From 3a06d0d9a06feb1e0a67fb1b59ad7123897a904c Mon Sep 17 00:00:00 2001 From: Moritz Date: Thu, 24 Oct 2024 14:50:18 +0200 Subject: [PATCH] update backupbot label --- .drone.yml | 1 + .env.sample | 2 ++ abra.sh | 1 + compose.local.yml | 4 ---- compose.yml | 14 ++++++++++---- pg_backup.sh | 34 ++++++++++++++++++++++++++++++++++ 6 files changed, 48 insertions(+), 8 deletions(-) create mode 100644 pg_backup.sh diff --git a/.drone.yml b/.drone.yml index f20e7b2..9e168c1 100644 --- a/.drone.yml +++ b/.drone.yml @@ -19,6 +19,7 @@ steps: LETS_ENCRYPT_ENV: production APP_ENTRYPOINT_VERSION: v1 DB_ENTRYPOINT_VERSION: v1 + PG_BACKUP_VERSION: v1 SECRET_DB_PASSWORD_VERSION: v1 SECRET_SECRET_KEY_VERSION: v1 # length=64 SECRET_UTILS_SECRET_VERSION: v1 # length=64 diff --git a/.env.sample b/.env.sample index 310deeb..894b67a 100644 --- a/.env.sample +++ b/.env.sample @@ -8,6 +8,8 @@ DOMAIN=outline.example.com #EXTRA_DOMAINS=', `www.outline.example.com`' LETS_ENCRYPT_ENV=production +ENABLE_BACKUPS=true + COMPOSE_FILE="compose.yml" # –––––––––––––––– REQUIRED –––––––––––––––– diff --git a/abra.sh b/abra.sh index 18d2b77..642fb2d 100644 --- a/abra.sh +++ b/abra.sh @@ -1,5 +1,6 @@ export APP_ENTRYPOINT_VERSION=v9 export DB_ENTRYPOINT_VERSION=v2 +export PG_BACKUP_VERSION=v1 create_email_user() { if [ -z "$1" ]; then diff --git a/compose.local.yml b/compose.local.yml index 4190b93..838fd5b 100644 --- a/compose.local.yml +++ b/compose.local.yml @@ -8,10 +8,6 @@ services: environment: - FILE_STORAGE - FILE_STORAGE_UPLOAD_MAX_SIZE - deploy: - labels: - backupbot.backup: "true" - backupbot.backup.path: "/var/lib/outline/data/" volumes: storage-data: diff --git a/compose.yml b/compose.yml index d4f1be8..31785f0 100644 --- a/compose.yml +++ b/compose.yml @@ -55,6 +55,9 @@ services: - source: db_entrypoint target: /docker-entrypoint.sh mode: 0555 + - source: pg_backup + target: /pg_backup.sh + mode: 0555 environment: POSTGRES_DB: outline POSTGRES_PASSWORD_FILE: /run/secrets/db_password @@ -64,10 +67,10 @@ services: entrypoint: /docker-entrypoint.sh deploy: labels: - backupbot.backup: "true" - backupbot.backup.path: "/var/lib/postgresql/data/dump.sql.gz" - backupbot.backup.post-hook: "rm -f /var/lib/postgresql/data/dump.sql.gz" - backupbot.backup.pre-hook: "sh -c 'PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U outline outline | gzip > /var/lib/postgresql/data/dump.sql.gz'" + backupbot.backup: "${ENABLE_BACKUPS:-true}" + backupbot.backup.pre-hook: "/pg_backup.sh backup" + backupbot.backup.volumes.postgres_data.path: "backup.sql" + backupbot.restore.post-hook: '/pg_backup.sh restore' secrets: secret_key: @@ -97,3 +100,6 @@ configs: name: ${STACK_NAME}_db_entrypoint_${DB_ENTRYPOINT_VERSION} file: entrypoint.postgres.sh.tmpl template_driver: golang + pg_backup: + name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION} + file: pg_backup.sh diff --git a/pg_backup.sh b/pg_backup.sh new file mode 100644 index 0000000..4029803 --- /dev/null +++ b/pg_backup.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -e + +BACKUP_FILE='/var/lib/postgresql/data/backup.sql' + +function backup { + export PGPASSWORD=$(cat $POSTGRES_PASSWORD_FILE) + pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE +} + +function restore { + cd /var/lib/postgresql/data/ + restore_config(){ + # Restore allowed connections + cat pg_hba.conf.bak > pg_hba.conf + su postgres -c 'pg_ctl reload' + } + # Don't allow any other connections than local + cp pg_hba.conf pg_hba.conf.bak + echo "local all all trust" > pg_hba.conf + su postgres -c 'pg_ctl reload' + trap restore_config EXIT INT TERM + + # Recreate Database + psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" + createdb -U ${POSTGRES_USER} ${POSTGRES_DB} + psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE + + trap - EXIT INT TERM + restore_config +} + +$@