fixed all the functions using local certificate
This commit is contained in:
parent
3ff373498b
commit
e682e0fcc6
2 changed files with 80 additions and 78 deletions
|
@ -1,13 +1,11 @@
|
||||||
#! /bin/bash
|
#! /bin/bash
|
||||||
|
|
||||||
function init-file-repo() {
|
function init-file-repo() {
|
||||||
local command="restic -r ${RESTIC_REPOSITORY}/files -v init"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command}
|
restic -r ${RESTIC_REPOSITORY}/files -v init
|
||||||
else
|
else
|
||||||
${command} --cacert ${CERTIFICATE_FILE}
|
restic -r ${RESTIC_REPOSITORY}/files -v init --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -15,19 +13,15 @@ function init-file-repo() {
|
||||||
function backup-directory() {
|
function backup-directory() {
|
||||||
local directory="$1"; shift
|
local directory="$1"; shift
|
||||||
|
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache"
|
|
||||||
local command_backup="cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup ."
|
|
||||||
local command_forget="restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache
|
||||||
${command_backup}
|
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup .
|
||||||
${command_forget}
|
restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
|
||||||
${command_backup} --cacert ${CERTIFICATE_FILE}
|
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup . --cacert ${CERTIFICATE_FILE}
|
||||||
${command_forget} --cacert ${CERTIFICATE_FILE}
|
restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -35,19 +29,15 @@ function backup-directory() {
|
||||||
function backup-fs-from-directory() {
|
function backup-fs-from-directory() {
|
||||||
local directory="$1"; shift
|
local directory="$1"; shift
|
||||||
|
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache"
|
|
||||||
local command_backup="cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@"
|
|
||||||
local command_forget="restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache
|
||||||
${command_backup}
|
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@
|
||||||
${command_forget}
|
restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
|
||||||
${command_backup} --cacert ${CERTIFICATE_FILE}
|
cd ${directory} && restic -v -r ${RESTIC_REPOSITORY}/files backup $@ --cacert ${CERTIFICATE_FILE}
|
||||||
${command_forget} --cacert ${CERTIFICATE_FILE}
|
restic -v -r ${RESTIC_REPOSITORY}/files forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -55,18 +45,15 @@ function backup-fs-from-directory() {
|
||||||
function restore-directory() {
|
function restore-directory() {
|
||||||
local directory="$1"; shift
|
local directory="$1"; shift
|
||||||
|
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache"
|
|
||||||
local command_restore="restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory}"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache
|
||||||
rm -rf ${directory}*
|
rm -rf ${directory}*
|
||||||
${command_restore}
|
restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory}
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
restic -v -r ${RESTIC_REPOSITORY}/files unlock --cleanup-cache --cacert ${CERTIFICATE_FILE}
|
||||||
rm -rf ${directory}*
|
rm -rf ${directory}*
|
||||||
${command_restore} --cacert ${CERTIFICATE_FILE}
|
restic -v -r $RESTIC_REPOSITORY/files restore latest --target ${directory} --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
|
@ -1,24 +1,29 @@
|
||||||
function init-role-repo() {
|
function init-command() {
|
||||||
|
restic -r ${RESTIC_REPOSITORY}/pg-role -v init $@
|
||||||
|
}
|
||||||
|
|
||||||
local command="restic -r ${RESTIC_REPOSITORY}/pg-role -v init"
|
function init-role-repo() {
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command}
|
init-command
|
||||||
else
|
else
|
||||||
${command} --cacert ${CERTIFICATE_FILE}
|
init-command --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function init-database-command() {
|
||||||
|
restic -r ${RESTIC_REPOSITORY}/pg-database -v init $@
|
||||||
|
}
|
||||||
|
|
||||||
function init-database-repo() {
|
function init-database-repo() {
|
||||||
local command="restic -r ${RESTIC_REPOSITORY}/pg-database -v init"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command}
|
init-database-command
|
||||||
else
|
else
|
||||||
${command} --cacert ${CERTIFICATE_FILE}
|
init-database-command --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -37,74 +42,84 @@ function create-pg-pass() {
|
||||||
chmod 0600 /root/.pgpass
|
chmod 0600 /root/.pgpass
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function roles-unlock-command() {
|
||||||
|
restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache $@
|
||||||
|
}
|
||||||
|
|
||||||
|
function roles-forget-command() {
