add role-creation & stream-restore
This commit is contained in:
parent
d6b3110e39
commit
9fb75c395c
3 changed files with 36 additions and 27 deletions
|
@ -13,21 +13,28 @@ function main() {
|
|||
file_env RESTIC_PASSWORD
|
||||
file_env RESTIC_DAYS_TO_KEEP 14
|
||||
|
||||
# TODO: add a restic unlock stmt.
|
||||
# backup roles
|
||||
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only > roles.sql
|
||||
# TODO: remove all without oc_
|
||||
restic -v -r ${RESTIC_REPOSITORY}/db-role backup --stdin
|
||||
|
||||
# backup database dump
|
||||
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
||||
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \
|
||||
restic -v -r ${RESTIC_REPOSITORY}/db backup --stdin
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache
|
||||
|
||||
restic -r ${RESTIC_REPOSITORY}/db forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only |
|
||||
grep 'oc_' |
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-role backup --stdin
|
||||
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||
|
||||
# backup database dump
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache
|
||||
|
||||
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
||||
-U ${POSTGRES_USER} --no-password --serializable-deferrable |
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-database backup --stdin
|
||||
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||
|
||||
# backup nextcloud filesystem
|
||||
cd /var/backups/ && restic -r ${RESTIC_REPOSITORY}/files backup .
|
||||
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache
|
||||
|
||||
cd /var/backups/ && restic -v -r ${RESTIC_REPOSITORY}/files backup .
|
||||
|
||||
restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||
}
|
||||
|
|
|
@ -6,9 +6,9 @@ function main() {
|
|||
|
||||
file_env RESTIC_PASSWORD_FILE
|
||||
|
||||
restic -r ${RESTIC_REPOSITORY}/db --verbose init
|
||||
restic -r ${RESTIC_REPOSITORY}/db-role --verbose init
|
||||
restic -r ${RESTIC_REPOSITORY}/files --verbose init
|
||||
restic -r ${RESTIC_REPOSITORY}/pg-role -v init
|
||||
restic -r ${RESTIC_REPOSITORY}/pg-database -v init
|
||||
restic -r ${RESTIC_REPOSITORY}/files -v init
|
||||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
|
|
|
@ -12,26 +12,28 @@ function main() {
|
|||
|
||||
file_env RESTIC_PASSWORD
|
||||
|
||||
# files
|
||||
rm -rf /var/backups/*
|
||||
restic -v -r $RESTIC_REPOSITORY/files restore latest --target /var/backups/
|
||||
|
||||
# db
|
||||
# create new db
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "DROP DATABASE \"${POSTGRES_DB}\";"
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "CREATE DATABASE \"${POSTGRES_DB}\";"
|
||||
|
||||
# TODO: restore roles
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "CREATE ROLE oc_...;"
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password -c "ALTER ROLE oc_... WITH NOSUPERUSER INHERIT NOCREATEROLE CREATEDB LOGIN NOREPLICATION NOBYPASSRLS PASSWORD 'md5...';"
|
||||
# restore roles
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \
|
||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password
|
||||
|
||||
restic -v -r ${RESTIC_REPOSITORY}/db restore latest --target test-stdin
|
||||
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password < test-stdin/stdin
|
||||
# restore db
|
||||
restic -v -r ${RESTIC_REPOSITORY}/pg-database dump latest stdin | \
|
||||
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||
--no-password
|
||||
|
||||
# files
|
||||
rm -rf /var/backups/*
|
||||
restic -v -r $RESTIC_REPOSITORY/files restore latest --target /var/backups/
|
||||
|
||||
# adjust trusted domains
|
||||
php /var/www/html/occ config:system:set trusted_domains 1 --value=cloud.test.meissa-gmbh.de
|
||||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
|
|
Loading…
Reference in a new issue