Wait no this is the commit for the new backup script
This commit is contained in:
parent
5cfbca0534
commit
3b17b4e39c
@ -6,6 +6,7 @@
|
|||||||
roles:
|
roles:
|
||||||
- role: backup
|
- role: backup
|
||||||
vars:
|
vars:
|
||||||
|
backup_script: s3pgdump
|
||||||
backup_s3backup_list_extra:
|
backup_s3backup_list_extra:
|
||||||
- /var/lib/postgresql
|
- /var/lib/postgresql
|
||||||
become: yes
|
become: yes
|
||||||
|
47
roles/backup/templates/s3pgdump.sh
Normal file
47
roles/backup/templates/s3pgdump.sh
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
#! /bin/bash
|
||||||
|
#
|
||||||
|
# s3pgdump.sh
|
||||||
|
# General-purpose, Ansible-managed backup script to dump PostgreSQL DBs to
|
||||||
|
# an S3 bucket
|
||||||
|
#
|
||||||
|
|
||||||
|
# NOTICE: THIS FILE CONTAINS SECRETS
|
||||||
|
# This file may contain the following secrets depending on configuration:
|
||||||
|
# * An AWS access key
|
||||||
|
# * An AWS session token
|
||||||
|
# These are NOT things you want arbitrary readers to access! Ansible will
|
||||||
|
# attempt to ensure this file has 0700 permissions, but that won't stop you
|
||||||
|
# from changing that yourself
|
||||||
|
# DO NOT ALLOW THIS FILE TO BE READ BY NON-ROOT USERS
|
||||||
|
|
||||||
|
# NOTICE: DO NOT MODIFY THIS FILE
|
||||||
|
# Any changes made will be clobbered by Ansible
|
||||||
|
# Please make any configuration changes in the main repo
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# AWS S3 configuration
|
||||||
|
# NOTE: THIS IS SECRET INFORMATION
|
||||||
|
export AWS_ACCESS_KEY_ID="{{ backup_s3_aws_access_key_id }}"
|
||||||
|
export AWS_SECRET_ACCESS_KEY="{{ backup_s3_aws_secret_access_key }}"
|
||||||
|
|
||||||
|
# Populate a list of databases
|
||||||
|
declare -a DATABASES
|
||||||
|
while read line; do
|
||||||
|
DATABASES+=("$line")
|
||||||
|
done < <(sudo -u postgres psql -t -A -c "SELECT datname FROM pg_database where datname not in ('template0', 'template1', 'postgres');" 2>/dev/null)
|
||||||
|
|
||||||
|
# pgdump all DBs, compress them, and pipe straight up to S3
|
||||||
|
echo "Commencing backup on the following databases:"
|
||||||
|
for dir in "${DATABASES[@]}"; do
|
||||||
|
echo "- $dir"
|
||||||
|
done
|
||||||
|
echo "Will upload resultant backups to {{ backup_s3_bucket }}"
|
||||||
|
for db in "${DATABASES[@]}"; do
|
||||||
|
echo "Backing up $db"
|
||||||
|
sudo -u postgres pg_dump "$db" \
|
||||||
|
| gzip -v9 \
|
||||||
|
| aws s3 cp - \
|
||||||
|
"s3://{{ backup_s3_bucket }}/{{ inventory_hostname_short }}/$db-$(date "+{{ backup_dateformat }}").pgsql.gz"
|
||||||
|
done
|
||||||
|
|
Loading…
Reference in New Issue
Block a user