add pgbackrest

2024-09-26 16:42:57 +02:00 · 2024-09-26 16:42:57 +02:00 · d123e0cb32
commit d123e0cb32
--- a/44
+++ b/44
@ -125,9 +125,6 @@ RUN echo 'PermitRootLogin no' >> /etc/ssh/sshd_config \
    && echo 'AllowTcpForwarding yes' >> /etc/ssh/sshd_config \
    && echo 'PermitEmptyPasswords no' >> /etc/ssh/sshd_config

-# Set the root password to an empty string
-RUN echo 'root:' | chpasswd -e
-
 # Start the SSH service
 RUN service ssh start

@ -151,6 +148,45 @@ cd pointcloud-master && \
 ./autogen.sh && ./configure && make -j 4 && make install && \
 cd .. && rm -Rf pointcloud-master

+
+# Install necessary packages: cron, PostgreSQL client, and gnupg for GPG key management
+RUN apt-get update && \
+    apt-get install -y \
+    cron \
+    wget \
+    gnupg2 \
+    ca-certificates && \
+    rm -rf /var/lib/apt/lists/*
+
+# Use an alternative method to add pgBackRest repository and key
+# If the key fails, try skipping key verification for now
+
+RUN wget -qO- https://pgbackrest.org/pgbackrest.gpg | tee /etc/apt/trusted.gpg.d/pgbackrest.gpg && \
+    echo "deb http://apt.pgbackrest.org bullseye main" > /etc/apt/sources.list.d/pgbackrest.list && \
+    apt-get update && \
+    apt-get install -y pgbackrest && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create necessary directories for pgBackRest
+RUN mkdir -p /etc/pgbackrest /var/log/pgbackrest /var/lib/pgbackrest
+
+# Set appropriate permissions for pgBackRest directories
+RUN chown -R postgres:postgres /etc/pgbackrest /var/log/pgbackrest /var/lib/pgbackrest
+
+# Copy pgBackRest configuration file
+COPY ./pgbackrest/pgbackrest.conf /etc/pgbackrest/pgbackrest.conf
+
+# Add a backup script
+COPY ./pgbackrest/backup-script.sh /usr/local/bin/backup-script.sh
+RUN chmod +x /usr/local/bin/backup-script.sh
+
+# Add the cron job for automated backups
+COPY ./pgbackrest/backup-cron /etc/cron.d/backup-cron
+RUN chmod 0644 /etc/cron.d/backup-cron
+
+# Apply cron job configuration
+RUN crontab /etc/cron.d/backup-cron
+
 # Cleanup resources
 RUN apt-get -y --purge autoremove  \
    && apt-get clean \
@ -171,7 +207,7 @@ RUN set -eux \
 RUN echo 'figlet -t "Kartoza Docker PostGIS"' >> ~/.bashrc


-ENTRYPOINT ["/bin/bash", "/scripts/docker-entrypoint.sh"]
+ENTRYPOINT ["/bin/bash", "/scripts/docker-entrypoint.sh && cron -f"]


 ##############################################################################
--- a/pgbackrest/backup-cron
+++ b/pgbackrest/backup-cron
@ -0,0 +1,2 @@
+# Cron job to backup databases at 2 AM daily
+0 2 * * * root /usr/local/bin/backup-script.sh >> /var/log/pgbackrest/backup.log 2>&1
--- a/pgbackrest/backup-script.sh
+++ b/pgbackrest/backup-script.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Set environment variables
+export PGPASSWORD=${POSTGRES_PASS}
+BACKUP_DIR="/var/lib/pgbackrest"
+LOG_DIR="/var/log/pgbackrest"
+TMP_DIR="/tmp/pgbackrest"
+
+# Function to create directories and set permissions
+create_pgbackrest_dirs() {
+    local dir_path="$1"
+
+    # Create the directory if it doesn't exist
+    if [ ! -d "$dir_path" ]; then
+        mkdir -p "$dir_path"
+    fi
+
+    # Change ownership to postgres user and set permissions
+    chown -R postgres:postgres "$dir_path"
+    chmod 700 "$dir_path"
+}
+
+# Switch to postgres user to create directories and permissions
+su - postgres -c "
+    create_pgbackrest_dirs '$LOG_DIR'
+    create_pgbackrest_dirs '$TMP_DIR'
+    create_pgbackrest_dirs '$BACKUP_DIR'
+"
+
+# Create a pgBackRest stanza as postgres user
+su - postgres -c "pgbackrest --stanza=postgres stanza-create"
+
+# Run pgBackRest backup as postgres user
+su - postgres -c "pgbackrest --stanza=postgres backup"
--- a/pgbackrest/entrypoint.sh
+++ b/pgbackrest/entrypoint.sh
@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Log the current user
+echo "Running as user: $(whoami)"
+
+# Attempt to create the cron job
+echo "0 2 * * * /usr/local/bin/pgbackrest-backup.sh >> /var/log/backup.log 2>&1" > /etc/cron.d/pgbackrest-cron
+
+# Log the result
+if [ $? -eq 0 ]; then
+  echo "Successfully created cron job"
+else
+  echo "Failed to create cron job"
+fi
+
+# Set permissions
+chmod 0644 /etc/cron.d/pgbackrest-cron
+
+# Install the cron job
+crontab /etc/cron.d/pgbackrest-cron
+
+# Start the cron service
+service cron start
+
+# Keep the container running
+tail -f /dev/null
--- a/pgbackrest/pgbackrest.conf
+++ b/pgbackrest/pgbackrest.conf
@ -0,0 +1,10 @@
+[global]
+repo1-path=/var/lib/pgbackrest
+repo1-retention-full=2
+backup-user=root
+
+[postgres]
+pg1-host=postgres
+pg1-path=/var/lib/postgresql/data
+pg1-user=postgres
+pg1-port=5432
--- a/pgbackrest/ssh-keygen-script.sh
+++ b/pgbackrest/ssh-keygen-script.sh
@ -0,0 +1,8 @@
+#!/bin/bash
+
+if [ ! -f /shared-ssh/id_rsa ]; then
+    ssh-keygen -t rsa -b 4096 -f /shared-ssh/id_rsa -N ''
+    echo "SSH key generated"
+else
+    echo "SSH key already exists"
+fi