mirror of
https://github.com/jkaninda/mysql-bkup.git
synced 2025-12-06 21:49:40 +01:00
doc: reviewed docs
This commit is contained in:
@@ -1,91 +1,129 @@
|
||||
---
|
||||
title: Backup to SSH
|
||||
title: Backup to SSH or SFTP
|
||||
layout: default
|
||||
parent: How Tos
|
||||
nav_order: 3
|
||||
---
|
||||
# Backup to SSH remote server
|
||||
# Backup to SFTP or SSH Remote Server
|
||||
|
||||
To store your backups on an `SFTP` or `SSH` remote server instead of the default storage, you can configure the backup process to use the `--storage ssh` or `--storage remote` option.
|
||||
This section explains how to set up and configure SSH-based backups.
|
||||
|
||||
As described for s3 backup section, to change the storage of your backup and use SSH Remote server as storage. You need to add `--storage ssh` or `--storage remote`.
|
||||
You need to add the full remote path by adding `--path /home/jkaninda/backups` flag or using `REMOTE_PATH` environment variable.
|
||||
---
|
||||
|
||||
{: .note }
|
||||
These environment variables are required for SSH backup `SSH_HOST`, `SSH_USER`, `SSH_REMOTE_PATH`, `SSH_IDENTIFY_FILE`, `SSH_PORT` or `SSH_PASSWORD` if you dont use a private key to access to your server.
|
||||
Accessing the remote server using password is not recommended, use private key instead.
|
||||
## Configuration Steps
|
||||
|
||||
```yml
|
||||
1. **Specify the Storage Type**
|
||||
Add the `--storage ssh` or `--storage remote` flag to your backup command.
|
||||
|
||||
2. **Set the Remote Path**
|
||||
Define the full remote path where backups will be stored using the `--path` flag or the `REMOTE_PATH` environment variable.
|
||||
Example: `--path /home/jkaninda/backups`.
|
||||
|
||||
3. **Required Environment Variables**
|
||||
The following environment variables are mandatory for SSH-based backups:
|
||||
|
||||
- `SSH_HOST`: The hostname or IP address of the remote server.
|
||||
- `SSH_USER`: The username for SSH authentication.
|
||||
- `REMOTE_PATH`: The directory on the remote server where backups will be stored.
|
||||
- `SSH_IDENTIFY_FILE`: The path to the private key file for SSH authentication.
|
||||
- `SSH_PORT`: The SSH port (default is `22`).
|
||||
- `SSH_PASSWORD`: (Optional) Use this only if you are not using a private key for authentication.
|
||||
|
||||
{: .note }
|
||||
**Security Recommendation**: Using a private key (`SSH_IDENTIFY_FILE`) is strongly recommended over password-based authentication (`SSH_PASSWORD`) for better security.
|
||||
|
||||
---
|
||||
|
||||
## Example Configuration
|
||||
|
||||
Below is an example `docker-compose.yml` configuration for backing up to an SSH remote server:
|
||||
|
||||
```yaml
|
||||
services:
|
||||
mysql-bkup:
|
||||
# In production, it is advised to lock your image tag to a proper
|
||||
# release version instead of using `latest`.
|
||||
# Check https://github.com/jkaninda/mysql-bkup/releases
|
||||
# for a list of available releases.
|
||||
image: jkaninda/mysql-bkup
|
||||
container_name: mysql-bkup
|
||||
command: backup --storage remote -d database
|
||||
volumes:
|
||||
- ./id_ed25519:/tmp/id_ed25519"
|
||||
environment:
|
||||
- DB_PORT=3306
|
||||
- DB_HOST=mysql
|
||||
#- DB_NAME=database
|
||||
- DB_USERNAME=username
|
||||
- DB_PASSWORD=password
|
||||
## SSH config
|
||||
- SSH_HOST="hostname"
|
||||
- SSH_PORT=22
|
||||
- SSH_USER=user
|
||||
- REMOTE_PATH=/home/jkaninda/backups
|
||||
- SSH_IDENTIFY_FILE=/tmp/id_ed25519
|
||||
## We advise you to use a private jey instead of password
|
||||
#- SSH_PASSWORD=password
|
||||
mysql-bkup:
