Compare commits
3 commits
33a826dde5
...
3bca11c043
Author | SHA1 | Date | |
---|---|---|---|
3bca11c043 | |||
06ecaec729 | |||
c7ad95cd1f |
7 changed files with 595 additions and 17 deletions
80
scripts/gitea/backup-database-k3s.sh
Executable file
80
scripts/gitea/backup-database-k3s.sh
Executable file
|
@ -0,0 +1,80 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup Gitea database in a Kubernetes environment
|
||||||
|
# Usage: backup-database [OPTIONS] <destination>
|
||||||
|
|
||||||
|
# `gitea dump` is a mess that we should not touch. We write our own backup scripts instead.
|
||||||
|
#
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <destination>\n" "${0}"
|
||||||
|
>&2 printf "Options:\n"
|
||||||
|
>&2 printf "\t-e \t Specify the environment file to use\n"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
if ! [ -f "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file does not exist: '%s'.\n" "${OPTARG}"
|
||||||
|
elif ! [ -r "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file is not readable: '%s'.\n" "${OPTARG}"
|
||||||
|
fi
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments.
|
||||||
|
|
||||||
|
if [ $# -ne 1 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${1}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${1}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
destination="${1}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Retrieve container names
|
||||||
|
base_container="$( docker ps --format '{{.Names}}' | grep -E 'gitea_gitea-[0-9a-z]{10}-[0-9a-z]{5}' )"
|
||||||
|
database_container="$( docker ps --format '{{.Names}}' | grep 'postgres_gitea-cnpg-main-1' )"
|
||||||
|
|
||||||
|
if ! [[ -n "${base_container}" && -n "${database_container}" ]]; then
|
||||||
|
>&2 printf "Error: Not all containers could be found.\n"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Enable maintenance mode
|
||||||
|
# Flush queues
|
||||||
|
docker exec "${base_container}" gitea manager flush-queues
|
||||||
|
# TODO Pause queues
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
|
||||||
|
# Filename for database backup.
|
||||||
|
database_backupfile="gitea-sqlbkp_$( date +'%Y%m%d' ).bak"
|
||||||
|
host_database_backupfile="${destination}/${database_backupfile}"
|
||||||
|
|
||||||
|
# Backup the database
|
||||||
|
>&2 echo 'Backing up database'
|
||||||
|
docker exec --env-file "${env_file:=.env}" "${database_container}" pg_dump 'gitea' -cwv -h 'localhost' -U 'gitea' > "${host_database_backupfile}"
|
||||||
|
|
||||||
|
# Disable maintenance mode
|
||||||
|
# TODO Continue queues
|
||||||
|
|
||||||
|
# Double check
|
||||||
|
# gitea doctor --all --log-file /tmp/doctor.log
|
||||||
|
# TODO
|
||||||
|
|
||||||
|
printf "Done.\n"
|
117
scripts/gitea/backup-database-ssh.sh
Executable file
117
scripts/gitea/backup-database-ssh.sh
Executable file
|
@ -0,0 +1,117 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup a remote Gitea database running in docker using ssh
|
||||||
|
# Usage: backup-database [OPTIONS] <remote> <destination>
|
||||||
|
|
||||||
|
# `gitea dump` is a mess that we should not touch. We write our own backup scripts instead.
|
||||||
|
#
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <remote host> <destination>\n" "${0}"
|
||||||
|
>&2 printf "It is assumed that the machine has passwordless access to the remote host.\n\n"
|
||||||
|
>&2 printf "Options:\n"
|
||||||
|
>&2 printf "\t-e \t Specify the environment file to use\n"
|
||||||
|
>&2 printf "\t-h \t Show this message\n"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:h" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
h)
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments.
|
||||||
|
|
||||||
|
if [ $# -ne 2 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination and a remote host.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${2}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${2}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
remote="${1}"
|
||||||
|
local_destination="${2}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Test if environment file on remote exists.
