function init-role-repo() { local command="restic -r ${RESTIC_REPOSITORY}/pg-role -v init" if [ -z ${CERTIFICATE_FILE} ]; then ${command} else ${command} --cacert ${CERTIFICATE_FILE} fi } function init-database-repo() { local command="restic -r ${RESTIC_REPOSITORY}/pg-database -v init" if [ -z ${CERTIFICATE_FILE} ]; then ${command} else ${command} --cacert ${CERTIFICATE_FILE} fi } function drop-create-db() { psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password -c "DROP DATABASE \"${POSTGRES_DB}\";" psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password -c "CREATE DATABASE \"${POSTGRES_DB}\";" } function create-pg-pass() { local pg_host=${POSTGRES_HOST:-localhost} echo "${pg_host}:${POSTGRES_DB}:${POSTGRES_USER}:${POSTGRES_PASSWORD}" > /root/.pgpass echo "${POSTGRES_HOST}:template1:${POSTGRES_USER}:${POSTGRES_PASSWORD}" >> /root/.pgpass chmod 0600 /root/.pgpass } function backup-roles() { local role_prefix="$1"; shift local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache" local command_pg_dump="pg_dumpall -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U${POSTGRES_USER} --no-password --roles-only | \ grep ${role_prefix} | \ restic -r ${RESTIC_REPOSITORY}/pg-role backup --stdin" local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-role forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" if [ -z ${CERTIFICATE_FILE} ]; then ${command_unlock} ${command_pg_dump} ${command_forget} else ${command_unlock} --cacert ${CERTIFICATE_FILE} ${command_pg_dump} --cacert ${CERTIFICATE_FILE} ${command_forget} --cacert ${CERTIFICATE_FILE} fi } function backup-db-dump() { local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache" local command_pg_dump="pg_dump -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} \ -U ${POSTGRES_USER} --no-password --serializable-deferrable | \ restic -r ${RESTIC_REPOSITORY}/pg-database backup --stdin" local command_forget="restic -v -r ${RESTIC_REPOSITORY}/pg-database forget --keep-last 1 --keep-within ${RESTIC_DAYS_TO_KEEP}d --prune" if [ -z ${CERTIFICATE_FILE} ]; then ${command_unlock} ${command_pg_dump} ${command_forget} else ${command_unlock} --cacert ${CERTIFICATE_FILE} ${command_pg_dump} --cacert ${CERTIFICATE_FILE} ${command_forget} --cacert ${CERTIFICATE_FILE} fi } function restore-roles() { local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-role unlock --cleanup-cache" local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg-role dump latest stdin | \ psql -d template1 -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password" if [ -z ${CERTIFICATE_FILE} ]; then ${command_unlock} ${command_pg-dump} else ${command_unlock} --cacert ${CERTIFICATE_FILE} ${command_pg_dump} --cacert ${CERTIFICATE_FILE} fi } function restore-db() { local command_unlock="restic -v -r ${RESTIC_REPOSITORY}/pg-database unlock --cleanup-cache" local command_pg_dump="restic -r ${RESTIC_REPOSITORY}/pg_database dump latest stdin | \ psql -d ${POSTGRES_DB} -h ${POSTGRES_SERVICE} -p ${POSTGRES_PORT} -U ${POSTGRES_USER} \ --no-password" if [ -z ${CERTIFICATE_FILE} ]; then ${command_unlock} ${command_pg_dump} else ${command_unlock} --cacert ${CERTIFICATE_FILE} ${command_pg_dump} --cacert ${CERTIFICATE_FILE} fi }