From 075e2adc676b5f58d6707665d3eb9514ecf6fa19 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Wed, 10 Jun 2020 12:25:56 +0200
Subject: [PATCH] Add some more info on Velero workings to the docs

---
 ansible/group_vars/all/settings.yml.example |  5 ++++-
 docs/installation_instructions.rst          | 21 ++++++++++++++++++++-
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/ansible/group_vars/all/settings.yml.example b/ansible/group_vars/all/settings.yml.example
index 10731dbce..5dcde6a73 100644
--- a/ansible/group_vars/all/settings.yml.example
+++ b/ansible/group_vars/all/settings.yml.example
@@ -18,7 +18,9 @@ prometheus_enable_ingress: false
 backup:
   s3:
     # Disabled by default. To enable, change to `true` and configure the
-    # settings below. You'll also need to provide access credentials as
+    # settings below. You'll also want to add "velero" to the enabled
+    # applications a bit further in this file.
+    # Finally, you'll also need to provide access credentials as
     # secrets; see the documentation:
     # https://docs.openappstack.net/en/latest/installation_instructions.html#step-2-optional-cluster-backups-using-velero
     enabled: false
@@ -30,6 +32,7 @@ backup:
     # apparently requires it at some point.
     region: "ceph"
     # Name of the S3 bucket that backups will be stored in.
+    # This has to exist already: Velero will not create it for you.
     bucket: "openappstack-backup"
     # Prefix that's added to backup filenames.
     prefix: "test-instance"
diff --git a/docs/installation_instructions.rst b/docs/installation_instructions.rst
index d5afff68f..2ac616d33 100644
--- a/docs/installation_instructions.rst
+++ b/docs/installation_instructions.rst
@@ -325,11 +325,30 @@ At this point you can enable `Velero <https://velero.io>`__, a program that
 runs on your cluster and uploads backups of your cluster and user data to an
 S3 storage service of your choice.
 
-To do so:
+If enabled, Velero will create a backup of your cluster once every night and
+upload it to the S3 storage you configure. This includes:
+
+- your cluster state. Technically speaking, it will back up all Kubernetes
+  namespaces in your cluster, except ``velero`` itself; this includes things
+  like which applications are installed, including their version number and
+  installation-time settings;
+- persistent data of all applications: for example, single sign-on users that
+  you created, Nextcloud files and metadata, Wordpress site data and comments,
+  Rocketchat chat history, etc. A single exception to this is Prometheus data
+  (statistics of system properties), which takes up a lot of space and we
+  consider not valuable enough to back up.
+
+It does not include anything on the VPS that you may have set up but is not
+part of OpenAppStack, like programs installed via ``apt``, or data added to the
+VPS disk not through OpenAppStack.
+
+To enable Velero:
 
 - edit the file ``clusters/my-cluster/group_vars/all/settings.yml``,
   reviewing all settings under the ``backup`` field and entering the data
   specific to your backup storage location;
+- in that same file ``clusters/my-cluster/group_vars/all/settings.yml``,
+  add ``'velero'`` to the list of ``enabled_applications``;
 - create the directory ``clusters/my-cluster/secrets``;
 - create the file ``clusters/my-cluster/secrets/s3_access_key``, with as
   only contents your S3 access key;
-- 
GitLab