cleanup & unify scripts
This commit is contained in:
parent
ad3977a95a
commit
1f6cf968f0
7 changed files with 100 additions and 26 deletions
|
@ -2,9 +2,25 @@
|
|||
|
||||
set -o pipefail
|
||||
|
||||
# backup database dump
|
||||
pg_dump -d $(cat ${POSTGRES_DB_FILE}) -h $POSTGRES_SERVICE -p $POSTGRES_PORT -U $(cat ${POSTGRES_USER_FILE}) --no-password --serializable-deferrable --clean --no-privileges | \
|
||||
restic -r $RESTIC_REPOSITORY/db backup --stdin
|
||||
function main() {
|
||||
file_env AWS_ACCESS_KEY_ID
|
||||
file_env AWS_SECRET_ACCESS_KEY
|
||||
|
||||
# backup nextcloud filesystem
|
||||
restic -r $RESTIC_REPOSITORY/files backup /var/backups/
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
file_env RESTIC_PASSWORD_FILE
|
||||
|
||||
# backup database dump
|
||||
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
||||
-U ${POSTGRES_USER_FILE} --no-password --serializable-deferrable \
|
||||
--clean --no-privileges | \
|
||||
restic -r ${RESTIC_REPOSITORY}/db backup --stdin
|
||||
|
||||
# backup nextcloud filesystem
|
||||
restic -r ${RESTIC_REPOSITORY}/files backup /var/backups/
|
||||
}
|
||||
|
||||
source /usr/local/lib/funtions.sh
|
||||
main
|
||||
|
|
|
@ -1,10 +1,19 @@
|
|||
#!/bin/bash
|
||||
|
||||
echo "${POSTGRES_HOST}:$(cat ${POSTGRES_DB_FILE}):$(cat ${POSTGRES_USER_FILE}):$(cat ${POSTGRES_PASSWORD_FILE})" > /root/.pgpass
|
||||
echo "${POSTGRES_HOST}:template1:$(cat ${POSTGRES_USER_FILE}):$(cat ${POSTGRES_PASSWORD_FILE})" >> /root/.pgpass
|
||||
chmod 0600 /root/.pgpass
|
||||
function main() {
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
# Idle process
|
||||
while true; do
|
||||
echo "${POSTGRES_HOST}:${POSTGRES_DB}:${POSTGRES_USER}:${POSTGRES_PASSWORD}" > /root/.pgpass
|
||||
echo "${POSTGRES_HOST}:template1:${POSTGRES_USER}:${POSTGRES_PASSWORD}" >> /root/.pgpass
|
||||
chmod 0600 /root/.pgpass
|
||||
|
||||
# Idle process
|
||||
while true; do
|
||||
sleep 500000
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
source /usr/local/lib/funtions.sh
|
||||
main
|
||||
|
|
21
infrastrucure/docker/image/resources/functions.sh
Normal file
21
infrastrucure/docker/image/resources/functions.sh
Normal file
|
@ -0,0 +1,21 @@
|
|||
# usage: file_env VAR [DEFAULT]
|
||||
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||
function file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
local val="$def"
|
||||
if [ "${!var:-}" ]; then
|
||||
val="${!var}"
|
||||
elif [ "${!fileVar:-}" ]; then
|
||||
val="$(< "${!fileVar}")"
|
||||
fi
|
||||
export "$var"="$val"
|
||||
unset "$fileVar"
|
||||
}
|
|
@ -1,4 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
restic -r $RESTIC_REPOSITORY/db --verbose init
|
||||
restic -r $RESTIC_REPOSITORY/files --verbose init
|
||||
function main() {
|
||||
file_env AWS_ACCESS_KEY_ID
|
||||
file_env AWS_SECRET_ACCESS_KEY
|
||||
|
||||
file_env RESTIC_PASSWORD_FILE
|
||||
|
||||
restic -r ${RESTIC_REPOSITORY}/db --verbose init
|
||||
restic -r ${RESTIC_REPOSITORY}/files --verbose init
|
||||
}
|
||||
|
||||
source /usr/local/lib/funtions.sh
|
||||
main
|
||||
|
|
|
@ -11,6 +11,9 @@ apt-get -qqy install wget postgresql-client-13 restic > /dev/null;
|
|||
update-ca-certificates
|
||||
|
||||
install -m 0700 /tmp/entrypoint.sh /
|
||||
|
||||
install -m 0400 /tmp/functions.sh /usr/local/lib/
|
||||
|
||||
install -m 0700 /tmp/init.sh /usr/local/bin/
|
||||
install -m 0700 /tmp/backup.sh /usr/local/bin/
|
||||
install -m 0700 /tmp/restore.sh /usr/local/bin/
|
||||
|
|
|
@ -1,16 +1,30 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Restore Nextcloud Filesystem
|
||||
# TODO: describe input params
|
||||
|
||||
# Reads restore snapshot_ID from first CLI Argument
|
||||
restic -r $RESTIC_REPOSITORY/files restore latest --target /var/backups/
|
||||
function main() {
|
||||
file_env AWS_ACCESS_KEY_ID
|
||||
file_env AWS_SECRET_ACCESS_KEY
|
||||
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
file_env RESTIC_PASSWORD_FILE
|
||||
|
||||
# files
|
||||
restic -r $RESTIC_REPOSITORY/files restore latest --target /var/backups/
|
||||
|
||||
# db
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "DROP DATABASE \"${POSTGRES_DB}\";"
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "CREATE DATABASE \"${POSTGRES_DB}\";"
|
||||
restic -r ${RESTIC_REPOSITORY}/db restore latest --target test-stdin
|
||||
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password < test-stdin/stdin
|
||||
|
||||
}
|
||||
|
||||
source /usr/local/lib/funtions.sh
|
||||
main
|
||||
|
||||
# Delete DB
|
||||
psql -d template1 -h $POSTGRES_SERVICE -p $POSTGRES_PORT -U $(cat ${POSTGRES_USER_FILE}) --no-password -c "DROP DATABASE \"cloud\";"
|
||||
# Create DB again
|
||||
psql -d template1 -h $POSTGRES_SERVICE -p $POSTGRES_PORT -U $(cat ${POSTGRES_USER_FILE}) --no-password -c "CREATE DATABASE \"cloud\";"
|
||||
# create folder from db backup
|
||||
restic -r $RESTIC_REPOSITORY/db restore latest --target test-stdin
|
||||
# read folder and restore db entries
|
||||
psql -d $(cat ${POSTGRES_DB_FILE}) -h $POSTGRES_SERVICE -p $POSTGRES_PORT -U $(cat ${POSTGRES_USER_FILE}) --no-password < test-stdin/stdin
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{:package [{:name "restic"}
|
||||
{:name "postgresql-client-13"}]
|
||||
:file [{:path "/entrypoint.sh" :mod "700"}
|
||||
{:path "/usr/local/lib/functions.sh" :mod "400"}
|
||||
{:path "/usr/local/bin/init.sh" :mod "700"}
|
||||
{:path "/usr/local/bin/backup.sh" :mod "700"}
|
||||
{:path "/usr/local/bin/restore.sh" :mod "700"}]}
|
||||
|
|
Loading…
Reference in a new issue