From 5f5e061e36405e3c0a9749fd4ac838a29a5dd643 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Fri, 10 Mar 2023 15:01:32 +0100 Subject: [PATCH] introduce constant & add snapshot --- .../docker/image/resources/file-functions.sh | 38 +++++++------- .../docker/image/resources/pg-functions.sh | 49 +++++++++++++------ .../image/resources/restic-snapshots.sh | 15 ++++++ 3 files changed, 69 insertions(+), 33 deletions(-) create mode 100755 infrastructure/docker/image/resources/restic-snapshots.sh diff --git a/infrastructure/docker/image/resources/file-functions.sh b/infrastructure/docker/image/resources/file-functions.sh index 42c8421..d5aadb9 100644 --- a/infrastructure/docker/image/resources/file-functions.sh +++ b/infrastructure/docker/image/resources/file-functions.sh @@ -1,11 +1,11 @@ -#! /bin/bash +backup_file_path='files' function init-file-repo() { if [ -z ${CERTIFICATE_FILE} ]; then - restic -r ${RESTIC_REPOSITORY}/files -v init + restic -r ${RESTIC_REPOSITORY}/${backup_file_path} -v init else - restic -r ${RESTIC_REPOSITORY}/files -v init --cacert ${CERTIFICATE_FILE} + restic -r ${RESTIC_REPOSITORY}/${backup_file_path} -v init --cacert ${CERTIFICATE_FILE} fi } @@ -15,13 +15,13 @@ function backup-directory() { if [ -z ${CERTIFICATE_FILE} ]; then - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache - cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . - restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup . + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune else - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} - cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . --cacert ${CERTIFICATE_FILE} - restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup . --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} fi } @@ -31,13 +31,13 @@ function backup-fs-from-directory() { if [ -z ${CERTIFICATE_FILE} ]; then - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache - cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ - restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup $@ + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune else - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} - cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ --cacert ${CERTIFICATE_FILE} - restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup $@ --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} fi } @@ -47,13 +47,13 @@ function restore-directory() { if [ -z ${CERTIFICATE_FILE} ]; then - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache rm -rf ${directory}* - restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} + restic -v -r $RESTIC_REPOSITORY/${backup_file_path} restore latest --target ${directory} else - restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} rm -rf ${directory}* - restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} --cacert ${CERTIFICATE_FILE} + restic -v -r $RESTIC_REPOSITORY/${backup_file_path} restore latest --target ${directory} --cacert ${CERTIFICATE_FILE} fi } \ No newline at end of file diff --git a/infrastructure/docker/image/resources/pg-functions.sh b/infrastructure/docker/image/resources/pg-functions.sh index 273ec18..2ea4e80 100644 --- a/infrastructure/docker/image/resources/pg-functions.sh +++ b/infrastructure/docker/image/resources/pg-functions.sh @@ -1,5 +1,8 @@ +backup_pg_role_path='pg-role' +backup_pg_database_path='pg-database' + function init-command() { - restic -r ${RESTIC_REPOSITORY}/pg-role -v init $@ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} -v init $@ } function init-role-repo() { @@ -14,7 +17,7 @@ function init-role-repo() { } function init-database-command() { - restic -r ${RESTIC_REPOSITORY}/pg-database -v init $@ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} -v init $@ } function init-database-repo() { @@ -43,11 +46,11 @@ function create-pg-pass() { } function roles-unlock-command() { - restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache $@ + restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} unlock --cleanup-cache $@ } function roles-forget-command() { - restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ + restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ } function backup-roles() { @@ -57,22 +60,22 @@ function backup-roles() { then roles-unlock-command pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ - grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin + grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin roles-forget-command else roles-unlock-command --cacert ${CERTIFICATE_FILE} pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ - grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin --cacert ${CERTIFICATE_FILE} + grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin --cacert ${CERTIFICATE_FILE} roles-forget-command --cacert ${CERTIFICATE_FILE} fi } function db-unlock-command() { - restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache $@ + restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} unlock --cleanup-cache $@ } function db-forget-command() { - restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ + restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ } function backup-db-dump() { @@ -82,13 +85,13 @@ function backup-db-dump() { db-unlock-command pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ - restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin db-forget-command else db-unlock-command --cacert ${CERTIFICATE_FILE} pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ - restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin --cacert ${CERTIFICATE_FILE} + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin --cacert ${CERTIFICATE_FILE} db-forget-command --cacert ${CERTIFICATE_FILE} fi } @@ -98,12 +101,12 @@ function restore-roles() { if [ -z ${CERTIFICATE_FILE} ]; then roles-unlock-command - restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump latest stdin | \ psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password else roles-unlock-command --cacert ${CERTIFICATE_FILE} - restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin --cacert ${CERTIFICATE_FILE} | \ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump latest stdin --cacert ${CERTIFICATE_FILE} | \ psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password fi @@ -113,13 +116,31 @@ function restore-db() { if [ -z ${CERTIFICATE_FILE} ]; then db-unlock-command - restic -r ${RESTIC_REPOSITORY}/pg-database dump latest stdin | \ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump latest stdin | \ psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password else db-unlock-command --cacert ${CERTIFICATE_FILE} - restic -r ${RESTIC_REPOSITORY}/pg-database dump latest stdin --cacert ${CERTIFICATE_FILE} | \ + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump latest stdin --cacert ${CERTIFICATE_FILE} | \ psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password fi +} + +function list-snapshot-roles() { + if [ -z ${CERTIFICATE_FILE} ]; + then + restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} snapshots + else + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots --cacert ${CERTIFICATE_FILE} + fi +} + +function list-snapshot-db() { + if [ -z ${CERTIFICATE_FILE} ]; + then + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots + else + restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots --cacert ${CERTIFICATE_FILE} + fi } \ No newline at end of file diff --git a/infrastructure/docker/image/resources/restic-snapshots.sh b/infrastructure/docker/image/resources/restic-snapshots.sh new file mode 100755 index 0000000..ca889ce --- /dev/null +++ b/infrastructure/docker/image/resources/restic-snapshots.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +set -o pipefail + +function main() { + file_env AWS_ACCESS_KEY_ID + file_env AWS_SECRET_ACCESS_KEY + + restic -r ${RESTIC_REPOSITORY}/files snapshots +} + +source /usr/local/lib/functions.sh +source /usr/local/lib/file-functions.sh + +main