From a12a421bbf7ba86d4cd95ddff5036fe003ec74a9 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Fri, 23 Aug 2024 08:45:43 +0200 Subject: [PATCH] prepare first backup test --- infrastructure/backup/image/Dockerfile | 2 +- .../backup/image/resources/backup.bb | 40 ++++++++++++++++++ .../backup/image/resources/backup.sh | 19 --------- .../backup/image/resources/bb-backup.edn | 3 ++ infrastructure/backup/image/resources/bb.edn | 3 ++ .../resources/entrypoint-start-and-wait.sh | 15 ------- .../backup/image/resources/entrypoint.sh | 13 ------ infrastructure/backup/image/resources/init.bb | 3 ++ infrastructure/backup/image/resources/init.sh | 16 ------- .../backup/image/resources/install.bb | 14 +++++++ .../backup/image/resources/install.sh | 21 ---------- .../backup/image/resources/list-snapshots.bb | 14 +++++++ .../image/resources/restic-snapshots.sh | 16 ------- .../backup/image/resources/restore.bb | 42 +++++++++++++++++++ .../backup/image/resources/restore.sh | 39 ----------------- infrastructure/backup/image/resources/wait.bb | 27 ++++++++++++ .../backup/backup-restore-deployment.yaml | 2 +- src/main/resources/backup/cron.yaml | 2 +- 18 files changed, 149 insertions(+), 142 deletions(-) create mode 100755 infrastructure/backup/image/resources/backup.bb delete mode 100755 infrastructure/backup/image/resources/backup.sh create mode 100644 infrastructure/backup/image/resources/bb-backup.edn create mode 100644 infrastructure/backup/image/resources/bb.edn delete mode 100644 infrastructure/backup/image/resources/entrypoint-start-and-wait.sh delete mode 100755 infrastructure/backup/image/resources/entrypoint.sh create mode 100755 infrastructure/backup/image/resources/init.bb delete mode 100755 infrastructure/backup/image/resources/init.sh create mode 100755 infrastructure/backup/image/resources/install.bb delete mode 100755 infrastructure/backup/image/resources/install.sh create mode 100755 infrastructure/backup/image/resources/list-snapshots.bb delete mode 100755 infrastructure/backup/image/resources/restic-snapshots.sh create mode 100755 infrastructure/backup/image/resources/restore.bb delete mode 100755 infrastructure/backup/image/resources/restore.sh create mode 100755 infrastructure/backup/image/resources/wait.bb diff --git a/infrastructure/backup/image/Dockerfile b/infrastructure/backup/image/Dockerfile index e6e11b4..2c60369 100644 --- a/infrastructure/backup/image/Dockerfile +++ b/infrastructure/backup/image/Dockerfile @@ -2,4 +2,4 @@ FROM domaindrivenarchitecture/dda-backup:latest # Prepare Entrypoint Script ADD resources /tmp -RUN /tmp/install.sh +RUN /tmp/install.bb diff --git a/infrastructure/backup/image/resources/backup.bb b/infrastructure/backup/image/resources/backup.bb new file mode 100755 index 0000000..b517543 --- /dev/null +++ b/infrastructure/backup/image/resources/backup.bb @@ -0,0 +1,40 @@ +#!/usr/bin/env bb + +(require '[dda.backup.core :as bc] + '[dda.backup.restic :as rc] + '[dda.backup.postgresql :as pg] + '[dda.backup.backup :as bak]) + +(def restic-repo {:password-file (bc/env-or-file "RESTIC_PASSWORD_FILE") + :restic-repository (bc/env-or-file "RESTIC_REPOSITORY")}) + +(def file-config (merge restic-repo {:backup-path "files" + :files ["/var/backups/" "gitea/" "git/repositories/"]})) + + +(def db-config (merge restic-repo {:backup-path "pg-database" + :pg-host (bc/env-or-file "POSTGRES_SERVICE") + :pg-port (bc/env-or-file "POSTGRES_PORT") + :pg-db (bc/env-or-file "POSTGRES_DB") + :pg-user (bc/env-or-file "POSTGRES_USER") + :pg-password (bc/env-or-file "POSTGRES_PASSWORD")})) + +(def dry-run {:dry-run true :debug true}) + +(defn prepare! + [] + (pg/create-pg-pass! db-config)) + +(defn restic-repo-init! + [] + (rc/init! file-config) + (rc/init! db-config)) + +(defn restic-backup! + [] + (bak/backup-file! file-config) + (bak/backup-db! db-config)) + +(prepare!) +(restic-repo-init!) +(restic-backup!) \ No newline at end of file diff --git a/infrastructure/backup/image/resources/backup.sh b/infrastructure/backup/image/resources/backup.sh deleted file mode 100755 index 191ca81..0000000 --- a/infrastructure/backup/image/resources/backup.