From a71bb956d61f86b0480ed33e888ed9af66e4bc7d Mon Sep 17 00:00:00 2001
From: Bart Geesink <bart.geesink@surf.nl>
Date: Wed, 27 Dec 2023 20:12:42 +0100
Subject: [PATCH] Add postgres backup scripts and cronjobs

---
 postgres_backup/README.md        |  3 +++
 postgres_backup/backup-script.sh | 40 ++++++++++++++++++++++++++++
 postgres_backup/cronjob.yml      | 40 ++++++++++++++++++++++++++++
 postgres_backup/job.yml          | 23 ++++++++--------
 postgres_backup/pv_nas.yml       |  4 +--
 postgres_backup/pvc_nas.yml      | 12 +++++++++
 postgres_backup/script.sh        | 45 --------------------------------
 7 files changed, 108 insertions(+), 59 deletions(-)
 create mode 100644 postgres_backup/README.md
 create mode 100644 postgres_backup/backup-script.sh
 create mode 100644 postgres_backup/cronjob.yml
 create mode 100644 postgres_backup/pvc_nas.yml
 delete mode 100644 postgres_backup/script.sh

diff --git a/postgres_backup/README.md b/postgres_backup/README.md
new file mode 100644
index 0000000..814e0ba
--- /dev/null
+++ b/postgres_backup/README.md
@@ -0,0 +1,3 @@
+kubectl create cm postgres-backup-script --from-file backup-script.sh \
+                   --dry-run=client -o yaml | kubectl apply -f -
+
diff --git a/postgres_backup/backup-script.sh b/postgres_backup/backup-script.sh
new file mode 100644
index 0000000..450565d
--- /dev/null
+++ b/postgres_backup/backup-script.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Set default values
+PG_USER=${PG_USER:-postgres}
+PG_PASSWORD=${PG_PASSWORD:-postgres}
+PG_HOST=${PG_HOST:-localhost}
+PG_PORT=${PG_PORT:-5432}
+
+# Set backup directory
+BACKUP_DIR="/backup/"
+
+# Generate backup timestamp with format "YYYY-MM-DD_HH-MM-SS"
+TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")
+
+# Set backup file name with timestamp
+BACKUP_FILE="${BACKUP_DIR}/pg_dump_all_${TIMESTAMP}.sql.gz"
+
+# Dump all databases to backup file
+pg_dumpall --clean --if-exists --username="${PG_USER}" --host="${PG_HOST}" --port="${PG_PORT}" | gzip >"${BACKUP_FILE}"
+
+# Rename backups that are old enough to weekly, monthly, or yearly
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*weekly*" \
+	-not -name "*monthly*" -not -name "*yearly*" \
+	-mtime +7 -mtime -28 -exec mv -f {} ${BACKUP_DIR}/pg_dump_all_weekly.sql.gz \; # move daily backups older than 7 days to weekly backups
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*monthly*" \
+	-not -name "*yearly*" -mtime +28 -mtime -365 \
+	-exec mv -f {} ${BACKUP_DIR}/pg_dump_all_monthly.sql.gz \; # move weekly backups older than 28 days to monthly backups
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*yearly*" \
+	-mtime +365 -exec mv -f {} ${BACKUP_DIR}/pg_dump_all_yearly.sql.gz \; # move monthly backups older than 365 days to yearly backups
+
+# Clean up backups older than retention periods
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \
+	-mtime +7 -mtime -28 -not -name "*weekly*" -not -name "*monthly*" -exec rm -f {} + # remove daily backups older than 7 days but exclude those that are weekly or monthly backups
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \
+	-mtime +28 -mtime -365 -not -name "*monthly*" -not -name "*yearly*" -exec rm -f {} + # remove weekly backups older than 28 days but exclude those that are monthly or yearly backups
+find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \
+	-mtime +365 -not -name "*yearly*" -exec rm -f {} + # remove monthly backups older than 365 days but exclude those that are yearly backups
+
+# Print confirmation message
+echo "Done. Backup file: ${BACKUP_FILE}"
diff --git a/postgres_backup/cronjob.yml b/postgres_backup/cronjob.yml
new file mode 100644
index 0000000..29c4805
--- /dev/null
+++ b/postgres_backup/cronjob.yml
@@ -0,0 +1,40 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: postgres-backup
+spec:
+  schedule: "0 0 * * *"
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: postgres-backup
+            image: postgres:15-alpine
+            command: ["sh", "/backup-script.sh"]
+            env:
+             - name: PG_HOST
+               value: postgres-postgresql
+             - name: PG_USER
+               value: backup
+             - name: PGPASSWORD
+               valueFrom:
+                 secretKeyRef:
+                   name: backupscrets
+                   key: pgbackupsecret
+            volumeMounts:
+            - name: backup-volume
+              mountPath: /backup
+              subPath: postgres
+            - name: backup-script
+              mountPath: /backup-script.sh
+              subPath: backup-script.sh
+              readOnly: true
+          restartPolicy: OnFailure
+          volumes:
+          - name: backup-volume
+            persistentVolumeClaim:
+              claimName: nfs-postgresbackup-claim
+          - name: backup-script
+            configMap:
