diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index bf3fcbda6b50dffbffdac72c395a8340e3f9dae2..9d2580f4895e44634b1bd96c8cfdeda89cbaab8b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -111,7 +111,7 @@ docker-image: IMAGE: - api - authentication - - db + - backup - engine - grafana - guac @@ -159,7 +159,7 @@ docker-tag: - IMAGE: - api - authentication - - db + - backup - engine - grafana - guac diff --git a/backup/Dockerfile b/backup/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..15d13ffa0e3fb7de72d4c560c90911a8d047decb --- /dev/null +++ b/backup/Dockerfile @@ -0,0 +1,14 @@ +FROM alpine:3.14 + +RUN apk add --no-cache \ + py3-pip \ + coreutils +RUN pip3 install --no-cache-dir \ + rethinkdb + +COPY backup/*.sh /usr/local/bin/backup/ +RUN echo "0 2 * * * /usr/local/bin/backup/backup.sh" > /etc/crontabs/root + +WORKDIR /data + +CMD ["crond", "-f"] diff --git a/backup/backup.sh b/backup/backup.sh new file mode 100755 index 0000000000000000000000000000000000000000..5d06c74ac24cedda7b4c78253028c8ff83f7f83c --- /dev/null +++ b/backup/backup.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +# Used to call the other backup scripts +dir="$(dirname $0)" + +# Move to the backup directory +cd /data + +# DB backup +if [[ "$BACKUP_DATABASE" == "true" ]]; then + source "$dir/database.sh" +fi diff --git a/backup/database.sh b/backup/database.sh new file mode 100755 index 0000000000000000000000000000000000000000..6dd81dde8b4b612480fb6ea1458bdf9263332083 --- /dev/null +++ b/backup/database.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +# Backup the database +rethinkdb-dump -c "isard-db:28015" -f "isard-db-$(date +%Y-%m-%d_%H:%M:%S).tar.gz" + +# Prune old backups +if [ -z "$BACKUP_DATABASE_PRUNE" ]; then + BACKUP_DATABASE_PRUNE="-1 week" +fi + +for backup in ./*.tar.gz; do + if [ "$(date -d "$(echo $backup | sed -e 's|./isard-db-||' -e 's|.tar.gz||' -e 's|_| |')" +%s)" -lt "$(date +%s -d "$BACKUP_DATABASE_PRUNE")" ]; then + rm "$backup" + fi +done diff --git a/build.sh b/build.sh index 1471e4e32f1da5905f566b5a60800879cbd7353c..5452e882791d291bf0bbefcfa39ac7a7f2775fab 100755 --- a/build.sh +++ b/build.sh @@ -37,6 +37,7 @@ ALLINONE_PARTS=" vpn guac toolbox + backup " HYPERVISOR_KEY="hypervisor" HYPERVISOR_PARTS=" @@ -85,6 +86,7 @@ WEB_PARTS=" api authentication vpn + backup " git submodule init diff --git a/docker-compose-parts/db.build.yml b/docker-compose-parts/backup.build.yml similarity index 57% rename from docker-compose-parts/db.build.yml rename to docker-compose-parts/backup.build.yml index fe2e0f171c8f0e50242b3aad3389d92365a93a54..e78ca69d3cfcd2a1ab13e5596b170ba714ae2d20 100644 --- a/docker-compose-parts/db.build.yml +++ b/docker-compose-parts/backup.build.yml @@ -1,6 +1,6 @@ version: '3.5' services: - isard-db: + isard-backup: build: context: ${BUILD_ROOT_PATH} - dockerfile: docker/db/Dockerfile \ No newline at end of file + dockerfile: backup/Dockerfile diff --git a/docker-compose-parts/backup.yml b/docker-compose-parts/backup.yml new file mode 100644 index 0000000000000000000000000000000000000000..66457f03cb9fbd1202c06683686770bf9f67ba62 --- /dev/null +++ b/docker-compose-parts/backup.yml @@ -0,0 +1,16 @@ +version: '3.5' +services: + isard-backup: + container_name: isard-backup + image: ${DOCKER_IMAGE_PREFIX}backup:${DOCKER_IMAGE_TAG:-latest} + logging: + options: + max-size: "100m" + networks: + isard-network: + ipv4_address: ${DOCKER_NET:-172.31.255}.97 + restart: unless-stopped + volumes: + - "${BACKUP_DIRECTORY:-/opt/isard-local/backups}:/data" + env_file: + - .env diff --git a/docker-compose-parts/db.yml b/docker-compose-parts/db.yml index 3894f9dbd0f5b473423bbc0c1e457f427adf6e7e..500120e311d11368504ecfb5d5381f35b3eb9bd4 100644 --- a/docker-compose-parts/db.yml +++ b/docker-compose-parts/db.yml @@ -2,7 +2,7 @@ version: '3.5' services: isard-db: container_name: isard-db - image: ${DOCKER_IMAGE_PREFIX}db:${DOCKER_IMAGE_TAG:-latest} + image: rethinkdb logging: options: max-size: "100m" diff --git a/docker/db/Dockerfile b/docker/db/Dockerfile deleted file mode 100644 index ef0289aa2f35ff465130ff119576e110f1746a9c..0000000000000000000000000000000000000000 --- a/docker/db/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM rethinkdb - -RUN apt-get update && \ - apt-get install -y \ - python3-pip && \ - apt-get clean autoclean && \ - apt-get autoremove --yes && \ - rm -rf \ - /var/lib/apt \ - /var/lib/dpkg \ - /var/lib/cache \ - /var/lib/log -RUN pip3 install --no-cache-dir \ - rethinkdb - diff --git a/isardvdi.cfg.example b/isardvdi.cfg.example index 0174e4a6215869c4fedf08c41809bf12013051e4..453eab9d37dc89a0ddb04d275fdcf71511bc7517 100644 --- a/isardvdi.cfg.example +++ b/isardvdi.cfg.example @@ -108,6 +108,12 @@ API_HYPERVISORS_SECRET=B5/bUEUzIC+AjNQRmFh3vxR3VeIKirwdeL/xuHPVO+E= #AUTHENTICATION_AUTHENTICATION_GOOGLE_CLIENT_ID=id #AUTHENTICATION_AUTHENTICATION_GOOGLE_CLIENT_SECRET=secret +# ------ Backup ------------------------------------------------------ + +#BACKUP_DIRECTORY=/opt/isard-local/backups +#BACKUP_DATABASE=false +## This text is used by the GNU date program. Check the manpages and test it with `date -d ""` +#BACKUP_DATABASE_PRUNE="-1 week"