new backup system using k8up
This commit is contained in:
parent
436c1240fb
commit
59aea23649
21
README.md
21
README.md
|
@ -74,22 +74,17 @@ it's just a base monitoring to answer the question: "Is it up?".
|
||||||
4. Create secret for Alertmanager config:
|
4. Create secret for Alertmanager config:
|
||||||
`kubectl -n posmon create secret generic alertmanager-posmon --from-file=contrib/alertmanager.yaml`
|
`kubectl -n posmon create secret generic alertmanager-posmon --from-file=contrib/alertmanager.yaml`
|
||||||
|
|
||||||
## Backup configuration
|
## Backup
|
||||||
|
|
||||||
Example contents of `backup.env`:
|
Backup is done using [K8up](https://k8up.io/).
|
||||||
|
|
||||||
```
|
1. Install K8up
|
||||||
RESTIC_REPOSITORY=rclone:myremote:posbackup
|
2. Apply manifests under `contrib/backup`
|
||||||
RESTIC_PASSWORD=extremelysecurepassword
|
|
||||||
RCLONE_CONFIG_FWUCLOUD_TYPE=webdav
|
### Restore
|
||||||
RCLONE_CONFIG_FWUCLOUD_URL=https://nextcloud.example.com/remote.php/webdav/
|
|
||||||
RCLONE_CONFIG_FWUCLOUD_VENDOR=nextcloud
|
tbd...
|
||||||
RCLONE_CONFIG_FWUCLOUD_USER=backupuser
|
|
||||||
RCLONE_CONFIG_FWUCLOUD_PASS=encryptedpassword
|
|
||||||
PGDATABASE=odoodbname
|
|
||||||
```
|
|
||||||
|
|
||||||
Restore of DB:
|
|
||||||
|
|
||||||
```
|
```
|
||||||
createdb -T template0 restoretest
|
createdb -T template0 restoretest
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
FROM alpine:latest
|
|
||||||
|
|
||||||
ENV RESTIC_VERSION=0.9.1 \
|
|
||||||
RCLONE_VERSION=1.42
|
|
||||||
|
|
||||||
RUN set -x; wget -O /tmp/restic.bz2 https://github.com/restic/restic/releases/download/v${RESTIC_VERSION}/restic_${RESTIC_VERSION}_linux_arm.bz2 && \
|
|
||||||
bzip2 -d /tmp/restic.bz2 && \
|
|
||||||
mv /tmp/restic /usr/local/bin/restic && \
|
|
||||||
chmod +x /usr/local/bin/restic
|
|
||||||
|
|
||||||
RUN set -x; wget -O /tmp/rclone.zip https://downloads.rclone.org/v${RCLONE_VERSION}/rclone-v${RCLONE_VERSION}-linux-arm.zip && \
|
|
||||||
unzip /tmp/rclone.zip && \
|
|
||||||
mv rclone-v${RCLONE_VERSION}-linux-arm/rclone /usr/local/bin/rclone && \
|
|
||||||
chmod +x /usr/local/bin/rclone && \
|
|
||||||
rm -rf rclone-* /tmp/rclone.zip && \
|
|
||||||
mkdir -p /root/.config/rclone && \
|
|
||||||
touch /root/.config/rclone/rclone.conf
|
|
||||||
|
|
||||||
RUN apk add --no-cache bash ca-certificates postgresql && \
|
|
||||||
mkfifo -m 0666 /var/log/cron.log && \
|
|
||||||
ln -s /var/log/cron.log /var/log/crond.log
|
|
||||||
|
|
||||||
ADD crondwrapper.sh resticbackup.sh /usr/local/bin/
|
|
||||||
|
|
||||||
ENTRYPOINT ["crondwrapper.sh"]
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
echo "${BACKUP_SCHEDULE} resticbackup.sh >> /var/log/cron.log 2>&1" > /etc/crontabs/root
|
|
||||||
|
|
||||||
# start cron
|
|
||||||
default_crontabs_dir=/etc/crontabs
|
|
||||||
crond -L /var/log/cron.log -c ${CRONTABS_DIR:-$default_crontabs_dir}
|
|
||||||
|
|
||||||
# trap SIGINT and SIGTERM signals and gracefully exit
|
|
||||||
trap "echo \"stopping cron\"; kill \$!; exit" SIGINT SIGTERM
|
|
||||||
|
|
||||||
# start "daemon"
|
|
||||||
while true
|
|
||||||
do
|
|
||||||
cat /var/log/cron.log & wait $!