|
||||||
|
if ! ssh "${remote}" "test -f '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file does not exist: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf " Consider using the option '-e' to specify the correct environment file.\n"
|
||||||
|
>&2 printf "Debug: PWD: '%s'.\n" "$(ssh "${remote}" 'pwd')"
|
||||||
|
usage 2
|
||||||
|
elif ! ssh "${remote}" "test -r '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file is not readable: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf " Make sure the user you are using connect as has access to the file.\n"
|
||||||
|
usage 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
backupfile="nextcloud_$( date +'%Y%m%d' ).tar.gz"
|
||||||
|
|
||||||
|
# Check if the script would override existing files.
|
||||||
|
if [ -e "${local_destination}/${backupfile}" ]; then
|
||||||
|
>&2 printf "Warning: The backup file '%s' already exists. Not overwriting.\n" "${local_destination}/${backupfile}"
|
||||||
|
|
||||||
|
while [[ -e "${local_destination}/${backupfile}" ]]; do
|
||||||
|
backupfile="${backupfile%.tar.gz}_bis${counter:=1}.tar.gz"
|
||||||
|
((counter++))
|
||||||
|
done
|
||||||
|
|
||||||
|
>&2 printf "Warning: Using '%s' as a safe alternative backup file.\n" "${local_destination}/${backupfile}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
|
||||||
|
# Retrieve container names
|
||||||
|
base_container='gitea'
|
||||||
|
database_container='gitea-db'
|
||||||
|
|
||||||
|
# Create a temporary destination on remote host.
|
||||||
|
remote_destination="$( ssh "${remote}" 'mktemp -d' )"
|
||||||
|
printf "Debug: Using '%s' as a remote temporary directory.\n" "${remote_destination}"
|
||||||
|
|
||||||
|
# Filename for database backup.
|
||||||
|
database_backupfile="sqlbkp.bak"
|
||||||
|
remote_database_backupfile="${remote_destination}/${database_backupfile}"
|
||||||
|
|
||||||
|
# Enable maintenance mode
|
||||||
|
# Flush queues
|
||||||
|
ssh "${remote}" "docker exec '${base_container}' gitea manager flush-queues"
|
||||||
|
# TODO Pause queues
|
||||||
|
|
||||||
|
# Create backup file in docker container
|
||||||
|
echo 'Info: Backing up database'
|
||||||
|
ssh "${remote}" "docker exec --env-file '${env_file}' '${database_container}' pg_dump 'gitea' -cwv -U 'gitea' -h 'localhost' > '${remote_database_backupfile}'"
|
||||||
|
# Restore using:
|
||||||
|
# psql -U gitea -h localhost -d gitea -f "path/to/file"
|
||||||
|
|
||||||
|
# Disable maintenance mode
|
||||||
|
# TODO Continue queues
|
||||||
|
|
||||||
|
# Double check
|
||||||
|
# gitea doctor --all --log-file /tmp/doctor.log
|
||||||
|
# TODO
|
||||||
|
|
||||||
|
# Copy everything over to local machine.
|
||||||
|
echo 'Info: Copying to local machine.'
|
||||||
|
ssh "${remote}" "tar -czf '${remote_destination}/${backupfile}' --exclude=${backupfile} ${remote_destination}"
|
||||||
|
scp "${remote}:${remote_destination}/${backupfile}" "${local_destination}"
|
||||||
|
|
||||||
|
# Remove temporary destination on remote host.
|
||||||
|
printf "Debug: Cleaning up '%s' on %s.\n" "${remote_destination}" "${remote}"
|
||||||
|
ssh "${remote}" "rm -rf ${remote_destination}"
|
||||||
|
|
||||||
|
echo 'Done'
|
79
scripts/nextcloud/backup-database-k3s.sh
Executable file
79
scripts/nextcloud/backup-database-k3s.sh
Executable file
|
@ -0,0 +1,79 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup Nextcloud database in a Kubernetes environment.
