feat(id.tjo.space): simplify backup
This commit is contained in:
parent
76607ae199
commit
71b2aad2d5
SSH key fingerprint:
SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
4 changed files with 6 additions and 39 deletions
id.tjo.space
|
|
@ -28,18 +28,16 @@ echo "=== Prepare srv directories"
|
|||
mkdir -p /srv/authentik/{media,certs,custom-templates}
|
||||
chown -R 1200:1200 /srv/authentik
|
||||
|
||||
mkdir -p /srv/postgresql/data
|
||||
mkdir -p /srv/postgresql/{data,backups}
|
||||
|
||||
echo "=== Read Secrets"
|
||||
age -d -i /etc/age/key.txt id.tjo.space/secrets.env.encrypted >id.tjo.space/secrets.env
|
||||
set -a && source id.tjo.space/secrets.env && set +a
|
||||
|
||||
echo "=== Prepare Configurations"
|
||||
mkdir -p /etc/postgresql
|
||||
cat <<EOF >/etc/postgresql/secrets.env
|
||||
POSTGRES_PASSWORD=${POSTGRESQL_PASSWORD}
|
||||
EOF
|
||||
mkdir -p /etc/authentik
|
||||
cat <<EOF >/etc/authentik/secrets.env
|
||||
AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
|
||||
AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
|
||||
|
|
@ -51,12 +49,12 @@ systemctl restart caddy
|
|||
|
||||
echo "=== Setup Postgresql"
|
||||
systemctl restart postgresql
|
||||
systemctl start postgresql-backup.timer
|
||||
|
||||
echo "=== Setup Valkey"
|
||||
systemctl restart valkey
|
||||
|
||||
echo "=== Setup Authentik Server"
|
||||
|
||||
systemctl restart authentik-server
|
||||
|
||||
echo "=== Setup Authentik Worker"
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
Description=A Postgresql Container
|
||||
|
||||
[Container]
|
||||
# Make sure the postgres image/version matches the one in backup service.
|
||||
Image=docker.io/postgres:17.4
|
||||
Volume=/srv/postgresql/data:/var/lib/postgresql/data
|
||||
EnvironmentFile=/etc/postgresql/secrets.env
|
||||
|
|
|
|||
|
|
@ -7,3 +7,6 @@ ExecStart=/usr/local/bin/postgresql-backup.sh
|
|||
EnvironmentFile=/etc/postgresql/secrets.env
|
||||
EnvironmentFile=/etc/postgresql/postgresql.env
|
||||
Environment=BACKUP_DIR=/srv/postgresql/backups
|
||||
Environment=POSTGRES_HOST=systemd-postgresql
|
||||
ExecStartPre=/usr/bin/mkdir -p $BACKUP_DIR
|
||||
ExecStart=/usr/bin/podman run --rm --network systemd-main -v $BACKUP_DIR:/backups:z docker.io/library/postgres:17.4 pg_dumpall -U $POSTGRES_USER -h $POSTGRES_HOST -p $POSTGRES_PORT -f /backups/$(date +'%Y-%m-%d_%H-%M-%S').sql
|
||||
|
|
|
|||
|
|
@ -1,35 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
[ -z "${POSTGRES_USER}" ] && { echo "=> POSTGRES_USER cannot be empty" && exit 1; }
|
||||
[ -z "${POSTGRES_PASSWORD}" ] && { echo "=> POSTGRES_PASSWORD cannot be empty" && exit 1; }
|
||||
[ -z "${GZIP_LEVEL}" ] && { GZIP_LEVEL=6; }
|
||||
|
||||
DATE=$(date +%Y%m%d%H%M)
|
||||
echo "=> Backup started at $(date "+%Y-%m-%d %H:%M:%S")"
|
||||
|
||||
export PGHOST=${POSTGRES_HOST}
|
||||
export PGPORT=${POSTGRES_PORT}
|
||||
export PGUSER=${POSTGRES_USER}
|
||||
export PGPASSWORD=${POSTGRES_PASSWORD}
|
||||
|
||||
DATABASES=${POSTGRES_DATABASE:-${POSTGRES_DB:-$(psql "${POSTGRES_SSL_OPTS}" -t -c "SELECT datname FROM pg_database;")}}
|
||||
|
||||
for db in ${DATABASES}; do
|
||||
if [[ "$db" != "template1" ]] &&
|
||||
[[ "$db" != "template0" ]]; then
|
||||
|
||||
echo "==> Dumping database: $db"
|
||||
|
||||
FILENAME=${BACKUP_DIR}/$DATE.$db.sql
|
||||
|
||||
if pg_dump ${POSTGRESDUMP_OPTS} "${db}" >"${FILENAME}"; then
|
||||
if [ -z "${USE_PLAIN_SQL}" ]; then
|
||||
echo "==> Compressing $db with LEVEL $GZIP_LEVEL"
|
||||
gzip "-$GZIP_LEVEL" -f "$FILENAME"
|
||||
fi
|
||||
else
|
||||
rm -rf "$FILENAME"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
echo "=> Backup process finished at $(date "+%Y-%m-%d %H:%M:%S")"
|
||||
Loading…
Reference in a new issue