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -set -Eexo pipefail - -function main() { - file_env AWS_ACCESS_KEY_ID - file_env AWS_SECRET_ACCESS_KEY - file_env RESTIC_DAYS_TO_KEEP 30 - file_env RESTIC_MONTHS_TO_KEEP 12 - - backup-db-dump - backup-fs-from-directory '/var/backups/' 'gitea/' 'git/repositories/' -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/pg-functions.sh -source /usr/local/lib/file-functions.sh - -main diff --git a/infrastructure/backup/image/resources/bb-backup.edn b/infrastructure/backup/image/resources/bb-backup.edn new file mode 100644 index 0000000..1a7297a --- /dev/null +++ b/infrastructure/backup/image/resources/bb-backup.edn @@ -0,0 +1,3 @@ +{:deps {org.clojure/spec.alpha {:mvn/version "0.4.233"} + orchestra/orchestra {:mvn/version "2021.01.01-1"} + org.domaindrivenarchitecture/dda-backup {:local/root "/usr/local/lib/dda-backup"}}} diff --git a/infrastructure/backup/image/resources/bb.edn b/infrastructure/backup/image/resources/bb.edn new file mode 100644 index 0000000..1c6458c --- /dev/null +++ b/infrastructure/backup/image/resources/bb.edn @@ -0,0 +1,3 @@ +{:deps {org.clojure/spec.alpha {:mvn/version "0.4.233"} + orchestra/orchestra {:mvn/version "2021.01.01-1"} + org.domaindrivenarchitecture/dda-build {:mvn/version "0.1.1-SNAPSHOT"}}} diff --git a/infrastructure/backup/image/resources/entrypoint-start-and-wait.sh b/infrastructure/backup/image/resources/entrypoint-start-and-wait.sh deleted file mode 100644 index 7f6cb71..0000000 --- a/infrastructure/backup/image/resources/entrypoint-start-and-wait.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -Eexo pipefail - -function main() { - create-pg-pass - - while true; do - sleep 1m - done -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/pg-functions.sh -main \ No newline at end of file diff --git a/infrastructure/backup/image/resources/entrypoint.sh b/infrastructure/backup/image/resources/entrypoint.sh deleted file mode 100755 index 06df61a..0000000 --- a/infrastructure/backup/image/resources/entrypoint.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -set -Eexo pipefail - -function main() { - create-pg-pass - - /usr/local/bin/backup.sh -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/pg-functions.sh -main diff --git a/infrastructure/backup/image/resources/init.bb b/infrastructure/backup/image/resources/init.bb new file mode 100755 index 0000000..af0856c --- /dev/null +++ b/infrastructure/backup/image/resources/init.bb @@ -0,0 +1,3 @@ +#!/usr/bin/env bb + +(println "initialized") diff --git a/infrastructure/backup/image/resources/init.sh b/infrastructure/backup/image/resources/init.sh deleted file mode 100755 index 00816fc..0000000 --- a/infrastructure/backup/image/resources/init.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -set -Eexo pipefail - -function main() { - file_env AWS_ACCESS_KEY_ID - file_env AWS_SECRET_ACCESS_KEY - - init-database-repo - init-file-repo -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/pg-functions.sh -source /usr/local/lib/file-functions.sh -main diff --git a/infrastructure/backup/image/resources/install.bb b/infrastructure/backup/image/resources/install.bb new file mode 100755 index 0000000..3ec49fb --- /dev/null +++ b/infrastructure/backup/image/resources/install.bb @@ -0,0 +1,14 @@ +#!