|
||||||
|
# Usage: backup-database <destination>
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <destination>\n" "${0}"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
if ! [ -f "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file does not exist: '%s'.\n" "${OPTARG}"
|
||||||
|
elif ! [ -r "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file is not readable: '%s'.\n" "${OPTARG}"
|
||||||
|
fi
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments.
|
||||||
|
|
||||||
|
if [ $# -ne 1 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${1}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${1}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
destination="${1}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Filename for database backup
|
||||||
|
database_backupfile="nextcloud-sqlbkp_$(date +'%Y%m%d').bak"
|
||||||
|
|
||||||
|
# Retrieve container names
|
||||||
|
base_container="$( docker ps --format '{{.Names}}' | grep -E 'nextcloud-2_nextcloud-2-[0-9a-z]{10}-[0-9a-z]{5}' )"
|
||||||
|
database_container="$( docker ps --format '{{.Names}}' | grep postgres_nextcloud-2-cnpg-main-1 )"
|
||||||
|
|
||||||
|
if ! [[ -n "${base_container}" && -n "${database_container}" ]]; then
|
||||||
|
>&2 printf "Error: Not all containers could be found.\n"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Turn on maintenance mode
|
||||||
|
docker exec "${base_container}" php occ maintenance:mode --on
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
echo 'Backing up database'
|
||||||
|
host_database_backupfile="${destination}/${database_backupfile}"
|
||||||
|
docker exec --env-file "${env_file:=.env}" "${database_container}" pg_dump 'nextcloud' -cwv -h 'localhost' -U 'nextcloud' > "${host_database_backupfile}"
|
||||||
|
|
||||||
|
# Files backup
|
||||||
|
for file in 'config' 'themes'; do
|
||||||
|
printf "Copying %s\n" "${file}"
|
||||||
|
docker cp -a "${base_container}":"/var/www/html/${file}" "${destination}"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Turn off maintenance mode
|
||||||
|
docker exec "${base_container}" php occ maintenance:mode --off
|
||||||
|
|
||||||
|
# Backup cleanup
|
||||||
|
# Only keep 30 days of backups
|
||||||
|
printf "Clean up old database backups.\n"
|
||||||
|
find "${destination}" -name '*sqlbkp*' -type f -mtime +30 -print -delete
|
||||||
|
|
||||||
|
printf "Done\n"
|
112
scripts/nextcloud/backup-database-ssh.sh
Executable file
112
scripts/nextcloud/backup-database-ssh.sh
Executable file
|
@ -0,0 +1,112 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup a remote Nextcloud database using ssh.
|
||||||
|
# Usage: backup-database [OPTIONS] <destination>
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <remote> <destination>\n" "${0}"
|
||||||
|
>&2 printf "It is assumed that the machine has passwordless access to the remote host.\n\n"
|
||||||
|
>&2 printf "Options:\n"
|
||||||
|
>&2 printf "\t-e \t Specify the environment file to use\n"
|
||||||
|
>&2 printf "\t-h \t Show this message\n"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:h" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
h)
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments.
|
||||||
|
|
||||||
|
if [ $# -ne 2 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination and a remote host.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${2}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${1}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
remote="${1}"
|
||||||
|
local_destination="${2}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
if ! ssh "${remote}" "test -f '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file does not exist: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf "Debug: PWD: '%s'.\n" "$(ssh "${remote}" 'pwd')"
|
||||||
|
>&2 printf " Consider using the option '-e' to specify the correct environment file.\n"
|
||||||
|
usage 2
|
||||||
|
elif ! ssh "${remote}" "test -r '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file is not readable: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf " Make sure the user you are using connect as has access to the file.\n"
|
||||||
|
usage 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
backupfile="nextcloud_$(date +'%Y%m%d').tar.gz"
