apiVersion: batch/v1 kind: CronJob metadata: name: backup namespace: backup-system spec: schedule: "0 2 * * *" concurrencyPolicy: Forbid successfulJobsHistoryLimit: 3 failedJobsHistoryLimit: 1 jobTemplate: spec: template: spec: restartPolicy: OnFailure serviceAccountName: backup-sa securityContext: runAsUser: 0 nodeSelector: kubernetes.io/hostname: chemavx-k8 containers: - name: backup image: bitnami/kubectl:latest command: ["/bin/bash", "/scripts/backup.sh"] env: - name: KUBECONFIG value: /kubeconfig/k3s.yaml resources: requests: cpu: 100m memory: 128Mi limits: cpu: 500m memory: 512Mi volumeMounts: - name: backup-dir mountPath: /data/backups/backups - name: n8n-data mountPath: /data/n8n - name: openclaw-data mountPath: /data/openclaw - name: scripts mountPath: /scripts - name: k3s-storage mountPath: /var/lib/rancher/k3s/storage - name: kubeconfig mountPath: /kubeconfig/k3s.yaml - name: k3s-db mountPath: /data/k3s-db readOnly: true volumes: - name: backup-dir hostPath: path: /data/backups/backups type: DirectoryOrCreate - name: n8n-data hostPath: path: /data/n8n type: DirectoryOrCreate - name: openclaw-data hostPath: path: /data/openclaw type: DirectoryOrCreate - name: scripts hostPath: path: /data/backups/scripts type: Directory - name: k3s-storage hostPath: path: /var/lib/rancher/k3s/storage type: Directory - name: kubeconfig hostPath: path: /etc/rancher/k3s/k3s.yaml type: File - name: k3s-db hostPath: path: /var/lib/rancher/k3s/server/db type: Directory