2023-04-23 22:11:24 +02:00
|
|
|
#!/bin/bash
|
|
|
|
# Backup script for Vaultwarden in a kubernetes cluster
|
|
|
|
|
|
|
|
BACKUP_DEST="/mnt/PRIVATE_DOCS/BACKUPS/vaultwarden"
|
2023-06-15 13:08:05 +02:00
|
|
|
PASSFILE="./vaultwarden_pass.txt"
|
|
|
|
|
|
|
|
BACKUP_FILENAME=vaultwarden-sqlbkp_`date +"%Y%m%d"`.bak
|
2023-04-23 22:11:24 +02:00
|
|
|
|
|
|
|
# Retrieve container names
|
|
|
|
base_container=$( docker ps --format "{{.Names}}" | grep vaultwarden_vaultwarden )
|
|
|
|
database_container=$( docker ps --format "{{.Names}}" | grep vaultwarden-postgresql_vaultwarden-postgresql )
|
|
|
|
|
|
|
|
# Abort entire script if any command fails
|
|
|
|
set -e
|
|
|
|
|
|
|
|
# Database backup
|
|
|
|
>&2 echo "Backing up database"
|
2023-06-15 13:08:05 +02:00
|
|
|
internal_backup="/tmp/${BACKUP_FILENAME}"
|
|
|
|
docker exec --env-file "${PASSFILE}" "${database_container}" pg_dump "vaultwarden" -cwv -h "localhost" -U "vaultwarden" -f "${internal_backup}"
|
|
|
|
docker cp "${database_container}":"${internal_backup}" "${BACKUP_DEST}"
|
2023-04-23 22:11:24 +02:00
|
|
|
|
|
|
|
# Files backup
|
|
|
|
files=("attachments" "sends" "config.json" "rsa_key.pem" "rsa_key.pub.pem")
|
|
|
|
for file in "${files[@]}"; do
|
|
|
|
>&2 echo "Copying ${file}"
|
|
|
|
docker cp -a "${base_container}":"/data/${file}" "${BACKUP_DEST}"
|
|
|
|
done
|
|
|
|
|
2023-06-15 13:08:05 +02:00
|
|
|
# Backup cleanup
|
|
|
|
# Only keep the 30 most recent backups => probably a month worth of backups, seems about right.
|
|
|
|
pushd "${BACKUP_DEST}"
|
|
|
|
rm $( ls -l |
|
|
|
|
grep sqlbkp | # Only cleanup database backups
|
|
|
|
sed -E 's/.*\s([a-z0-9_-]+\.bak)$/\1/' | # Take file part
|
|
|
|
head -n -30 ) # Keep 30 backups
|
|
|
|
popd
|
|
|
|
|
2023-04-23 22:11:24 +02:00
|
|
|
>&2 echo "Done"
|