Merge branch 'backup' of gitlab.com:domaindrivenarchitecture/c4k-gitea into backup
This commit is contained in:
commit
3296387255
9 changed files with 80 additions and 13 deletions
41
doc/BackupAndRestore.md
Normal file
41
doc/BackupAndRestore.md
Normal file
|
@ -0,0 +1,41 @@
|
|||
# Backup Architecture details
|
||||
|
||||
![](backup.svg)
|
||||
|
||||
* we use restic to produce small & encrypted backups
|
||||
* backup is scheduled at `schedule: "10 23 * * *"`
|
||||
* Gitea stores files in `/data/gitea` and `/data/git/repositories`, these files are backed up.
|
||||
* The postgres db is also backed up
|
||||
|
||||
## Manual init the restic repository for the first time
|
||||
|
||||
1. apply backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=1`
|
||||
2. exec into pod and execute restore pod (press tab to get your exact pod name)
|
||||
`kubectl exec -it backup-restore-... -- /usr/local/bin/init.sh`
|
||||
3. remove backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=0`
|
||||
|
||||
|
||||
## Manual backup the restic repository for the first time
|
||||
|
||||
1. apply backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=1`
|
||||
2. exec into pod and execute restore pod (press tab to get your exact pod name)
|
||||
`kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh`
|
||||
3. remove backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=0`
|
||||
|
||||
|
||||
## Manual restore
|
||||
|
||||
1. apply backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=1`
|
||||
2. Scale down gitea deployment:
|
||||
`kubectl scale deployment gitea --replicas=0`
|
||||
3. exec into pod and execute restore pod (press tab to get your exact pod name)
|
||||
`kubectl exec -it backup-restore-... -- /usr/local/bin/restore.sh`
|
||||
4. Start gitea again:
|
||||
`kubectl scale deployment gitea --replicas=1`
|
||||
5. remove backup-and-restore pod:
|
||||
`kubectl scale deployment backup-restore --replicas=0`
|
|
@ -1,4 +1,4 @@
|
|||
FROM domaindrivenarchitecture/dda-backup:1.0.5
|
||||
FROM domaindrivenarchitecture/dda-backup:1.0.6
|
||||
|
||||
# Prepare Entrypoint Script
|
||||
ADD resources /tmp
|
||||
|
|
|
@ -8,7 +8,6 @@ function main() {
|
|||
file_env RESTIC_DAYS_TO_KEEP 30
|
||||
file_env RESTIC_MONTHS_TO_KEEP 12
|
||||
|
||||
#backup-roles 'TODO'
|
||||
backup-db-dump
|
||||
backup-fs-from-directory '/var/backups/' 'gitea/' 'git/repositories/'
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
function main() {
|
||||
create-pg-pass
|
||||
|
||||
while true; do
|
||||
sleep 1m
|
||||
|
@ -8,4 +9,5 @@ function main() {
|
|||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
source /usr/local/lib/pg-functions.sh
|
||||
main
|
|
@ -1,9 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
function main() {
|
||||
create-pg-pass
|
||||
|
||||
/usr/local/bin/backup.sh
|
||||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
source /usr/local/lib/pg-functions.sh
|
||||
main
|
||||
|
|
|
@ -4,11 +4,11 @@ function main() {
|
|||
file_env AWS_ACCESS_KEY_ID
|
||||
file_env AWS_SECRET_ACCESS_KEY
|
||||
|
||||
init-role-repo
|
||||
init-database-repo
|
||||
init-file-repo
|
||||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
source /usr/local/lib/pg-functions.sh
|
||||
source /usr/local/lib/file-functions.sh
|
||||
main
|
||||
|
|
|
@ -7,6 +7,7 @@ function main() {
|
|||
file_env AWS_SECRET_ACCESS_KEY
|
||||
|
||||
restic -r ${RESTIC_REPOSITORY}/files snapshots
|
||||
restic -r ${RESTIC_REPOSITORY}/pg-database snapshots
|
||||
}
|
||||
|
||||
source /usr/local/lib/functions.sh
|
||||
|
|
|
@ -15,20 +15,19 @@ function main() {
|
|||
rm -rf /var/backups/restore
|
||||
restore-directory '/var/backups/restore'
|
||||
|
||||
rm -rf /data/gitea/*
|
||||
rm -rf /data/git/repositories/*
|
||||
cp /var/backups/restore/gitea/* /data/gitea/
|
||||
cp /var/backups/restore/git/repositories/* /data/git/repositories/
|
||||
rm -rf /var/backups/gitea/*
|
||||
rm -rf /var/backups/git/repositories/*
|
||||
cp -r /var/backups/restore/gitea/* /var/backups/gitea/
|
||||
cp -r /var/backups/restore/git/repositories/* /var/backups/git/repositories/
|
||||
|
||||
# adjust file permissions
|
||||
chown -R git:git /data
|
||||
# adjust file permissions for the git user
|
||||
chown -R 1000:1000 /var/backups
|
||||
|
||||
# Regenerate Git Hooks
|
||||
/usr/local/bin/gitea -c '/data/gitea/conf/app.ini' admin regenerate hooks
|
||||
# TODO: Regenerate Git Hooks? Do we need this?
|
||||
#/usr/local/bin/gitea -c '/data/gitea/conf/app.ini' admin regenerate hooks
|
||||
|
||||
# Restore db
|
||||
drop-create-db
|
||||
#restore-roles
|
||||
restore-db
|
||||
}
|
||||
|
||||
|
|
|
@ -22,6 +22,27 @@ spec:
|
|||
imagePullPolicy: IfNotPresent
|
||||
command: ["/entrypoint-start-and-wait.sh"]
|
||||
env:
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-user
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-password
|
||||
- name: POSTGRES_DB
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: postgres-config
|
||||
key: postgres-db
|
||||
- name: POSTGRES_HOST
|
||||
value: "postgresql-service:5432"
|
||||
- name: POSTGRES_SERVICE
|
||||
value: "postgresql-service"
|
||||
- name: POSTGRES_PORT
|
||||
value: "5432"
|
||||
- name: AWS_DEFAULT_REGION
|
||||
value: eu-central-1
|
||||
- name: AWS_ACCESS_KEY_ID_FILE
|
||||
|
@ -35,6 +56,8 @@ spec:
|
|||
key: restic-repository
|
||||
- name: RESTIC_PASSWORD_FILE
|
||||
value: /var/run/secrets/backup-secrets/restic-password
|
||||
- name: CERTIFICATE_FILE
|
||||
value: ""
|
||||
volumeMounts:
|
||||
- name: gitea-data-volume
|
||||
mountPath: /var/backups
|
||||
|
|
Loading…
Reference in a new issue