/usr/bin/env bb + +(require + '[dda.image.ubuntu :as ub] + '[dda.image.install :as in]) + + +(ub/upgrade-system!) +(in/install! "bb-backup.edn" :target-name "bb.edn" :mod "0400") +(in/install! "backup.bb") +(in/install! "restore.bb") +(in/install! "list-snapshots.bb") +(in/install! "wait.bb") +(ub/cleanup-container!) \ No newline at end of file diff --git a/infrastructure/backup/image/resources/install.sh b/infrastructure/backup/image/resources/install.sh deleted file mode 100755 index 666cec1..0000000 --- a/infrastructure/backup/image/resources/install.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -set -exo pipefail - -function main() -{ - upgradeSystem - - install -m 0700 /tmp/entrypoint.sh / - install -m 0700 /tmp/entrypoint-start-and-wait.sh / - - install -m 0700 /tmp/init.sh /usr/local/bin/ - install -m 0700 /tmp/backup.sh /usr/local/bin/ - install -m 0700 /tmp/restore.sh /usr/local/bin/ - install -m 0700 /tmp/restic-snapshots.sh /usr/local/bin/ - - cleanupDocker -} > /dev/null - -source /tmp/install_functions_debian.sh -DEBIAN_FRONTEND=noninteractive DEBCONF_NOWARNINGS=yes main \ No newline at end of file diff --git a/infrastructure/backup/image/resources/list-snapshots.bb b/infrastructure/backup/image/resources/list-snapshots.bb new file mode 100755 index 0000000..225d618 --- /dev/null +++ b/infrastructure/backup/image/resources/list-snapshots.bb @@ -0,0 +1,14 @@ +#!/usr/bin/env bb + +(require '[dda.backup.core :as bc] + '[dda.backup.restic :as rc]) + +(def restic-repo {:password-file (bc/env-or-file "RESTIC_PASSWORD_FILE") + :restic-repository (bc/env-or-file "RESTIC_REPOSITORY")}) + +(defn list-snapshots! + [] + (rc/list-snapshots! file-config) + (rc/list-snapshots! db-config)) + +(list-snapshots!) diff --git a/infrastructure/backup/image/resources/restic-snapshots.sh b/infrastructure/backup/image/resources/restic-snapshots.sh deleted file mode 100755 index 1330610..0000000 --- a/infrastructure/backup/image/resources/restic-snapshots.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -set -exo pipefail - -function main() { - file_env AWS_ACCESS_KEY_ID - file_env AWS_SECRET_ACCESS_KEY - - restic -r ${RESTIC_REPOSITORY}/files snapshots - restic -r ${RESTIC_REPOSITORY}/pg-database snapshots -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/file-functions.sh - -main diff --git a/infrastructure/backup/image/resources/restore.bb b/infrastructure/backup/image/resources/restore.bb new file mode 100755 index 0000000..b979dec --- /dev/null +++ b/infrastructure/backup/image/resources/restore.bb @@ -0,0 +1,42 @@ +#!/usr/bin/env bb + +(require '[babashka.tasks :as tasks] + '[dda.backup.core :as bc] + '[dda.backup.postgresql :as pg] + '[dda.backup.restore :as rs]) + +(def restic-repo {:password-file (bc/env-or-file "RESTIC_PASSWORD_FILE") + :restic-repository (bc/env-or-file "RESTIC_REPOSITORY")}) + +(def file-config (merge restic-repo {:backup-path "files" + :restore-target-directory "/var/backups/restore" + :snapshot-id "latest"})) + + +(def db-config (merge restic-repo {:backup-path "pg-database" + :pg-host (bc/env-or-file "POSTGRES_SERVICE") + :pg-port (bc/env-or-file "POSTGRES_PORT") + :pg-db (bc/env-or-file "POSTGRES_DB") + :pg-user (bc/env-or-file "POSTGRES_USER") + :pg-password (bc/env-or-file "POSTGRES_PASSWORD") + :snapshot-id "latest"})) + +(def dry-run {:dry-run true :debug true}) + +(defn