diff --git a/.gitignore b/.gitignore index f5a9622..e7511ca 100644 --- a/.gitignore +++ b/.gitignore @@ -26,6 +26,12 @@ !src/ !test/ +# ------------------------ +# Include backup container +!infrastructure/ +infrastructure/backup/__pycache__ +infrastructure/backup/.pybuilder + # ------------------------ # Include Clojure tools !.cljstyle diff --git a/src/dda/backup/postgresql.clj b/src/dda/backup/postgresql.clj new file mode 100644 index 0000000..79ac471 --- /dev/null +++ b/src/dda/backup/postgresql.clj @@ -0,0 +1,92 @@ +(ns dda.backup.postgres + (:require + [orchestra.core :refer [defn-spec]] + [clojure.spec.alpha :as s] + [dda.backup.core.domain :as cd] + [dda.backup.management.domain :as domain] + [dda.backup.core :as core] + [dda.backup.infrastructure :as i])) + +;; function drop-create-db() { +;; psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password -c "DROP DATABASE \"${POSTGRES_DB}\";" +;; psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password -c "CREATE DATABASE \"${POSTGRES_DB}\";" +;; } + +;; function create-pg-pass() { +;; local pg_host=${POSTGRES_HOST:-localhost} + +;; echo "${pg_host}:${POSTGRES_DB}:${POSTGRES_USER}:${POSTGRES_PASSWORD}" > /root/.pgpass +;; echo "${POSTGRES_HOST}:template1:${POSTGRES_USER}:${POSTGRES_PASSWORD}" >> /root/.pgpass +;; chmod 0600 /root/.pgpass +;; } + +;; function backup-roles() { +;; local role_prefix="$1"; shift + +;; if [ -z ${CERTIFICATE_FILE} ]; +;; then +;; roles-unlock-command +;; pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ +;; grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin +;; roles-forget-command +;; else +;; roles-unlock-command --cacert ${CERTIFICATE_FILE} +;; pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ +;; grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin --cacert ${CERTIFICATE_FILE} +;; roles-forget-command --cacert ${CERTIFICATE_FILE} +;; fi +;; } + +;; function backup-db-dump() { + +;; if [ -z ${CERTIFICATE_FILE} ]; +;; then +;; db-unlock-command +;; pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ +;; -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin +;; db-forget-command +;; else +;; db-unlock-command --cacert ${CERTIFICATE_FILE} +;; pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ +;; -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin --cacert ${CERTIFICATE_FILE} +;; db-forget-command --cacert ${CERTIFICATE_FILE} +;; fi +;; } + +;; function restore-roles() { +;; local snapshot_id="${1:-latest}"; shift + +;; if [ -z ${CERTIFICATE_FILE} ]; +;; then +;; roles-unlock-command +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump ${snapshot_id} stdin | \ +;; psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password +;; else +;; roles-unlock-command --cacert ${CERTIFICATE_FILE} +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump ${snapshot_id} stdin --cacert ${CERTIFICATE_FILE} | \ +;; psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password +;; fi +;; } + +;; function restore-db() { +;; local snapshot_id="${1:-latest}"; shift + +;; if [ -z ${CERTIFICATE_FILE} ]; +;; then +;; db-unlock-command +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump ${snapshot_id} stdin | \ +;; psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password +;; else +;; db-unlock-command --cacert ${CERTIFICATE_FILE} +;; restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump ${snapshot_id} stdin --cacert ${CERTIFICATE_FILE} | \ +;; psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ +;; --no-password +;; fi +;; } \ No newline at end of file