|
||||||
|
restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune $@
|
||||||
|
}
|
||||||
|
|
||||||
function backup-roles() {
|
function backup-roles() {
|
||||||
local role_prefix="$1"; shift
|
local role_prefix="$1"; shift
|
||||||
|
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache"
|
|
||||||
local command_pg_dump="pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \
|
|
||||||
grep ${role_prefix} | \
|
|
||||||
restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin"
|
|
||||||
local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
roles-unlock-command
|
||||||
${command_pg_dump}
|
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \
|
||||||
${command_forget}
|
grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin
|
||||||
|
roles-forget-command
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
roles-unlock-command --cacert ${CERTIFICATE_FILE}
|
||||||
${command_pg_dump} --cacert ${CERTIFICATE_FILE}
|
pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \
|
||||||
${command_forget} --cacert ${CERTIFICATE_FILE}
|
grep ${role_prefix} | restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin --cacert ${CERTIFICATE_FILE}
|
||||||
|
roles-forget-command --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function db-unlock-command() {
|
||||||
|
restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache $@
|
||||||
|
}
|
||||||
|
|
||||||
|
function db-forget-command() {
|
||||||
|
restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune $@
|
||||||
|
}
|
||||||
|
|
||||||
function backup-db-dump() {
|
function backup-db-dump() {
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache"
|
|
||||||
local command_pg_dump="pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
|
||||||
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \
|
|
||||||
restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin"
|
|
||||||
local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
db-unlock-command
|
||||||
${command_pg_dump}
|
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
||||||
${command_forget}
|
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \
|
||||||
|
restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin
|
||||||
|
db-forget-command
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
db-unlock-command --cacert ${CERTIFICATE_FILE}
|
||||||
${command_pg_dump} --cacert ${CERTIFICATE_FILE}
|
pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \
|
||||||
${command_forget} --cacert ${CERTIFICATE_FILE}
|
-U ${POSTGRES_USER} --no-password --serializable-deferrable | \
|
||||||
|
restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin --cacert ${CERTIFICATE_FILE}
|
||||||
|
db-forget-command --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function restore-roles() {
|
function restore-roles() {
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache"
|
|
||||||
local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \
|
|
||||||
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
|
||||||
--no-password"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
roles-unlock-command
|
||||||
${command_pg-dump}
|
restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \
|
||||||
|
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||||
|
--no-password
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
roles-unlock-command --cacert ${CERTIFICATE_FILE}
|
||||||
${command_pg_dump} --cacert ${CERTIFICATE_FILE}
|
restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \
|
||||||
|
psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||||
|
--no-password --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function restore-db() {
|
function restore-db() {
|
||||||
local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache"
|
|
||||||
local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \
|
|
||||||
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
|
||||||
--no-password"
|
|
||||||
|
|
||||||
if [ -z ${CERTIFICATE_FILE} ];
|
if [ -z ${CERTIFICATE_FILE} ];
|
||||||
then
|
then
|
||||||
${command_unlock}
|
db-unlock-command
|
||||||
${command_pg_dump}
|
restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \
|
||||||
|
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||||
|
--no-password
|
||||||
else
|
else
|
||||||
${command_unlock} --cacert ${CERTIFICATE_FILE}
|
db-unlock-command --cacert ${CERTIFICATE_FILE}
|
||||||
${command_pg_dump} --cacert ${CERTIFICATE_FILE}
|
restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \
|
||||||
|
psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \
|
||||||
|
--no-password --cacert ${CERTIFICATE_FILE}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
Loading…
Reference in a new issue