+              name: postgres-backup-script
diff --git a/postgres_backup/job.yml b/postgres_backup/job.yml
index ffa0be5..a3b5e81 100644
--- a/postgres_backup/job.yml
+++ b/postgres_backup/job.yml
@@ -1,29 +1,29 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: mysql-backup
+  name: postgres-backup
 spec:
   template:
     spec:
       containers:
-      - name: mysql-backup
-        image: mariadb:latest
+      - name: postgres-backup
+        image: postgres:15-alpine
         command: [ "/bin/sh" ]
         args: [ "-c", "sleep 3600" ]
         env:
-        - name: MYSQL_HOST
-          value: galera-mariadb-galera
-        - name: MYSQL_USER
-          value: backupuser
-        - name: MYSQL_PASSWORD
+        - name: PG_HOST
+          value: postgres-postgresql
+        - name: PG_USER
+          value: backup
+        - name: PGPASSWORD
           valueFrom:
             secretKeyRef:
               name: backupscrets
-              key: backupsecret
+              key: pgbackupsecret
         volumeMounts:
         - name: backup-volume
           mountPath: /backup
-          subPath: mysql
+          subPath: postgres
         - name: backup-script
           mountPath: /backup-script.sh
           subPath: backup-script.sh
@@ -36,6 +36,5 @@ spec:
           path: /volume1/backupk8s
       - name: backup-script
         configMap:
-          name: backup-script
+          name: postgres-backup-script
   backoffLimit: 1
-
diff --git a/postgres_backup/pv_nas.yml b/postgres_backup/pv_nas.yml
index 2e36c03..278a668 100644
--- a/postgres_backup/pv_nas.yml
+++ b/postgres_backup/pv_nas.yml
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: PersistentVolume
 metadata:
-  name: nfs-backup-mysql
+  name: nfs-backup-postgres
 spec:
   capacity:
     storage: 1Mi
@@ -9,5 +9,5 @@ spec:
     - ReadWriteMany
   nfs:
     server: 192.168.86.86
-    path: "/volume1/backupk8s/mysql/"
+    path: "/volume1/backupk8s/postgres/"
   storageClassName: nfs
diff --git a/postgres_backup/pvc_nas.yml b/postgres_backup/pvc_nas.yml
new file mode 100644
index 0000000..f2abb1a
--- /dev/null
+++ b/postgres_backup/pvc_nas.yml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nfs-postgresbackup-claim
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: "nfs"
+  resources:
+    requests:
+      storage: 1Mi
+
diff --git a/postgres_backup/script.sh b/postgres_backup/script.sh
deleted file mode 100644
index 3fe66e9..0000000
--- a/postgres_backup/script.sh
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/bin/bash
-
-# Set default values
-PG_USER=${PG_USER:-postgres}
-PG_PASSWORD=${PG_PASSWORD:-postgres}
-PG_HOST=${PG_HOST:-localhost}
-PG_PORT=${PG_PORT:-5432}
-
-# Set backup directory
-BACKUP_DIR="/data/backups/postgres"
-
-# Generate backup timestamp with format "YYYY-MM-DD_HH-MM-SS"
-TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")
-
-# Set backup file name with timestamp
-BACKUP_FILE="${BACKUP_DIR}/pg_dump_all_${TIMESTAMP}.sql.gz"
-
-# Dump all databases to backup file
-pg_dumpall --clean --if-exists --dbname=postgres --username="${PG_USER}" --host="${PG_HOST}" --port="${PG_PORT}" | gzip >"${BACKUP_FILE}"
-
-# Set retention periods
-WEEKLY_THRESHOLD=$(date --date="-1 week" +"%s")
-MONTHLY_THRESHOLD=$(date --date="-1 month" +"%s")
-YEARLY_THRESHOLD=$(date --date="-1 year" +"%s")
-
-# Rename backups that are old enough to weekly, monthly, or yearly
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*weekly*" \ 
--not -name "*monthly*" -not -name "*yearly*" \ 
--mtime +7 -mtime -28 -exec mv -f {} ${BACKUP_DIR}/pg_dump_all_weekly.sql.gz \; # move daily backups older than 7 days to weekly backups
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*monthly*" \ 
--not -name "*yearly*" -mtime +28 -mtime -365 \ 
--exec mv -f {} ${BACKUP_DIR}/pg_dump_all_monthly.sql.gz \; # move weekly backups older than 28 days to monthly backups
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" -not -name "*yearly*" \ 
--mtime +365 -exec mv -f {} ${BACKUP_DIR}/pg_dump_all_yearly.sql.gz \; # move monthly backups older than 365 days to yearly backups
-
-# Clean up backups older than retention periods
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \ 
--mtime +7 -mtime -28 -not -name "*weekly*" -not -name "*monthly*" -exec rm -f {} + # remove daily backups older than 7 days but exclude those that are weekly or monthly backups
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \ 
--mtime +28 -mtime -365 -not -name "*monthly*" -not -name "*yearly*" -exec rm -f {} + # remove weekly backups older than 28 days but exclude those that are monthly or yearly backups
-find $BACKUP_DIR -maxdepth 1 -type f -name "*.gz" \ 
--mtime +365 -not -name "*yearly*" -exec rm -f {} + # remove monthly backups older than 365 days but exclude those that are yearly backups
-
-# Print confirmation message
-echo "Done. Backup file: ${BACKUP_FILE}"