-stateful namespace: openshift-adp spec: schedule: "0 03 * * *" # 3 AM daily (after config backup) nameTemplate: "{{ .ScheduleName }}-{{ .Timestamp }}" template: # Only namespaces with persistent data includedNamespaces: - gitea - authentik - calibre - cassandra - n8n - apim - gitea-ci labels: backup-type: stateful schedule: daily retention: short # Exclude ephemeral resources excludedResources: - events - events.events.k8s.io - pipelineruns.tekton.dev - taskruns.tekton.dev - replicasets.apps - pods # Use Kopia for volume backups snapshotVolumes: false defaultVolumesToFsBackup: true # 14 days retention ttl: 336h # Pre-backup hooks for data consistency hooks: resources: # Cassandra: flush memtables to disk before backup - name: cassandra-flush includedNamespaces: - cassandra labelSelector: matchLabels: app.kubernetes.io/name: cassandra pre: - exec: container: cassandra command: - /bin/bash - -c - nodetool flush timeout: 5m onError: Continue # Gitea PostgreSQL: checkpoint before backup - name: gitea-postgres-checkpoint includedNamespaces: - gitea labelSelector: matchLabels: app.kubernetes.io/name: postgresql app.kubernetes.io/instance: gitea pre: - exec: container: postgresql command: - /bin/bash - -c - psql -U postgres -c 'CHECKPOINT;' timeout: 2m onError: Continue # Authentik PostgreSQL: checkpoint before backup - name: authentik-postgres-checkpoint includedNamespaces: - authentik labelSelector: matchLabels: app.kubernetes.io/name: postgresql app.kubernetes.io/instance: authentik pre: - exec: container: postgresql command: - /bin/bash - -c - psql -U postgres -c 'CHECKPOINT;' timeout: 2m onError: Continue