new backup system using k8up
This commit is contained in:
parent
436c1240fb
commit
59aea23649
21
README.md
21
README.md
|
@ -74,22 +74,17 @@ it's just a base monitoring to answer the question: "Is it up?".
|
|||
4. Create secret for Alertmanager config:
|
||||
`kubectl -n posmon create secret generic alertmanager-posmon --from-file=contrib/alertmanager.yaml`
|
||||
|
||||
## Backup configuration
|
||||
## Backup
|
||||
|
||||
Example contents of `backup.env`:
|
||||
Backup is done using [K8up](https://k8up.io/).
|
||||
|
||||
```
|
||||
RESTIC_REPOSITORY=rclone:myremote:posbackup
|
||||
RESTIC_PASSWORD=extremelysecurepassword
|
||||
RCLONE_CONFIG_FWUCLOUD_TYPE=webdav
|
||||
RCLONE_CONFIG_FWUCLOUD_URL=https://nextcloud.example.com/remote.php/webdav/
|
||||
RCLONE_CONFIG_FWUCLOUD_VENDOR=nextcloud
|
||||
RCLONE_CONFIG_FWUCLOUD_USER=backupuser
|
||||
RCLONE_CONFIG_FWUCLOUD_PASS=encryptedpassword
|
||||
PGDATABASE=odoodbname
|
||||
```
|
||||
1. Install K8up
|
||||
2. Apply manifests under `contrib/backup`
|
||||
|
||||
### Restore
|
||||
|
||||
tbd...
|
||||
|
||||
Restore of DB:
|
||||
|
||||
```
|
||||
createdb -T template0 restoretest
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
FROM alpine:latest
|
||||
|
||||
ENV RESTIC_VERSION=0.9.1 \
|
||||
RCLONE_VERSION=1.42
|
||||
|
||||
RUN set -x; wget -O /tmp/restic.bz2 https://github.com/restic/restic/releases/download/v${RESTIC_VERSION}/restic_${RESTIC_VERSION}_linux_arm.bz2 && \
|
||||
bzip2 -d /tmp/restic.bz2 && \
|
||||
mv /tmp/restic /usr/local/bin/restic && \
|
||||
chmod +x /usr/local/bin/restic
|
||||
|
||||
RUN set -x; wget -O /tmp/rclone.zip https://downloads.rclone.org/v${RCLONE_VERSION}/rclone-v${RCLONE_VERSION}-linux-arm.zip && \
|
||||
unzip /tmp/rclone.zip && \
|
||||
mv rclone-v${RCLONE_VERSION}-linux-arm/rclone /usr/local/bin/rclone && \
|
||||
chmod +x /usr/local/bin/rclone && \
|
||||
rm -rf rclone-* /tmp/rclone.zip && \
|
||||
mkdir -p /root/.config/rclone && \
|
||||
touch /root/.config/rclone/rclone.conf
|
||||
|
||||
RUN apk add --no-cache bash ca-certificates postgresql && \
|
||||
mkfifo -m 0666 /var/log/cron.log && \
|
||||
ln -s /var/log/cron.log /var/log/crond.log
|
||||
|
||||
ADD crondwrapper.sh resticbackup.sh /usr/local/bin/
|
||||
|
||||
ENTRYPOINT ["crondwrapper.sh"]
|
|
@ -1,16 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
echo "${BACKUP_SCHEDULE} resticbackup.sh >> /var/log/cron.log 2>&1" > /etc/crontabs/root
|
||||
|
||||
# start cron
|
||||
default_crontabs_dir=/etc/crontabs
|
||||
crond -L /var/log/cron.log -c ${CRONTABS_DIR:-$default_crontabs_dir}
|
||||
|
||||
# trap SIGINT and SIGTERM signals and gracefully exit
|
||||
trap "echo \"stopping cron\"; kill \$!; exit" SIGINT SIGTERM
|
||||
|
||||
# start "daemon"
|
||||
while true
|
||||
do
|
||||
cat /var/log/cron.log & wait $!
|
||||
done
|
|
@ -1,14 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -x
|
||||
|
||||
echo "[$(date)] Starting backup"
|
||||
|
||||
# Dump Postgres DB - parameters are read from env vars
|
||||
pg_dump -Fc > /data/odoo_data.dump
|
||||
|
||||
# Backup data with restic
|
||||
restic backup --hostname posbox /data
|
||||
restic forget --prune --keep-last 10
|
||||
|
||||
echo "[$(date)] Backup ended"
|
|
@ -13,6 +13,8 @@ spec:
|
|||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
appuio.ch/backupcommand: pg_dumpall
|
||||
labels:
|
||||
app: db
|
||||
spec:
|
||||
|
@ -27,8 +29,12 @@ spec:
|
|||
value: postgres
|
||||
- name: POSTGRES_PASSWORD
|
||||
value: odoo
|
||||
- name: PGPASSWORD
|
||||
value: odoo
|
||||
- name: POSTGRES_USER
|
||||
value: odoo
|
||||
- name: PGUSER
|
||||
value: odoo
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
name: postgres
|
||||
|
@ -38,6 +44,8 @@ spec:
|
|||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: db-data
|
||||
annotations:
|
||||
appuio.ch/backup: "true"
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
|
|
|
@ -5,6 +5,8 @@ metadata:
|
|||
app: odoo
|
||||
name: odoo-data
|
||||
namespace: pos
|
||||
annotations:
|
||||
appuio.ch/backup: "true"
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
|
|
|
@ -48,20 +48,6 @@ services:
|
|||
networks:
|
||||
localnet:
|
||||
ipv4_address: 10.5.0.4
|
||||
# backup:
|
||||
# build: ./backup
|
||||
# environment:
|
||||
# - PGHOST=db
|
||||
# - PGUSER=odoo
|
||||
# - PGPASSWORD=odoo
|
||||
# - BACKUP_SCHEDULE=0 19 * * *
|
||||
# env_file: backup.env
|
||||
# volumes:
|
||||
# - odoo-db-data:/data/pg_raw:ro
|
||||
# - /home/pi:/data/home-pi:ro
|
||||
# networks:
|
||||
# localnet:
|
||||
# ipv4_address: 10.5.0.5
|
||||
volumes:
|
||||
odoo-web-data:
|
||||
odoo-db-data:
|
||||
|
|
Reference in New Issue