101 lines
2.6 KiB
Bash
101 lines
2.6 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# --------------------------------------------------
|
|
# Config
|
|
# --------------------------------------------------
|
|
BACKUP_DATE="$(date +%Y-%m-%d_%H-%M-%S)"
|
|
TMP_DIR="/tmp/infra-backup-${BACKUP_DATE}"
|
|
|
|
K8S_STORAGE="/k8s_storage"
|
|
POSTGRES_STORAGE_DIR="postgres"
|
|
|
|
# Postgres (from secret)
|
|
PGHOST="postgres.default.svc.cluster.local"
|
|
PGPORT="5432"
|
|
|
|
# Namespaces
|
|
SOURCE_NS="default"
|
|
TARGET_NS="${KUBERNETES_NAMESPACE:-arc-systems}"
|
|
POSTGRES_SECRET="postgres-secret"
|
|
|
|
# S3
|
|
S3_BASE="s3://mist-backups/${BACKUP_DATE}"
|
|
|
|
mkdir -p "$TMP_DIR"
|
|
|
|
echo "=== Infra backup started ==="
|
|
echo "Date: $BACKUP_DATE"
|
|
echo "Namespace: $TARGET_NS"
|
|
|
|
# --------------------------------------------------
|
|
# 0. Ensure postgres-secret exists in runner namespace
|
|
# --------------------------------------------------
|
|
echo "=== Ensuring postgres-secret exists ==="
|
|
|
|
if ! kubectl get secret "$POSTGRES_SECRET" -n "$TARGET_NS" >/dev/null 2>&1; then
|
|
echo "→ Copying postgres-secret from default → ${TARGET_NS}"
|
|
|
|
kubectl get secret "$POSTGRES_SECRET" -n "$SOURCE_NS" -o yaml \
|
|
| sed "s/namespace: ${SOURCE_NS}/namespace: ${TARGET_NS}/" \
|
|
| kubectl apply -f -
|
|
else
|
|
echo "✓ postgres-secret already present"
|
|
fi
|
|
|
|
# --------------------------------------------------
|
|
# 1. Postgres logical backup (SAFE)
|
|
# --------------------------------------------------
|
|
echo "=== Backing up Postgres via pg_dump ==="
|
|
|
|
export PGPASSWORD="${POSTGRES_PASSWORD}"
|
|
|
|
pg_dump \
|
|
--format=custom \
|
|
--no-owner \
|
|
--no-acl \
|
|
--host="$PGHOST" \
|
|
--port="$PGPORT" \
|
|
--username="$POSTGRES_USER" \
|
|
"$POSTGRES_DB" \
|
|
> "$TMP_DIR/postgres.dump"
|
|
|
|
gzip "$TMP_DIR/postgres.dump"
|
|
|
|
echo "✓ Postgres dump complete"
|
|
|
|
# --------------------------------------------------
|
|
# 2. Tar k8s_storage (EXCLUDING Postgres)
|
|
# --------------------------------------------------
|
|
echo "=== Archiving k8s_storage (excluding Postgres) ==="
|
|
|
|
tar \
|
|
--exclude="$POSTGRES_STORAGE_DIR" \
|
|
--ignore-failed-read \
|
|
--warning=no-file-changed \
|
|
-czf "$TMP_DIR/k8s_storage_non_postgres.tar.gz" \
|
|
-C "$K8S_STORAGE" .
|
|
|
|
echo "✓ Filesystem archive complete"
|
|
|
|
# --------------------------------------------------
|
|
# 3. Upload to S3
|
|
# --------------------------------------------------
|
|
echo "=== Uploading to S3 ==="
|
|
|
|
aws s3 cp \
|
|
"$TMP_DIR/postgres.dump.gz" \
|
|
"${S3_BASE}/postgres/stripe_invoice.dump.gz"
|
|
|
|
aws s3 cp \
|
|
"$TMP_DIR/k8s_storage_non_postgres.tar.gz" \
|
|
"${S3_BASE}/k8s_storage_non_postgres.tar.gz"
|
|
|
|
echo "✓ Upload complete"
|
|
|
|
# --------------------------------------------------
|
|
# 4. Cleanup
|
|
# --------------------------------------------------
|
|
rm -rf "$TMP_DIR"
|
|
|
|
echo "=== Infra backup finished successfully ==="
|