|
|
||||||
done
|
|
|
@ -1,14 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -x
|
|
||||||
|
|
||||||
echo "[$(date)] Starting backup"
|
|
||||||
|
|
||||||
# Dump Postgres DB - parameters are read from env vars
|
|
||||||
pg_dump -Fc > /data/odoo_data.dump
|
|
||||||
|
|
||||||
# Backup data with restic
|
|
||||||
restic backup --hostname posbox /data
|
|
||||||
restic forget --prune --keep-last 10
|
|
||||||
|
|
||||||
echo "[$(date)] Backup ended"
|
|
|
@ -13,6 +13,8 @@ spec:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
|
annotations:
|
||||||
|
appuio.ch/backupcommand: pg_dumpall
|
||||||
labels:
|
labels:
|
||||||
app: db
|
app: db
|
||||||
spec:
|
spec:
|
||||||
|
@ -27,8 +29,12 @@ spec:
|
||||||
value: postgres
|
value: postgres
|
||||||
- name: POSTGRES_PASSWORD
|
- name: POSTGRES_PASSWORD
|
||||||
value: odoo
|
value: odoo
|
||||||
|
- name: PGPASSWORD
|
||||||
|
value: odoo
|
||||||
- name: POSTGRES_USER
|
- name: POSTGRES_USER
|
||||||
value: odoo
|
value: odoo
|
||||||
|
- name: PGUSER
|
||||||
|
value: odoo
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 5432
|
- containerPort: 5432
|
||||||
name: postgres
|
name: postgres
|
||||||
|
@ -38,6 +44,8 @@ spec:
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: db-data
|
name: db-data
|
||||||
|
annotations:
|
||||||
|
appuio.ch/backup: "true"
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteOnce
|
- ReadWriteOnce
|
||||||
|
|
|
@ -5,6 +5,8 @@ metadata:
|
||||||
app: odoo
|
app: odoo
|
||||||
name: odoo-data
|
name: odoo-data
|
||||||
namespace: pos
|
namespace: pos
|
||||||
|
annotations:
|
||||||
|
appuio.ch/backup: "true"
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteOnce
|
- ReadWriteOnce
|
||||||
|
|
|
@ -48,20 +48,6 @@ services:
|
||||||
networks:
|
networks:
|
||||||
localnet:
|
localnet:
|
||||||
ipv4_address: 10.5.0.4
|
ipv4_address: 10.5.0.4
|
||||||
# backup:
|
|
||||||
# build: ./backup
|
|
||||||
# environment:
|
|
||||||
# - PGHOST=db
|
|
||||||
# - PGUSER=odoo
|
|
||||||
# - PGPASSWORD=odoo
|
|
||||||
# - BACKUP_SCHEDULE=0 19 * * *
|
|
||||||
# env_file: backup.env
|
|
||||||
# volumes:
|
|
||||||
# - odoo-db-data:/data/pg_raw:ro
|
|
||||||
# - /home/pi:/data/home-pi:ro
|
|
||||||
# networks:
|
|
||||||
# localnet:
|
|
||||||
# ipv4_address: 10.5.0.5
|
|
||||||
volumes:
|
volumes:
|
||||||
odoo-web-data:
|
odoo-web-data:
|
||||||
odoo-db-data:
|
odoo-db-data:
|
||||||
|
|
Reference in New Issue