k8up
k8up copied to clipboard
k8up-io
Allow Passing Additional Flags to Restic
Description
QNAP QuObjects is an "s3 compliant" service on QNAP nas machine. It can be configured as using tls, but it use a self-signed certificate. Restic can use it but requires "--insecure-tls" argument to use it. Yet k8up doesn't allow to pass that argument to restic. It can also but used as http, but then restic use a minio compatibility mode which doesnt suit QuObjects and restic fail with "The Content-MD5 you specified was invalid".
Additional Context
No response
Logs
using tls:
1.6723221876801217e+09 INFO k8up.restic.restic.RepoInit.restic.stderr Fatal: create repository at s3:https://s3.rennes.home:8443/solidite failed: client.BucketExists: Get "https://s3.rennes.home:8443/solidite/?location=": x509: certificate is not valid for any names, but wanted to match s3.rennes.home
using plain http:
1.6723222329661973e+09 INFO k8up.restic.restic.RepoInit.restic.stderr Fatal: create key in repository at s3:http://s3.rennes.home:80/solidite failed: client.PutObject: The Content-MD5 you specified was invalid
Expected Behavior
Using restic command-line it works :
export RESTIC_REPOSITORY="s3:https://s3.rennes.home:8443/solidite" restic init --insecure-tls created restic repository 493e88aa9c at s3:https://s3.rennes.home:8443/solidite ....
Please provide a way to propagate that --insecure-tls to restic
Acceptance Criteria
- Add a new field "additionalResticArgs" to all jobs and the schedule object ** These flags will be passed to all restic calls within K8up ad verbatim
- Document this new feature ** It should be clearly marked as an advanced configuration as we can't guarantee the correctness of all passed restic flags
Steps To Reproduce
No response
Version of K8up
v2.5.2
Version of Kubernetes
v1.25.3+k3s1
Distribution of Kubernetes
k3s
