[Unit]
Description=Backup PostgreSQL databases

[Service]
Delegate=yes
Type=notify
NotifyAccess=all
SyslogIdentifier=%N
Environment=PODMAN_SYSTEMD_UNIT=%n
KillMode=mixed

EnvironmentFile=/etc/postgresql/secrets.env
EnvironmentFile=/etc/postgresql/postgresql.env
Environment=BACKUP_DIR=/srv/postgresql/backups
Environment=POSTGRES_HOST=systemd-postgresql

ExecStartPre=/usr/bin/systemd stop authentik-server authentik-worker
ExecStartPre=/usr/bin/mkdir -p $BACKUP_DIR

ExecStart=/usr/bin/podman run --name=systemd-%N --cidfile=%t/%N.cid --cgroups=split --sdnotify=conmon --detach --replace --rm --network systemd-main -v ${BACKUP_DIR}:/backups -e PGPASSWORD=${POSTGRES_PASSWORD} docker.io/library/postgres:17.4 pg_dump --username=${POSTGRES_USER} --host=${POSTGRES_HOST} --format=custom --file=/backups/${CURRENT_DATETIME}.sql ${POSTGRES_DB}

ExecStop=/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
ExecStopPost=-/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
ExecStopPost=/usr/bin/systemd start authentik-server authentik-worker