meissa/dda-backup
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

introduce constant & add snapshot

Browse source
This commit is contained in:
Michael Jerger 2023-03-10 15:01:32 +01:00
parent d3b4c41d22
commit 5f5e061e36
3 changed files with 69 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
infrastructure/docker/image/resources/file-functions.sh
View file

@ -1,11 +1,11 @@
#! /bin/bash backup_file_path='files'
function init-file-repo() { function init-file-repo() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
restic -r ${RESTIC_REPOSITORY}/files -v init restic -r ${RESTIC_REPOSITORY}/${backup_file_path} -v init
else else
restic -r ${RESTIC_REPOSITORY}/files -v init --cacert ${CERTIFICATE_FILE} restic -r ${RESTIC_REPOSITORY}/${backup_file_path} -v init --cacert ${CERTIFICATE_FILE}
fi fi
} }
@ -15,13 +15,13 @@ function backup-directory() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup .
restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune
else else
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . --cacert ${CERTIFICATE_FILE} cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup . --cacert ${CERTIFICATE_FILE}
restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE}
fi fi
} }
@ -31,13 +31,13 @@ function backup-fs-from-directory() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup $@
restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune
else else
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ --cacert ${CERTIFICATE_FILE} cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} backup $@ --cacert ${CERTIFICATE_FILE}
restic -v -r ${RESTIC_REPOSITORY}/files forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE} restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune --cacert ${CERTIFICATE_FILE}
fi fi
} }
@ -47,13 +47,13 @@ function restore-directory() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache
rm -rf ${directory}* rm -rf ${directory}*
restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} restic -v -r $RESTIC_REPOSITORY/${backup_file_path} restore latest --target ${directory}
else else
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} restic -v -r ${RESTIC_REPOSITORY}/${backup_file_path} unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
rm -rf ${directory}* rm -rf ${directory}*
restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} --cacert ${CERTIFICATE_FILE} restic -v -r $RESTIC_REPOSITORY/${backup_file_path} restore latest --target ${directory} --cacert ${CERTIFICATE_FILE}
fi fi
} }

49
infrastructure/docker/image/resources/pg-functions.sh
View file

@ -1,5 +1,8 @@
backup_pg_role_path='pg-role'
backup_pg_database_path='pg-database'
function init-command() { function init-command() {
restic -r ${RESTIC_REPOSITORY}/pg-role -v init $@ restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} -v init $@
} }
function init-role-repo() { function init-role-repo() {
@ -14,7 +17,7 @@ function init-role-repo() {
} }
function init-database-command() { function init-database-command() {
restic -r ${RESTIC_REPOSITORY}/pg-database -v init $@ restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} -v init $@
} }
function init-database-repo() { function init-database-repo() {
@ -43,11 +46,11 @@ function create-pg-pass() {
} }
function roles-unlock-command() { function roles-unlock-command() {
restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache $@ restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} unlock --cleanup-cache $@
} }
function roles-forget-command() { function roles-forget-command() {
restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@
} }
function backup-roles() { function backup-roles() {
@ -57,22 +60,22 @@ function backup-roles() {
then then
roles-unlock-command roles-unlock-command
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \
grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin
roles-forget-command roles-forget-command
else else
roles-unlock-command --cacert ${CERTIFICATE_FILE} roles-unlock-command --cacert ${CERTIFICATE_FILE}
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \
grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin --cacert ${CERTIFICATE_FILE} grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} backup --stdin --cacert ${CERTIFICATE_FILE}
roles-forget-command --cacert ${CERTIFICATE_FILE} roles-forget-command --cacert ${CERTIFICATE_FILE}
fi fi
} }
function db-unlock-command() { function db-unlock-command() {
restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache $@ restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} unlock --cleanup-cache $@
} }
function db-forget-command() { function db-forget-command() {
restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@ restic -v -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} forget --group-by '' --keep-last 1 --keep-daily ${RESTIC_DAYS_TO_KEEP} --keep-monthly ${RESTIC_MONTHS_TO_KEEP} --prune $@
} }
function backup-db-dump() { function backup-db-dump() {
@ -82,13 +85,13 @@ function backup-db-dump() {
db-unlock-command db-unlock-command
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \ -U ${POSTGRES_USER} --no-password --serializable-deferrable | \
restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin
db-forget-command db-forget-command
else else
db-unlock-command --cacert ${CERTIFICATE_FILE} db-unlock-command --cacert ${CERTIFICATE_FILE}
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \ -U ${POSTGRES_USER} --no-password --serializable-deferrable | \
restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin --cacert ${CERTIFICATE_FILE} restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} backup --stdin --cacert ${CERTIFICATE_FILE}
db-forget-command --cacert ${CERTIFICATE_FILE} db-forget-command --cacert ${CERTIFICATE_FILE}
fi fi
} }
@ -98,12 +101,12 @@ function restore-roles() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
roles-unlock-command roles-unlock-command
restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump latest stdin | \
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
--no-password --no-password
else else
roles-unlock-command --cacert ${CERTIFICATE_FILE} roles-unlock-command --cacert ${CERTIFICATE_FILE}
restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin --cacert ${CERTIFICATE_FILE} | \ restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} dump latest stdin --cacert ${CERTIFICATE_FILE} | \
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
--no-password --no-password
fi fi
@ -113,13 +116,31 @@ function restore-db() {
if [ -z ${CERTIFICATE_FILE} ]; if [ -z ${CERTIFICATE_FILE} ];
then then
db-unlock-command db-unlock-command
restic -r ${RESTIC_REPOSITORY}/pg-database dump latest stdin | \ restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump latest stdin | \
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
--no-password --no-password
else else
db-unlock-command --cacert ${CERTIFICATE_FILE} db-unlock-command --cacert ${CERTIFICATE_FILE}
restic -r ${RESTIC_REPOSITORY}/pg-database dump latest stdin --cacert ${CERTIFICATE_FILE} | \ restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} dump latest stdin --cacert ${CERTIFICATE_FILE} | \
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
--no-password --no-password
fi fi
}
function list-snapshot-roles() {
if [ -z ${CERTIFICATE_FILE} ];
then
restic -r ${RESTIC_REPOSITORY}/${backup_pg_role_path} snapshots
else
restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots --cacert ${CERTIFICATE_FILE}
fi
}
function list-snapshot-db() {
if [ -z ${CERTIFICATE_FILE} ];
then
restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots
else
restic -r ${RESTIC_REPOSITORY}/${backup_pg_database_path} snapshots --cacert ${CERTIFICATE_FILE}
fi
} }

15
infrastructure/docker/image/resources/restic-snapshots.sh Executable file
View file

@ -0,0 +1,15 @@
#!/bin/bash
set -o pipefail
function main() {
file_env AWS_ACCESS_KEY_ID
file_env AWS_SECRET_ACCESS_KEY
restic -r ${RESTIC_REPOSITORY}/files snapshots
}
source /usr/local/lib/functions.sh
source /usr/local/lib/file-functions.sh
main