bstein/soteria
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
bstein 2026-06-19 20:46:24 +00:00
parent 105f88d89c
commit aee93cb331
1 changed files with 8 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -2,23 +2,17 @@
Soteria is the backup and restore console for Atlas PVCs.
Right now it is mainly built around Longhorn. It lists bound PVCs, starts
backups, restores a backup into a new PVC, runs namespace-wide backup/restore
jobs, and exposes backup health metrics for Grafana. It also has a small React
UI so the common restore path does not require remembering the API by hand.
Right now it is mainly built around Longhorn. It lists bound PVCs, starts backups, restores a backup into a new PVC, runs namespace-wide backup/restore jobs, and exposes backup health metrics for Grafana. It also has a small React UI so the common restore path does not require remembering the API by hand.
Soteria never overwrites an existing target PVC. Restore work is meant to be
explicit and reversible.
Soteria never overwrites an existing target PVC. Restore work is meant to be explicit and reversible.
## How it works
The service runs in-cluster and talks to Kubernetes plus the Longhorn backend.
For each PVC it resolves the backing volume, asks Longhorn to snapshot/backup
it, and records enough inventory for humans and dashboards to see whether the
backup is fresh.
The service runs in-cluster and talks to Kubernetes plus the Longhorn backend. For each PVC it resolves the backing volume, asks Longhorn to snapshot/backup it, and records enough inventory for humans and dashboards to see whether the backup is fresh.
Policies are stored in a Kubernetes secret and evaluated on a timer. Metrics are
published at `/metrics`; the UI and API share the same backend.
Policies are stored in a Kubernetes secret and evaluated on a timer. Metrics are published at `/metrics`; the UI and API share the same backend.
The following are notes for future Brad.
Main endpoints:
@ -32,8 +26,7 @@ Main endpoints:
- `GET|POST|DELETE /v1/policies`
- `GET /v1/b2`
When auth is enabled, Soteria expects trusted headers from the fronting proxy and
checks `SOTERIA_ALLOWED_GROUPS`.
When auth is enabled, Soteria expects trusted headers from the fronting proxy and checks `SOTERIA_ALLOWED_GROUPS`.
## Development
@ -42,5 +35,4 @@ go test ./...
./scripts/check.sh
```
The local deploy manifests live in `deploy/`. Production wiring should still go
through the Flux repo, not one-off cluster edits.
The local deploy manifests live in `deploy/`. Production wiring should still go through the Flux repo, not one-off cluster edits.