diff --git a/README.md b/README.md index 2f40b98..1d62811 100644 --- a/README.md +++ b/README.md @@ -95,8 +95,9 @@ For Kubernetes, you don't need to run it in scheduled mode. You can deploy it as apiVersion: batch/v1 kind: Job metadata: - name: backup + name: backup-job spec: + ttlSecondsAfterFinished: 100 template: spec: containers: @@ -109,38 +110,27 @@ spec: command: - /bin/sh - -c - - bkup - - backup - - --storage - - s3 + - backup -d dbname resources: limits: memory: "128Mi" cpu: "500m" env: - - name: DB_PORT - value: "5432" - name: DB_HOST - value: "" - - name: DB_NAME - value: "" + value: "postgres" - name: DB_USERNAME - value: "" - # Please use secret! + value: "postgres" - name: DB_PASSWORD - value: "" - - name: AWS_S3_ENDPOINT - value: "https://s3.amazonaws.com" - - name: AWS_S3_BUCKET_NAME - value: "xxx" - - name: AWS_REGION - value: "us-west-2" - - name: AWS_ACCESS_KEY - value: "xxxx" - - name: AWS_SECRET_KEY - value: "xxxx" - - name: AWS_DISABLE_SSL - value: "false" + value: "password" + volumeMounts: + - mountPath: /backup + name: backup + volumes: + - name: backup + hostPath: + path: /home/toto/backup # directory location on host + type: Directory # this field is optional + restartPolicy: Never ``` ## Available image registries diff --git a/docker/Dockerfile b/docker/Dockerfile index 44f3b23..0c9cb0e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -38,7 +38,6 @@ ENV SOURCE_DB_PASSWORD="" ARG DEBIAN_FRONTEND=noninteractive ENV VERSION="v1.2.3" ENV BACKUP_CRON_EXPRESSION="" -ENV GNUPGHOME="/tmp/gnupg" ARG WORKDIR="/config" ARG BACKUPDIR="/backup" ARG BACKUP_TMP_DIR="/tmp/backup" @@ -55,25 +54,21 @@ RUN apt-get clean && rm -rf /var/lib/apt/lists/* RUN mkdir $WORKDIR RUN mkdir $BACKUPDIR -RUN mkdir -p $BACKUP_TMP_DIR && \ - mkdir -p $GNUPGHOME +RUN mkdir -p $BACKUP_TMP_DIR RUN chmod 777 $WORKDIR RUN chmod 777 $BACKUPDIR RUN chmod 777 $BACKUP_TMP_DIR RUN touch $BACKUP_CRON && \ touch $BACKUP_CRON_SCRIPT && \ + chmod 777 $WORKDIR && \ chmod 777 $BACKUP_CRON && \ - chmod 777 $BACKUP_CRON_SCRIPT && \ - chmod 777 $GNUPGHOME - + chmod 777 $BACKUP_CRON_SCRIPT COPY --from=build /app/pg-bkup /usr/local/bin/pg-bkup RUN chmod +x /usr/local/bin/pg-bkup RUN ln -s /usr/local/bin/pg-bkup /usr/local/bin/bkup ADD docker/supervisord.conf /etc/supervisor/supervisord.conf - -WORKDIR $WORKDIR # Create the backup script and make it executable RUN echo '#!/bin/sh\n/usr/local/bin/pg-bkup backup "$@"' > /usr/local/bin/backup && \ chmod +x /usr/local/bin/backup @@ -84,4 +79,7 @@ RUN echo '#!/bin/sh\n/usr/local/bin/pg-bkup restore "$@"' > /usr/local/bin/resto # Create the migrate script and make it executable RUN echo '#!/bin/sh\n/usr/local/bin/pg-bkup migrate "$@"' > /usr/local/bin/migrate && \ chmod +x /usr/local/bin/migrate + +WORKDIR $WORKDIR ENTRYPOINT ["/usr/local/bin/pg-bkup"] + diff --git a/docs/how-tos/deploy-on-kubernetes.md b/docs/how-tos/deploy-on-kubernetes.md index f9f7f89..244873d 100644 --- a/docs/how-tos/deploy-on-kubernetes.md +++ b/docs/how-tos/deploy-on-kubernetes.md @@ -30,10 +30,7 @@ spec: command: - /bin/sh - -c - - bkup - - backup - - --storage - - s3 + - backup --storage s3 resources: limits: memory: "128Mi" @@ -87,10 +84,7 @@ spec: - /bin/sh - -c - bkup - - backup - - --storage - - ssh - - --disable-compression + - backup --storage ssh --disable-compression resources: limits: memory: "128Mi" @@ -145,10 +139,7 @@ spec: - /bin/sh - -c - bkup - - restore - - --storage - - ssh - - --file store_20231219_022941.sql.gz + - restore --storage ssh --file store_20231219_022941.sql.gz resources: limits: memory: "128Mi" @@ -205,10 +196,7 @@ spec: - /bin/sh - -c - bkup - - backup - - --storage - - ssh - - --disable-compression + - backup --storage ssh --disable-compression resources: limits: memory: "128Mi" @@ -272,11 +260,7 @@ spec: command: - /bin/sh - -c - - bkup - - backup - - --storage - - ssh - - --disable-compression + - backup --storage ssh --disable-compression resources: limits: memory: "128Mi" diff --git a/docs/how-tos/migrate.md b/docs/how-tos/migrate.md index be72f20..d159fa9 100644 --- a/docs/how-tos/migrate.md +++ b/docs/how-tos/migrate.md @@ -73,3 +73,50 @@ SOURCE_DB_PASSWORD=password -v $PWD/backup:/backup/ \ jkaninda/pg-bkup migrate -d database_name ``` + +## Kubernetes + +```yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: migrate-db +spec: + ttlSecondsAfterFinished: 100 + template: + spec: + containers: + - name: pg-bkup + # In production, it is advised to lock your image tag to a proper + # release version instead of using `latest`. + # Check https://github.com/jkaninda/pg-bkup/releases + # for a list of available releases. + image: jkaninda/pg-bkup + command: + - /bin/sh + - -c + - migrate -d targetdb + resources: + limits: + memory: "128Mi" + cpu: "500m" + env: + ## Target DB + - name: DB_HOST + value: "postgres-target" + - name: DB_USERNAME + value: "postgres" + - name: DB_PASSWORD + value: "password" + ## Source DB + - name: SOURCE_DB_HOST + value: "postgres-source" + - name: SOURCE_DB_NAME + value: "sourcedb" + - name: SOURCE_DB_USERNAME + value: "postgres" + # Please use secret! + - name: SOURCE_DB_PASSWORD + value: "password" + restartPolicy: Never +``` \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index 4d0cb94..5ad1355 100644 --- a/docs/index.md +++ b/docs/index.md @@ -78,7 +78,49 @@ services: networks: web: ``` +## Kubernetes +```yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: backup-job +spec: + ttlSecondsAfterFinished: 100 + template: + spec: + containers: + - name: pg-bkup + # In production, it is advised to lock your image tag to a proper + # release version instead of using `latest`. + # Check https://github.com/jkaninda/pg-bkup/releases + # for a list of available releases. + image: jkaninda/pg-bkup + command: + - /bin/sh + - -c + - backup -d dbname + resources: + limits: + memory: "128Mi" + cpu: "500m" + env: + - name: DB_HOST + value: "postgres" + - name: DB_USERNAME + value: "postgres" + - name: DB_PASSWORD + value: "password" + volumeMounts: + - mountPath: /backup + name: backup + volumes: + - name: backup + hostPath: + path: /home/toto/backup # directory location on host + type: Directory # this field is optional + restartPolicy: Never +``` ## Available image registries This Docker image is published to both Docker Hub and the GitHub container registry. diff --git a/pkg/encrypt.go b/pkg/encrypt.go index 017e6b0..00127e7 100644 --- a/pkg/encrypt.go +++ b/pkg/encrypt.go @@ -9,11 +9,17 @@ import ( func Decrypt(inputFile string, passphrase string) error { utils.Info("Decrypting backup file: %s...", inputFile) + //Create gpg home dir + err := utils.MakeDir(gpgHome) + if err != nil { + return err + } + utils.SetEnv("GNUPGHOME", gpgHome) cmd := exec.Command("gpg", "--batch", "--passphrase", passphrase, "--output", RemoveLastExtension(inputFile), "--decrypt", inputFile) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - err := cmd.Run() + err = cmd.Run() if err != nil { return err } @@ -24,11 +30,17 @@ func Decrypt(inputFile string, passphrase string) error { func Encrypt(inputFile string, passphrase string) error { utils.Info("Encrypting backup...") + //Create gpg home dir + err := utils.MakeDir(gpgHome) + if err != nil { + return err + } + utils.SetEnv("GNUPGHOME", gpgHome) cmd := exec.Command("gpg", "--batch", "--passphrase", passphrase, "--symmetric", "--cipher-algo", algorithm, inputFile) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - err := cmd.Run() + err = cmd.Run() if err != nil { return err } diff --git a/pkg/var.go b/pkg/var.go index 70eb102..2f159c6 100644 --- a/pkg/var.go +++ b/pkg/var.go @@ -3,17 +3,13 @@ package pkg const cronLogFile = "/var/log/pg-bkup.log" const tmpPath = "/tmp/backup" const backupCronFile = "/usr/local/bin/backup_cron.sh" +const gpgHome = "gnupg" const algorithm = "aes256" const gpgExtension = "gpg" var ( - storage = "local" - file = "" - //dbPassword = "" - //dbUserName = "" - //dbName = "" - //dbHost = "" - //dbPort = "5432" + storage = "local" + file = "" executionMode = "default" storagePath = "/backup" disableCompression = false diff --git a/utils/utils.go b/utils/utils.go index 0a3e88c..a08fb0d 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -149,3 +149,21 @@ func CheckEnvVars(vars []string) error { return nil } + +// MakeDir create directory +func MakeDir(dirPath string) error { + err := os.Mkdir(dirPath, 0700) + if err != nil { + return err + } + return nil +} + +// MakeDirAll create directory +func MakeDirAll(dirPath string) error { + err := os.MkdirAll(dirPath, 0700) + if err != nil { + return err + } + return nil +}