From 91942568352125e394125a2e956308e8b8e88cab Mon Sep 17 00:00:00 2001
From: Moritz <moritz.m@local-it.org>
Date: Thu, 24 Oct 2024 13:18:54 +0200
Subject: [PATCH] update backupbot label

---
 .env.sample  |  1 +
 abra.sh      |  1 +
 compose.yml  | 17 +++++++++++------
 pg_backup.sh | 34 ++++++++++++++++++++++++++++++++++
 4 files changed, 47 insertions(+), 6 deletions(-)
 create mode 100644 pg_backup.sh

diff --git a/.env.sample b/.env.sample
index d232c47..c6ba74f 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,6 +1,7 @@
 TYPE=hedgedoc
 TIMEOUT=300
 ENABLE_AUTO_UPDATE=true
+ENABLE_BACKUPS=true
 
 DOMAIN=hedgedoc.example.com
 ## Domain aliases
diff --git a/abra.sh b/abra.sh
index ab5889e..d5adac0 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1 +1,2 @@
 export ENTRYPOINT_CONF_VERSION=v9
+export PG_BACKUP_VERSION=v1
diff --git a/compose.yml b/compose.yml
index 5d670dc..f911958 100644
--- a/compose.yml
+++ b/compose.yml
@@ -78,18 +78,20 @@ services:
       - internal
     deploy:
       labels:
-        backupbot.backup: "true"
-        backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
-        backupbot.backup.post-hook: "rm -f /var/lib/postgresql/data/backup.sql"
-        backupbot.backup.path: "/var/lib/postgresql/data/backup.sql"
-        backupbot.restore: "true"
-        backupbot.restore.post-hook: "sh -c 'psql -U $${POSTGRES_USER} -d $${POSTGRES_DB} < /var/lib/postgresql/data/backup.sql && rm -f /var/lib/postgresql/data/backup.sql'"
+        backupbot.backup: "${ENABLE_BACKUPS:-true}"
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
+        backupbot.backup.volumes.postgres.path: "backup.sql"
+        backupbot.restore.post-hook: '/pg_backup.sh restore'
     healthcheck:
       test: "pg_isready"
       interval: 30s
       timeout: 10s
       retries: 5
       start_period: 1m
+    configs:
+        - source: pg_backup
+          target: /pg_backup.sh
+          mode: 0555
 
 volumes:
   postgres:
@@ -111,3 +113,6 @@ configs:
     name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
+  pg_backup:
+    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
+    file: pg_backup.sh
diff --git a/pg_backup.sh b/pg_backup.sh
new file mode 100644
index 0000000..e83074d
--- /dev/null
+++ b/pg_backup.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+set -e
+
+BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
+
+function backup {
+  export PGPASSWORD=$(cat /run/secrets/db_password)
+  pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
+}
+
+function restore {
+    cd /var/lib/postgresql/data/
+    restore_config(){
+        # Restore allowed connections
+        cat pg_hba.conf.bak > pg_hba.conf
+        su postgres -c 'pg_ctl reload'
+    }
+    # Don't allow any other connections than local
+    cp pg_hba.conf pg_hba.conf.bak
+    echo "local all all trust" > pg_hba.conf
+    su postgres -c 'pg_ctl reload'
+    trap restore_config EXIT INT TERM
+
+    # Recreate Database
+    psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" 
+    createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
+    psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
+
+    trap - EXIT INT TERM
+    restore_config
+}
+
+$@