diff --git a/infrastructure/docker/image/resources/file-functions.sh b/infrastructure/docker/image/resources/file-functions.sh index a02b190..876be91 100644 --- a/infrastructure/docker/image/resources/file-functions.sh +++ b/infrastructure/docker/image/resources/file-functions.sh @@ -1,13 +1,11 @@ #! /bin/bash function init-file-repo() { - local command="restic -r ${RESTIC_REPOSITORY}/files -v init" - if [ -z ${CERTIFICATE_FILE} ]; then - ${command} + restic -r ${RESTIC_REPOSITORY}/files -v init else - ${command} --cacert ${CERTIFICATE_FILE} + restic -r ${RESTIC_REPOSITORY}/files -v init --cacert ${CERTIFICATE_FILE} fi } @@ -15,39 +13,31 @@ function init-file-repo() { function backup-directory() { local directory="$1"; shift - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache" - local command_backup="cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup ." - local command_forget="restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" - if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_backup} - ${command_forget} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . + restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_backup} --cacert ${CERTIFICATE_FILE} - ${command_forget} --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune --cacert ${CERTIFICATE_FILE} fi } # First arg is the directory, the remaining args are the sub-directories (relative to the first directory) to backup. function backup-fs-from-directory() { local directory="$1"; shift - - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache" - local command_backup="cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@" - local command_forget="restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_backup} - ${command_forget} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ + restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_backup} --cacert ${CERTIFICATE_FILE} - ${command_forget} --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} + cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune --cacert ${CERTIFICATE_FILE} fi } @@ -55,18 +45,15 @@ function backup-fs-from-directory() { function restore-directory() { local directory="$1"; shift - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache" - local command_restore="restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory}" - if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache rm -rf ${directory}* - ${command_restore} + restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} else - ${command_unlock} --cacert ${CERTIFICATE_FILE} + restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE} rm -rf ${directory}* - ${command_restore} --cacert ${CERTIFICATE_FILE} + restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} --cacert ${CERTIFICATE_FILE} fi } \ No newline at end of file diff --git a/infrastructure/docker/image/resources/pg-functions.sh b/infrastructure/docker/image/resources/pg-functions.sh index 87209f2..53242dc 100644 --- a/infrastructure/docker/image/resources/pg-functions.sh +++ b/infrastructure/docker/image/resources/pg-functions.sh @@ -1,24 +1,29 @@ -function init-role-repo() { +function init-command() { + restic -r ${RESTIC_REPOSITORY}/pg-role -v init $@ +} - local command="restic -r ${RESTIC_REPOSITORY}/pg-role -v init" +function init-role-repo() { if [ -z ${CERTIFICATE_FILE} ]; then - ${command} + init-command else - ${command} --cacert ${CERTIFICATE_FILE} + init-command --cacert ${CERTIFICATE_FILE} fi } +function init-database-command() { + restic -r ${RESTIC_REPOSITORY}/pg-database -v init $@ +} + function init-database-repo() { - local command="restic -r ${RESTIC_REPOSITORY}/pg-database -v init" if [ -z ${CERTIFICATE_FILE} ]; then - ${command} + init-database-command else - ${command} --cacert ${CERTIFICATE_FILE} + init-database-command --cacert ${CERTIFICATE_FILE} fi } @@ -37,74 +42,84 @@ function create-pg-pass() { chmod 0600 /root/.pgpass } +function roles-unlock-command() { + restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache $@ +} + +function roles-forget-command() { + restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune $@ +} + function backup-roles() { local role_prefix="$1"; shift - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache" - local command_pg_dump="pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ - grep ${role_prefix} | \ - restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin" - local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" - if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_pg_dump} - ${command_forget} + roles-unlock-command + pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ + grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin + roles-forget-command else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_pg_dump} --cacert ${CERTIFICATE_FILE} - ${command_forget} --cacert ${CERTIFICATE_FILE} + roles-unlock-command --cacert ${CERTIFICATE_FILE} + pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ + grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin --cacert ${CERTIFICATE_FILE} + roles-forget-command --cacert ${CERTIFICATE_FILE} fi } +function db-unlock-command() { + restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache $@ +} + +function db-forget-command() { + restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune $@ +} + function backup-db-dump() { - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache" - local command_pg_dump="pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ - -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ - restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin" - local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_pg_dump} - ${command_forget} + db-unlock-command + pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ + -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ + restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin + db-forget-command else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_pg_dump} --cacert ${CERTIFICATE_FILE} - ${command_forget} --cacert ${CERTIFICATE_FILE} + db-unlock-command --cacert ${CERTIFICATE_FILE} + pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ + -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ + restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin --cacert ${CERTIFICATE_FILE} + db-forget-command --cacert ${CERTIFICATE_FILE} fi } function restore-roles() { - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache" - local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ - psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ - --no-password" if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_pg-dump} + roles-unlock-command + restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ + psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ + --no-password else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_pg_dump} --cacert ${CERTIFICATE_FILE} + roles-unlock-command --cacert ${CERTIFICATE_FILE} + restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ + psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ + --no-password --cacert ${CERTIFICATE_FILE} fi } function restore-db() { - local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache" - local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \ - psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ - --no-password" - if [ -z ${CERTIFICATE_FILE} ]; then - ${command_unlock} - ${command_pg_dump} + db-unlock-command + restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \ + psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ + --no-password else - ${command_unlock} --cacert ${CERTIFICATE_FILE} - ${command_pg_dump} --cacert ${CERTIFICATE_FILE} + db-unlock-command --cacert ${CERTIFICATE_FILE} + restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \ + psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ + --no-password --cacert ${CERTIFICATE_FILE} fi } \ No newline at end of file