From 182a42ff1fe624b2573b98d02a22179dc0fed6b7 Mon Sep 17 00:00:00 2001
From: Moritz <moritz.m@local-it.org>
Date: Tue, 22 Oct 2024 15:18:37 +0200
Subject: [PATCH] update backupbot labels

---
 .env.sample          |  1 +
 abra.sh              |  1 +
 compose.mariadb.yml  |  7 +++----
 compose.postgres.yml | 16 ++++++++++++----
 compose.yml          |  6 ++++--
 pg_backup.sh         | 27 +++++++++++++++++++++++++++
 6 files changed, 48 insertions(+), 10 deletions(-)
 create mode 100644 pg_backup.sh

diff --git a/.env.sample b/.env.sample
index afebda8..7584539 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,6 +1,7 @@
 TYPE=nextcloud
 TIMEOUT=900
 ENABLE_AUTO_UPDATE=true
+ENABLE_BACKUPS=true
 
 DOMAIN=nextcloud.example.com
 ## Domain aliases
diff --git a/abra.sh b/abra.sh
index 3bd7207..1531f1c 100644
--- a/abra.sh
+++ b/abra.sh
@@ -5,6 +5,7 @@ export NGINX_CONF_VERSION=v7
 export MY_CNF_VERSION=v5
 export ENTRYPOINT_VERSION=v3
 export CRONTAB_VERSION=v1
+export PG_BACKUP_VERSION=v1
 
 run_occ() {
     su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
diff --git a/compose.mariadb.yml b/compose.mariadb.yml
index 13c5c26..f39aa1f 100644
--- a/compose.mariadb.yml
+++ b/compose.mariadb.yml
@@ -28,10 +28,9 @@ services:
       - internal
     deploy:
       labels:
-          backupbot.backup: "true"
-          backupbot.backup.pre-hook: 'mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /var/lib/mysql/backup.sql'
-          backupbot.backup.post-hook: "rm -rf /var/lib/mysql/backup.sql"
-          backupbot.backup.path: "/var/lib/mysql/backup.sql"
+        backupbot.backup.pre-hook: 'mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /var/lib/mysql/backup.sql'
+        backupbot.backup.volumes.mariadb.path: "backup.sql"
+        backupbot.restore.post-hook: 'mysql -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud < /var/lib/mysql/backup.sql'
     healthcheck:
       test: ["CMD-SHELL", 'mysqladmin -p"$$(cat /run/secrets/db_root_password)"  ping']
       interval: 30s
diff --git a/compose.postgres.yml b/compose.postgres.yml
index 7709a35..6416aad 100644
--- a/compose.postgres.yml
+++ b/compose.postgres.yml
@@ -29,10 +29,18 @@ services:
       retries: 5
     deploy:
       labels:
-            backupbot.backup: "true"
-            backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
-            backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql"
-            backupbot.backup.path: "/var/lib/postgresql/data/"
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
+        backupbot.backup.volumes.postgres.path: "backup.sql"
+        backupbot.restore.post-hook: '/pg_backup.sh restore'
+    configs:
+        - source: pg_backup
+          target: /pg_backup.sh
+          mode: 0555
 
 volumes:
   postgres:
+
+configs:
+  pg_backup:
+    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
+    file: pg_backup.sh
diff --git a/compose.yml b/compose.yml
index 225ec39..3f4fef0 100644
--- a/compose.yml
+++ b/compose.yml
@@ -93,8 +93,10 @@ services:
       labels:
         - "coop-cloud.${STACK_NAME}.version=9.1.2+29.0.5-fpm"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
-        - "backupbot.backup=true"
-        - "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"
+        - "backupbot.backup=${ENABLE_BACKUPS:-true}"
+        - "backupbot.backup.volumes.redis=false"
+       #- "backupbot.backup.volumes.nextcloud=false"
+
     healthcheck:
       test: ["CMD-SHELL", 'SCRIPT_NAME=status SCRIPT_FILENAME=/var/www/html/status.php REQUEST_METHOD=GET cgi-fcgi -bind -connect 127.0.0.1:9000 | grep "installed\":true"']
       interval: 30s
diff --git a/pg_backup.sh b/pg_backup.sh
new file mode 100644
index 0000000..f58d8ec
--- /dev/null
+++ b/pg_backup.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -e
+
+BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
+
+function backup {
+  export PGPASSWORD=$(cat /run/secrets/db_password)
+  pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
+}
+
+function restore {
+    cd /var/lib/postgresql/data/
+    # Don't allow any other connections than local
+    cp pg_hba.conf pg_hba.conf.bak
+    echo "local all all trust" > pg_hba.conf
+    su postgres -c 'pg_ctl reload'
+    # Recreate Database
+    psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" 
+    createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
+    psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
+    # Restore allowed connections
+    cat pg_hba.conf.bak > pg_hba.conf
+    su postgres -c 'pg_ctl reload'
+}
+
+$@