From 6350a171789462cbb5570b53b8c8bbcf438e81ad Mon Sep 17 00:00:00 2001 From: Paulino Padial Date: Tue, 23 Jan 2018 18:01:22 +0100 Subject: [PATCH] First commit --- Dockerfile | 23 +++++++ README.md | 101 ++++++++++++++++++++++++++++++- autopostgresqlbackup.conf | 124 ++++++++++++++++++++++++++++++++++++++ docker-entrypoint.sh | 4 ++ 4 files changed, 250 insertions(+), 2 deletions(-) create mode 100644 Dockerfile create mode 100644 autopostgresqlbackup.conf create mode 100644 docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..bbc6ec1 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,23 @@ +FROM ubuntu:latest + +# Labels +LABEL maintainer="Paulino Padial " + +# Environment variables (with default values) +ENV LOG_LEVEL=8 + +# Packages installation +RUN apt-get update && apt-get upgrade -y && \ + apt-get install -y autopostgresqlbackup cron bzip2 gzip && \ + apt-get purge -y --auto-remove && \ + rm -rf /var/lib/apt/lists/* + +# Configure entrypoint +ADD docker-entrypoint.sh /docker-entrypoint.sh +RUN chmod +x /docker-entrypoint.sh + +# Volumes declaration +VOLUME ["/backup", "/scripts"] + +# Start the container process +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/README.md b/README.md index addc0ec..c6252f8 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,99 @@ -# docker-autopostgresqlbackup -AutoPostgreSQLBackup in a docker container ready to use +# Docker AutoPostgreSQLBackup + +> AutoPostgreSQLBackup in a docker container + +[![](https://dockerbuildbadges.quelltext.eu/status.svg?organization=ppadial&repository=autopostgresqlbackup)](https://hub.docker.com/r/ppadial/autopostgresqlbackup/builds/) + +This container follow the [dockerfile good practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/). +## Installation + +```bash +docker pull ppadial/autopostgresqlbackup +``` + +## Configuration + +### Volumes + +| MOUNT | DESCRIPTION | +| :------- | :---------------------------------------------------------------------------- | +| /backups | a directory that contains the crontab files (one or many) with crontab format | + +Remember to map your /etc/localtime to the /etc/localtime of the container (good practice) + +## Environment variables + +| NAME | VALUES | DEFAULT | DESCRIPTION | +| :-------------- | :-------------------------------------- | :-------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ENV LOG_LEVEL | 1 to 8 | 8 | Level of verbosite. Most verbose is 0, less verbose is 8 | +| DBHOST | hostname | localhost | name of the db host to connect. | +| USERNAME | string | postgres | user used to connects to the db. | +| PASSWORD | string | empty | password for the user to connects to the db. Remember doing this you have the password in an environment variable. If you prefer to use Docker Secrets (I recommend this) don't define this env var or leave it blank, and go to the PASSWORD_SECRET environment variable. | +| PASSWORD_SECRET | docker secret name | empty | contains the name of the secret file where to read the password using docker secrets. Note: if this variable is defined, PASSWORD value will be ignored. | +| DBNAMES | list of dbnames separated by whitespace | all | List of DBNAMES for Daily/Weekly Backup e.g. "DB1 DB2 DB3". | | +| DBEXCLUDE | list of dbnames separated by whitespace | empty | List of DBNAMES to EXLUCDE if DBNAMES are set to all | +| CREATE_DATABASE | yes or no | yes | Include CREATE DATABASE in backup? | +| SEPDIR | yes or no | yes | Separate backup directory and file for each DB? | +| DOWEEKLY | 1 to 7 | 6 | Which day do you want weekly backups? (1 to 7 where 1 is Monday) | +| COMP | gzip or bzip2 | gzip | Choose Compression type. | +| LATEST | yes or no | no | Additionally keep a copy of the most recent backup in a seperate directory. | +| OPT | valid commandline arguments | empty | OPT string for use with pg_dump ( see man pg_dump ) | +| EXT | a file extension starts with . | .sql | Backup files extension | + +Optional specific environment variables: + +| NAME | VALUES | DEFAULT | DESCRIPTION | +| :----------------------------------------------------------------------------------------------------------------------- | :----- | :------ | :------------------------------------------------------------------------------------------------------------------------------ | +| GLOBALS_OBJECTS: pseudo database name used to dump global objects (users, roles, tablespaces). default postgres_globals. | +| COMMCOMP | 0 to 9 | 0 | Compress communications between backup server and PostgreSQL server? set compression level from 0 to 9 (0 means no compression) | + +You need to configure also the script using a configuration file, it's self described so take a look +and read the options [autopostgresqlbackup](autopostgresqlbackup.conf) + +## Usage + +```bash +docker run --name autopostgresqlbackup -v /my/backup/dir:/backups -e DBHOST=mypgbackup -e PASSWORD=mycomplexpassword -v /etc/localtime:/etc/localtime:ro ppadial/autopostgresqlbackup:latest +``` + +### With docker-compose + +```yml +version: '3.5' + +services: + autopgbackup: + image: ppadial/autopostgresqlbackup:latest + container_name: autopgbackup + environment: + - DBHOST = mypgserver + - PASSWORD_SECRET=posgre-pass + volumes: + - /my/backups/dir:/backups + - /etc/localtime:/etc/localtime:ro + secrets: + - posgre-pass + + secrets: + posgre-pass: + file: /path/to/file/that/contains/password +``` + +## Meta + +Paulino Padial – [@ppadial](https://github.com/ppadial) – github.com/ppadial + +Distributed under the XYZ license. See [LICENSE](LICENSE) for more information. + +[https://github.com/ppadial/docker-autopostgresqlbackup](https://github.com/ppadial/) + +## Contributing + +1. Fork it () +2. Create your feature branch (`git checkout -b feature/fooBar`) +3. Commit your changes (`git commit -am 'Add some fooBar'`) +4. Push to the branch (`git push origin feature/fooBar`) +5. Create a new Pull Request + + +[wiki]: https://github.com/ppadial/docker-autopostgresqlbackup/wiki diff --git a/autopostgresqlbackup.conf b/autopostgresqlbackup.conf new file mode 100644 index 0000000..a455dd9 --- /dev/null +++ b/autopostgresqlbackup.conf @@ -0,0 +1,124 @@ +# =============================== +# === Debian specific options === +#================================ + +# By default, on Debian systems, only 'postgres' user +# is allowed to access PostgreSQL databases without password. +# In order to dump databases we need to run pg_dump/psql +# commands as 'postgres' with su. +# +# The following setting has been added to workraound this issue. +# (if it is set to empty, 'su' usage will be disabled) +# For the docker container this value is root, since is the user that +# runs the process +SU_USERNAME=root + +#===================================================================== +# Set the following variables to your system needs +# (Detailed instructions below variables) +#===================================================================== + +# Username to access the PostgreSQL server e.g. dbuser +USERNAME=postgres + +# Password +# create a file $HOME/.pgpass containing a line like this +# hostname:*:*:dbuser:dbpass +# replace hostname with the value of DBHOST and postgres with +# the value of USERNAME + +# Host name (or IP address) of PostgreSQL server e.g localhost +DBHOST=${DBHOST:-localhost} + +# List of DBNAMES for Daily/Weekly Backup e.g. "DB1 DB2 DB3" +DBNAMES="${DBNAMES:-all}" + +# pseudo database name used to dump global objects (users, roles, tablespaces) +GLOBALS_OBJECTS="${GLOBALS_OBJECTS:-postgres_globals}" + +# Backup directory location e.g /backups +BACKUPDIR="/backups" + +# Mail setup +# What would you like to be mailed to you? +# - log : send only log file +# - files : send log file and sql files as attachments (see docs) +# - stdout : will simply output the log to the screen if run manually. +# - quiet : Only send logs if an error occurs to the MAILADDR. +MAILCONTENT="quiet" + +# Set the maximum allowed email size in k. (4000 = approx 5MB email [see docs]) +MAXATTSIZE="4000" + +# Email Address to send mail to? (user@domain.com) +MAILADDR="root" + +# ============================================================ +# === ADVANCED OPTIONS ( Read the doc's below for details )=== +#============================================================= + +# List of DBBNAMES for Monthly Backups. +MDBNAMES="template1 $DBNAMES" + +# List of DBNAMES to EXLUCDE if DBNAMES are set to all (must be in " quotes) +DBEXCLUDE="${DBEXCLUDE}" + +# Include CREATE DATABASE in backup? +CREATE_DATABASE=${CREATE_DATABASE:-yes} + +# Separate backup directory and file for each DB? (yes or no) +SEPDIR=${SEPDIR:-yes} + +# Which day do you want weekly backups? (1 to 7 where 1 is Monday) +DOWEEKLY=${DOWEEKLY:-6} + +# Choose Compression type. (gzip or bzip2) +COMP=${COMP:-gzip} + +# Compress communications between backup server and PostgreSQL server? +# set compression level from 0 to 9 (0 means no compression) +COMMCOMP=${COMMCOMP:-0} + +# Additionally keep a copy of the most recent backup in a seperate directory. +LATEST=${LATEST:-no} + +# OPT string for use with pg_dump ( see man pg_dump ) +OPT="${OPT}" + +# Backup files extension +EXT="${EXT:-sql}" + +# Backup files permissions +PERM=600 + +# Encyrption settings +# (inspired by http://blog.altudov.com/2010/09/27/using-openssl-for-asymmetric-encryption-of-backups/) +# +# Once the backup done, each SQL dump will be encrypted and the original file +# will be deleted (if encryption was successful). +# It is recommended to backup into a staging directory, and then use the +# POSTBACKUP script to sync the encrypted files to the desired location. +# +# Encryption uses private/public keys. You can generate the key pairs like the following: +# openssl req -x509 -nodes -days 100000 -newkey rsa:2048 -keyout backup.key -out backup.crt -subj '/' +# +# Decryption: +# openssl smime -decrypt -in backup.sql.gz.enc -binary -inform DEM -inkey backup.key -out backup.sql.gz + +# Enable encryption +ENCRYPTION=no + +# Encryption public key +ENCRYPTION_PUBLIC_KEY="/etc/ssl/certs/autopostgresqlbackup.crt" + +# Encryption Cipher (see enc manpage) +ENCRYPTION_CIPHER="aes256" + +# Suffix for encyrpted files +ENCRYPTION_SUFFIX=".enc" + +# Command to run before backups (uncomment to use) +#PREBACKUP="/etc/postgresql-backup-pre" + +# Command run after backups (uncomment to use) +#POSTBACKUP="/etc/postgresql-backup-post" diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100644 index 0000000..0d9d7a2 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +# Execute cron with parameters +exec cron -f -l ${LOG_LEVEL:-8}