|
||||||
|
|
||||||
|
# Check if the script would override existing files.
|
||||||
|
if [ -e "${local_destination}/${backupfile}" ]; then
|
||||||
|
>&2 printf "Warning: The backup file '%s' already exists. Not overwriting.\n" "${local_destination}/${backupfile}"
|
||||||
|
|
||||||
|
while [[ -e "${local_destination}/${backupfile}" ]]; do
|
||||||
|
backupfile="${backupfile%.tar.gz}_bis${counter:=1}.tar.gz"
|
||||||
|
((counter++))
|
||||||
|
done
|
||||||
|
|
||||||
|
>&2 printf "Warning: Using '%s' as a safe alternative backup file.\n" "${local_destination}/${backupfile}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
|
||||||
|
# Create a temporary destination on remote host.
|
||||||
|
remote_destination="$( ssh "${remote}" 'mktemp -d' )"
|
||||||
|
printf "Debug: Using '%s' as a remote temporary directory.\n" "${remote_destination}"
|
||||||
|
|
||||||
|
# Filename for database backup
|
||||||
|
database_backupfile='sqlbkp.bak'
|
||||||
|
remote_database_backupfile="${remote_destination}/${database_backupfile}"
|
||||||
|
|
||||||
|
# Turn on maintenance mode
|
||||||
|
ssh "${remote}" 'sudo -u www-data /usr/bin/php /var/www/nextcloud/occ maintenance:mode --on'
|
||||||
|
|
||||||
|
echo 'Info: Backing up database'
|
||||||
|
ssh "${remote}" "source '${env_file}' && pg_dump 'nextcloud' -cwv -U 'nextcloud' -h 'localhost' > '${remote_database_backupfile}'"
|
||||||
|
# Restore using:
|
||||||
|
# psql -U nextcloud -h localhost -d nextcloud -f "path/to/file"
|
||||||
|
|
||||||
|
# Files backup
|
||||||
|
echo 'Info: Copying static files.'
|
||||||
|
ssh "${remote}" "cp -a '/var/www/nextcloud/themes' '${remote_destination}'"
|
||||||
|
|
||||||
|
# Turn off maintenance mode
|
||||||
|
ssh "${remote}" 'sudo -u www-data /usr/bin/php /var/www/nextcloud/occ maintenance:mode --off'
|
||||||
|
|
||||||
|
# Copy everything over to local machine.
|
||||||
|
echo 'Info: Copying to local machine.'
|
||||||
|
ssh "${remote}" "tar -czf '/tmp/${backupfile}' ${remote_destination}"
|
||||||
|
scp "${remote}:/tmp/${backupfile}" "${local_destination}"
|
||||||
|
|
||||||
|
# Remove temporary destination on remote host.
|
||||||
|
printf "Debug: Cleaning up '%s' on %s.\n" "${remote_destination}" "${remote}"
|
||||||
|
ssh "${remote}" "rm -rf ${remote_destination}"
|
||||||
|
|
||||||
|
# Backup cleanup
|
||||||
|
# Only keep 30 days of backups
|
||||||
|
printf "Info: Cleaning up old database backups in '%s'\n" "${local_destination}"
|
||||||
|
find "${local_destination}" -name 'nextcloud_*.tar.gz' -type f -mtime +30 -print -delete
|
||||||
|
|
||||||
|
echo 'Done'
|
77
scripts/vaultwarden/backup-database-k3s.sh
Executable file
77
scripts/vaultwarden/backup-database-k3s.sh
Executable file
|
@ -0,0 +1,77 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup Vaultwarden database in a Kubernetes environment.
|
||||||
|
# Usage: backup-database [OPTIONS] <destination>
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <destination>\n" "${0}"
|
||||||
|
>&2 printf "Options:\n"
|
||||||
|
>&2 printf "\t-e \t Specify the environment file to use\n"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
if ! [ -f "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file does not exist: '%s'.\n" "${OPTARG}"
|
||||||
|
elif ! [ -r "${OPTARG}" ]; then
|
||||||
|
>&2 printf "Error: Specified environment file is not readable: '%s'.\n" "${OPTARG}"
|
||||||
|
fi
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments
|
||||||
|
|
||||||
|
if [ $# -ne 1 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${1}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${1}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
destination="${1}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Retrieve container names
|
||||||
|
base_container="$( docker ps --format '{{.Names}}' | grep -E 'vaultwarden-2_vaultwarden-2-[0-9a-z]{10}-[0-9a-z]{5}' )"
|
||||||
|
database_container="$( docker ps --format '{{.Names}}' | grep postgres_vaultwarden-2-cnpg-main-1 )"
|
||||||
|
|
||||||
|
if ! [[ -n "${base_container}" && -n "${database_container}" ]]; then
|
||||||
|
>&2 printf "Error: Not all containers could be found.\n"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
|
||||||
|
# Filename for database backup
|
||||||
|
database_backupfile="vaultwarden-sqlbkp_$(date +'%Y%m%d').bak"
|
||||||
|
host_database_backupfile="${destination}/${database_backupfile}"
|
||||||
|
|
||||||
|
# Create backup file in docker container
|
||||||
|
echo 'Backing up database'
|
||||||
|
docker exec --env-file "${env_file:=.env}" "${database_container}" pg_dump 'vaultwarden' -cwv -h 'localhost' -U 'vaultwarden' > "${host_database_backupfile}"
|
||||||
|
|
||||||
|
# Files backup
|
||||||
|
for file in 'attachments' 'sends' 'rsa_key.pem' 'rsa_key.pub.pem'; do # 'config.json'
|
||||||
|
printf 'Copying %s\n' "${file}"
|
||||||
|
docker cp -a "${base_container}":"/data/${file}" "${destination}"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Backup cleanup
|
||||||
|
# Only keep 30 days of backups, seems about right.
|
||||||
|
echo 'Cleaning up old database backups'
|
||||||
|
find "${destination}" -name '*sqlbkp*' -type f -mtime +30 -print -delete
|
||||||
|
|
||||||
|
echo 'Done'
|
113
scripts/vaultwarden/backup-database-ssh.sh
Executable file
113
scripts/vaultwarden/backup-database-ssh.sh
Executable file
|
@ -0,0 +1,113 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Backup a remote Vaultwarden database using ssh.
|
||||||
|
# Usage: backup-database [OPTIONS] <remote> <destination>
|
||||||
|
|
||||||
|
usage() {
|
||||||
|
>&2 printf "Usage: %s <remote host> <destination>\n" "${0}"
|
||||||
|
>&2 printf "It is assumed that the machine has passwordless access to the remote host.\n\n"
|
||||||
|
>&2 printf "Options:\n"
|
||||||
|
>&2 printf "\t-e \t Specify the environment file to use\n"
|
||||||
|
>&2 printf "\t-h \t Show this message\n"
|
||||||
|
exit "${1:-1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Get options
|
||||||
|
|
||||||
|
while getopts ":e:h" option; do
|
||||||
|
case "${option}" in
|
||||||
|
e)
|
||||||
|
env_file="${OPTARG}"
|
||||||
|
;;
|
||||||
|
h)
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
>&2 printf "Error: Invalid option: '%s'.\n" "${option}"
|
||||||
|
usage
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $(( OPTIND - 1 ))
|
||||||
|
|
||||||
|
# Check arguments
|
||||||
|
|
||||||
|
if [ $# -ne 2 ]; then
|
||||||
|
>&2 printf "Error: You need to specify a destination and a remote host.\n"
|
||||||
|
usage
|
||||||
|
elif ! [ -d "${2}" ]; then
|
||||||
|
>&2 printf "Error: Specified destination does not exist or is not readable : '%s'.\n" "${2}"
|
||||||
|
usage
|
||||||
|
else
|
||||||
|
remote="${1}"
|
||||||
|
local_destination="${2}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Abort entire script if any command fails
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Test if environment file on remote exists.
|
||||||
|
if ! ssh "${remote}" "test -f '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file does not exist: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf " Consider using the option '-e' to specify the correct environment file.\n"
|
||||||
|
>&2 printf "Debug: PWD: '%s'.\n" "$(ssh "${remote}" 'pwd')"
|
||||||
|
usage 2
|
||||||
|
elif ! ssh "${remote}" "test -r '${env_file:=.env}'"; then
|
||||||
|
>&2 printf "Error: Environment file is not readable: '%s'.\n" "${env_file}"
|
||||||
|
>&2 printf " Make sure the user you are using connect as has access to the file.\n"
|
||||||
|
usage 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
backupfile="vaultwarden_$( date +'%Y%m%d' ).tar.gz"
|
||||||
|
|
||||||
|
# Check if the script would override existing files.
|
||||||
|
if [ -e "${local_destination}/${backupfile}" ]; then
|
||||||
|
>&2 printf "Warning: The backup file '%s' already exists. Not overwriting.\n" "${local_destination}/${backupfile}"
|
||||||
|
|
||||||
|
while [[ -e "${local_destination}/${backupfile}" ]]; do
|
||||||
|
backupfile="${backupfile%.tar.gz}_bis${counter:=1}.tar.gz"
|
||||||
|
((counter++))
|
||||||
|
done
|
||||||
|
|
||||||
|
>&2 printf "Warning: Using '%s' as a safe alternative backup file.\n" "${local_destination}/${backupfile}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Database backup
|
||||||
|
|
||||||
|
base_container='vaultwarden'
|
||||||
|
database_container='vaultwarden-db'
|
||||||
|
|
||||||
|
# Create a temporary destination on remote host.
|
||||||
|
remote_destination="$( ssh "${remote}" 'mktemp -d' )"
|
||||||
|
printf "Debug: Using '%s' as a remote temporary directory.\n" "${remote_destination}"
|
||||||
|
|
||||||
|
# Filename for database backup
|
||||||
|
database_backupfile="sqlbkp.bak"
|
||||||
|
remote_database_backupfile="${remote_destination}/${database_backupfile}"
|
||||||
|
|
||||||
|
# Create backup file in docker container
|
||||||
|
echo 'Info: Backing up database'
|
||||||
|
ssh "${remote}" "docker exec --env-file '${env_file}' '${database_container}' pg_dump 'vaultwarden' -cwv -U 'vaultwarden' -h 'localhost' > '${remote_database_backupfile}'"
|
||||||
|
# Restore using:
|
||||||
|
# psql -U vaultwarden -h localhost -d vaultwarden -f "path/to/file"
|
||||||
|
|
||||||
|
# Files backup
|
||||||
|
for file in 'attachments' 'sends' 'rsa_key.pem' 'rsa_key.pub.pem'; do # 'config.json'
|
||||||
|
printf "Info: Copying %s\n" "${file}"
|
||||||
|
ssh "${remote}" "docker cp -a '${base_container}:/data/${file}' '${remote_destination}'"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Copy everything over to local machine.
|
||||||
|
echo 'Info: Copying to local machine.'
|
||||||
|
ssh "${remote}" "tar -czf '${remote_destination}/${backupfile}' --exclude=${backupfile} ${remote_destination}"
|
||||||
|
scp "${remote}:${remote_destination}/${backupfile}" "${local_destination}"
|
||||||
|
|
||||||
|
# Remove temporary destination on remote host.
|
||||||
|
printf "Debug: Cleaning up '%s' on %s.\n" "${remote_destination}" "${remote}"
|
||||||
|
ssh "${remote}" "rm -rf ${remote_destination}"
|
||||||
|
|
||||||
|
# Backup cleanup
|
||||||
|
# Only keep 30 days of backups, seems about right.
|
||||||
|
printf "Info: Cleaning up old database backups in '%s'\n" "${local_destination}"
|
||||||
|
find "${local_destination}" -name 'vaultwarden_*.tar.gz' -type f -mtime +30 -print -delete
|
||||||
|
|
||||||
|
echo 'Done'
|
Loading…
Reference in a new issue