From 27dd971444f7f655e3a68536f79414685532c59d Mon Sep 17 00:00:00 2001 From: Moritz Date: Tue, 22 Oct 2024 21:42:57 +0200 Subject: [PATCH] update backupbot labels --- .env.sample | 3 ++- abra.sh | 1 + compose.yml | 20 +++++++++++++------- pg_backup.sh | 34 ++++++++++++++++++++++++++++++++++ 4 files changed, 50 insertions(+), 8 deletions(-) create mode 100644 pg_backup.sh diff --git a/.env.sample b/.env.sample index bb61f3f..4c65cee 100644 --- a/.env.sample +++ b/.env.sample @@ -1,6 +1,7 @@ TYPE=rallly TIMEOUT=300 ENABLE_AUTO_UPDATE=true +ENABLE_BACKUPS=true DOMAIN=rallly.example.com @@ -26,4 +27,4 @@ SMTP_USER=noreply@example.com #OIDC_NAME= #The user-facing name of your provider as it will be shown on the login page #OIDC_DISCOVERY_URL= #URL of the .well-known/openid-configuration endpoint for your OIDC provider #OIDC_CLIENT_ID= -#SECRET_OIDC_CLIENT_SECRET_VERSION=v1 \ No newline at end of file +#SECRET_OIDC_CLIENT_SECRET_VERSION=v1 diff --git a/abra.sh b/abra.sh index 20676c4..6754c89 100644 --- a/abra.sh +++ b/abra.sh @@ -1 +1,2 @@ export APP_ENTRYPOINT_VERSION=v3 +export PG_BACKUP_VERSION=v1 diff --git a/compose.yml b/compose.yml index c4f8b70..5d1c7ef 100644 --- a/compose.yml +++ b/compose.yml @@ -55,10 +55,11 @@ services: rallly_db: image: postgres:14.8 deploy: - labels: - backupbot.backup: "true" - backupbot.backup.pre-hook: "PGPASSWORD=$$(cat /run/secrets/db_password) pg_dump -U postgres $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql" - backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql" + labels: + backupbot.backup: "${ENABLE_BACKUPS:-true}" + backupbot.backup.pre-hook: "/pg_backup.sh backup" + backupbot.backup.volumes.db-data.path: "backup.sql" + backupbot.restore.post-hook: '/pg_backup.sh restore' volumes: - db-data:/var/lib/postgresql/data secrets: @@ -66,6 +67,7 @@ services: environment: - POSTGRES_PASSWORD_FILE=/run/secrets/db_password - POSTGRES_DB=db + - POSTGRES_USER=postgres healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 5s @@ -73,6 +75,10 @@ services: retries: 5 networks: - internal + configs: + - source: pg_backup + target: /pg_backup.sh + mode: 0555 secrets: db_password: @@ -91,9 +97,6 @@ networks: internal: volumes: - mongodb_log: - mongodb_lib: - mongodb: db-data: configs: @@ -101,3 +104,6 @@ configs: name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION} file: entrypoint.sh.tmpl template_driver: golang + pg_backup: + name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION} + file: pg_backup.sh diff --git a/pg_backup.sh b/pg_backup.sh new file mode 100644 index 0000000..e83074d --- /dev/null +++ b/pg_backup.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -e + +BACKUP_FILE='/var/lib/postgresql/data/backup.sql' + +function backup { + export PGPASSWORD=$(cat /run/secrets/db_password) + pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE +} + +function restore { + cd /var/lib/postgresql/data/ + restore_config(){ + # Restore allowed connections + cat pg_hba.conf.bak > pg_hba.conf + su postgres -c 'pg_ctl reload' + } + # Don't allow any other connections than local + cp pg_hba.conf pg_hba.conf.bak + echo "local all all trust" > pg_hba.conf + su postgres -c 'pg_ctl reload' + trap restore_config EXIT INT TERM + + # Recreate Database + psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" + createdb -U ${POSTGRES_USER} ${POSTGRES_DB} + psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE + + trap - EXIT INT TERM + restore_config +} + +$@