|
||||
# In production, lock your image tag to a specific release version
|
||||
# instead of using `latest`. Check https://github.com/jkaninda/mysql-bkup/releases
|
||||
# for available releases.
|
||||
image: jkaninda/mysql-bkup
|
||||
container_name: mysql-bkup
|
||||
command: backup --storage remote -d database
|
||||
volumes:
|
||||
- ./id_ed25519:/tmp/id_ed25519
|
||||
environment:
|
||||
- DB_PORT=3306
|
||||
- DB_HOST=mysql
|
||||
- DB_NAME=database
|
||||
- DB_USERNAME=username
|
||||
- DB_PASSWORD=password
|
||||
## SSH Configuration
|
||||
- SSH_HOST="hostname"
|
||||
- SSH_PORT=22
|
||||
- SSH_USER=user
|
||||
- REMOTE_PATH=/home/jkaninda/backups
|
||||
- SSH_IDENTIFY_FILE=/tmp/id_ed25519
|
||||
## Optional: Use password instead of private key (not recommended)
|
||||
#- SSH_PASSWORD=password
|
||||
|
||||
# Ensure the mysql-bkup container is connected to the same network as your database
|
||||
networks:
|
||||
- web
|
||||
|
||||
# mysql-bkup container must be connected to the same network with your database
|
||||
networks:
|
||||
- web
|
||||
networks:
|
||||
web:
|
||||
web:
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### Recurring backups to SSH remote server
|
||||
## Recurring Backups to SSH Remote Server
|
||||
|
||||
As explained above, you need just to add required environment variables and specify the storage type `--storage ssh`.
|
||||
You can use `--cron-expression "* * * * *"` or `BACKUP_CRON_EXPRESSION=0 1 * * *` as described below.
|
||||
To schedule recurring backups, you can use the `--cron-expression` flag or the `BACKUP_CRON_EXPRESSION` environment variable.
|
||||
This allows you to define a cron schedule for automated backups.
|
||||
|
||||
```yml
|
||||
### Example: Recurring Backup Configuration
|
||||
|
||||
```yaml
|
||||
services:
|
||||
mysql-bkup:
|
||||
# In production, it is advised to lock your image tag to a proper
|
||||
# release version instead of using `latest`.
|
||||
# Check https://github.com/jkaninda/mysql-bkup/releases
|
||||
# for a list of available releases.
|
||||
mysql-bkup:
|
||||
# In production, lock your image tag to a specific release version
|
||||
# instead of using `latest`. Check https://github.com/jkaninda/mysql-bkup/releases
|
||||
# for available releases.
|
||||
image: jkaninda/mysql-bkup
|
||||
container_name: mysql-bkup
|
||||
command: backup -d database --storage ssh --cron-expression "0 1 * * *"
|
||||
command: backup -d database --storage ssh --cron-expression "@daily"
|
||||
volumes:
|
||||
- ./id_ed25519:/tmp/id_ed25519"
|
||||
- ./id_ed25519:/tmp/id_ed25519
|
||||
environment:
|
||||
- DB_PORT=3306
|
||||
- DB_HOST=mysql
|
||||
- DB_HOST=postgres
|
||||
- DB_NAME=database
|
||||
- DB_USERNAME=username
|
||||
- DB_PASSWORD=password
|
||||
## SSH config
|
||||
## SSH Configuration
|
||||
- SSH_HOST="hostname"
|
||||
- SSH_PORT=22
|
||||
- SSH_USER=user
|
||||
- REMOTE_PATH=/home/jkaninda/backups
|
||||
- SSH_IDENTIFY_FILE=/tmp/id_ed25519
|
||||
# - BACKUP_CRON_EXPRESSION=0 1 * * * # Optional
|
||||
#Delete old backup created more than specified days ago
|
||||
## Optional: Delete old backups after a specified number of days
|
||||
#- BACKUP_RETENTION_DAYS=7
|
||||
## We advise you to use a private jey instead of password
|
||||
## Optional: Use password instead of private key (not recommended)
|
||||
#- SSH_PASSWORD=password
|
||||
# mysql-bkup container must be connected to the same network with your database
|
||||
|
||||
# Ensure the mysql-bkup container is connected to the same network as your database
|
||||
networks:
|
||||
- web
|
||||
|
||||
networks:
|
||||
web:
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Key Notes
|
||||
|
||||
- **Cron Expression**: Use the `--cron-expression` flag or `BACKUP_CRON_EXPRESSION` environment variable to define the backup schedule. For example, `0 1 * * *` runs the backup daily at 1:00 AM.
|
||||
- **Backup Retention**: Optionally, use the `BACKUP_RETENTION_DAYS` environment variable to automatically delete backups older than a specified number of days.
|
||||
- **Security**: Always prefer private key authentication (`SSH_IDENTIFY_FILE`) over password-based authentication (`SSH_PASSWORD`) for enhanced security.
|
||||
|
||||
---
|
||||
Reference in New Issue
Block a user