prepare! + [] + (pg/create-pg-pass! db-config)) + +(defn restic-restore! + [] + (rs/restore-file! file-config) + (tasks/sh "bash" "-c" "rm -rf /var/backups/gitea/*") + (tasks/sh "bash" "-c" "rm -rf /var/backups/git/repositories/*") + (tasks/sh "mv" "/var/backups/restore/gitea" "/var/backups/") + (tasks/sh "mv" "/var/backups/restore/git/repositories" "/var/backups/git/") + (tasks/sh "chown" "-R" "1000:1000" "/var/backups") + (pg/drop-create-db! db-config) + (rs/restore-db! db-config)) + +(prepare!) +(restic-restore!) diff --git a/infrastructure/backup/image/resources/restore.sh b/infrastructure/backup/image/resources/restore.sh deleted file mode 100755 index 0d1052d..0000000 --- a/infrastructure/backup/image/resources/restore.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -set -Eexo pipefail - -function main() { - local db_snapshot_id="${1:-latest}" - local file_snapshot_id="${2:-latest}" - - file_env AWS_ACCESS_KEY_ID - file_env AWS_SECRET_ACCESS_KEY - - file_env POSTGRES_DB - file_env POSTGRES_PASSWORD - file_env POSTGRES_USER - - # Restore latest snapshot into /var/backups/restore - restore-directory '/var/backups/restore' ${file_snapshot_id} - - rm -rf /var/backups/gitea/* - rm -rf /var/backups/git/repositories/* - mv /var/backups/restore/gitea /var/backups/ - mv /var/backups/restore/git/repositories /var/backups/git/ - - # adjust file permissions for the git user - chown -R 1000:1000 /var/backups - - # TODO: Regenerate Git Hooks? Do we need this? - #/usr/local/bin/gitea -c '/data/gitea/conf/app.ini' admin regenerate hooks - - # Restore db - drop-create-db - restore-db ${db_snapshot_id} -} - -source /usr/local/lib/functions.sh -source /usr/local/lib/pg-functions.sh -source /usr/local/lib/file-functions.sh - -main "$@" diff --git a/infrastructure/backup/image/resources/wait.bb b/infrastructure/backup/image/resources/wait.bb new file mode 100755 index 0000000..2bb9e3f --- /dev/null +++ b/infrastructure/backup/image/resources/wait.bb @@ -0,0 +1,27 @@ +#!/usr/bin/env bb + +(require + '[dda.backup.core :as bc] + '[dda.backup.postgresql :as pg]) + + +(def restic-repo {:password-file (bc/env-or-file "RESTIC_PASSWORD_FILE") + :restic-repository (bc/env-or-file "RESTIC_REPOSITORY")}) + +(def db-config (merge restic-repo {:backup-path "pg-database" + :pg-host (bc/env-or-file "POSTGRES_SERVICE") + :pg-port (bc/env-or-file "POSTGRES_PORT") + :pg-db (bc/env-or-file "POSTGRES_DB") + :pg-user (bc/env-or-file "POSTGRES_USER") + :pg-password (bc/env-or-file "POSTGRES_PASSWORD")})) + +(defn prepare! + [] + (pg/create-pg-pass! db-config)) + +(defn wait! [] + (while true + (Thread/sleep 1000))) + +(prepare!) +(wait!) \ No newline at end of file diff --git a/src/main/resources/backup/backup-restore-deployment.yaml b/src/main/resources/backup/backup-restore-deployment.yaml index 9c34d07..623207f 100644 --- a/src/main/resources/backup/backup-restore-deployment.yaml +++ b/src/main/resources/backup/backup-restore-deployment.yaml @@ -21,7 +21,7 @@ spec: - image: domaindrivenarchitecture/c4k-forgejo-backup name: backup-app imagePullPolicy: IfNotPresent - command: ["/entrypoint-start-and-wait.sh"] + command: ["wait.bb"] env: - name: POSTGRES_USER valueFrom: diff --git a/src/main/resources/backup/cron.yaml b/src/main/resources/backup/cron.yaml index 2996efa..f7144b4 100644 --- a/src/main/resources/backup/cron.yaml +++ b/src/main/resources/backup/cron.yaml @@ -17,7 +17,7 @@ spec: - name: backup-app image: domaindrivenarchitecture/c4k-forgejo-backup imagePullPolicy: IfNotPresent - command: ["/entrypoint.sh"] + command: ["backup.bb"] env: - name: POSTGRES_USER valueFrom: