coop-cloud/limesurvey
coop-cloud/limesurvey
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update backup labels
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Simon 2024-11-26 18:10:24 +01:00
parent 8adf41f0b4
commit 0ae5b0136e
5 changed files with 49 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.drone.yml
View File

@ -21,6 +21,7 @@ steps:
SECRET_DB_PASSWORD_VERSION: v1
SECRET_DB_ROOT_PASSWORD_VERSION: v1
SECRET_LIMESURVEY_ADMIN_PASSWORD_VERSION: v1
PG_BACKUP_VERSION: v1
trigger:
branch:
- main

1
.env.sample
View File

@ -4,6 +4,7 @@ DOMAIN=limesurvey.example.com
## Domain aliases
#EXTRA_DOMAINS=', `www.limesurvey.example.com`'
ENABLE_BACKUPS=true
LETS_ENCRYPT_ENV=production

3
abra.sh
View File

@ -1 +1,2 @@
export ENTRYPOINT_VERSION=v1
export ENTRYPOINT_VERSION=v1
export PG_BACKUP_VERSION=v1

17
compose.yml
View File

@ -42,8 +42,6 @@ services:
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
- "coop-cloud.${STACK_NAME}.version=1.0.0+6.6.5-240924-apache"
- "backupbot.backup=true"
- "backupbot.backup.path=/var/www/html/upload/surveys,/var/www/html/application/config"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080"]
interval: 30s
@ -60,14 +58,18 @@ services:
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
secrets:
- db_password
configs:
- source: pg_backup
target: /pg_backup.sh
mode: 0555
volumes:
- postgres:/var/lib/postgresql/data
deploy:
labels:
backupbot.backup: "true"
backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql"
backupbot.backup.post-hook: "rm -rf /tmp/backup"
backupbot.backup.path: "/tmp/backup/"
backupbot.backup: "${ENABLE_BACKUPS:-true}"
backupbot.backup.pre-hook: "/pg_backup.sh backup"
backupbot.backup.volumes.database.path: "backup.sql"
backupbot.restore.post-hook: '/pg_backup.sh restore'
volumes:
app:
@ -83,6 +85,9 @@ configs:
entrypoint:
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
file: entrypoint.sh
pg_backup:
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
file: pg_backup.sh
secrets:
db_password:

34
pg_backup.sh Normal file
View File

@ -0,0 +1,34 @@
#!/bin/bash
set -e
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
function backup {
export PGPASSWORD=$(cat /run/secrets/db_password)
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
}
function restore {
cd /var/lib/postgresql/data/
restore_config(){
# Restore allowed connections
cat pg_hba.conf.bak > pg_hba.conf
su postgres -c 'pg_ctl reload'
}
# Don't allow any other connections than local
cp pg_hba.conf pg_hba.conf.bak
echo "local all all trust" > pg_hba.conf
su postgres -c 'pg_ctl reload'
trap restore_config EXIT INT TERM
# Recreate Database
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
trap - EXIT INT TERM
restore_config
}
$@