TDvorak/Productier
1
0
Fork 0
mirror of https://github.com/Dvorinka/Productier.git synced 2026-06-04 04:23:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
3cb40adb23f953f8c5aa3f0abeffd5693dd34bdf
Productier/scripts/ops/backup-job.sh
T
Tomas Dvorak 3cb40adb23 first commit
2026-04-10 12:04:09 +02:00

122 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
ENV_FILE="${1:-$ROOT_DIR/.env.production}"
BACKUP_ROOT="${2:-$ROOT_DIR/backups}"
KEEP_COUNT="${3:-14}"
LOCK_FILE="$BACKUP_ROOT/.backup.lock"
OPS_NOTIFY_ON_SUCCESS="${OPS_NOTIFY_ON_SUCCESS:-0}"
OPS_ALERT_WEBHOOK_URL="${OPS_ALERT_WEBHOOK_URL:-}"
OPS_ALERT_TIMEOUT_SECONDS="${OPS_ALERT_TIMEOUT_SECONDS:-10}"
OPS_ALERT_WEBHOOK_BEARER_TOKEN="${OPS_ALERT_WEBHOOK_BEARER_TOKEN:-}"
started_at_utc="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
latest_backup=""
if [[ "${1:-}" == "--help" || "${1:-}" == "-h" ]]; then
cat <<'USAGE'
Usage:
scripts/ops/backup-job.sh [env-file] [backup-root] [keep-count]
Examples:
scripts/ops/backup-job.sh
scripts/ops/backup-job.sh .env.production /var/backups/productier 30
Behavior:
- Acquires a non-blocking lock to avoid overlapping runs.
- Executes production backup.
- Verifies resulting backup integrity.
- Prunes old backups using keep-count retention.
- Sends webhook alerts when OPS_ALERT_WEBHOOK_URL is configured.
USAGE
exit 0
fi
if ! [[ "$KEEP_COUNT" =~ ^[0-9]+$ ]] || [[ "$KEEP_COUNT" -lt 1 ]]; then
echo "[error] keep-count must be a positive integer" >&2
exit 1
fi
json_escape() {
local value="$1"
value="${value//\\/\\\\}"
value="${value//\"/\\\"}"
value="${value//$'\n'/\\n}"
value="${value//$'\r'/\\r}"
printf '%s' "$value"
}
send_alert() {
local status="$1"
local message="$2"
if [[ -z "$OPS_ALERT_WEBHOOK_URL" ]]; then
return
fi
if ! command -v curl >/dev/null 2>&1; then
echo "[warn] OPS_ALERT_WEBHOOK_URL is set but curl is unavailable; skipping alert"
return
fi
local payload
payload="$(cat <<EOF
{"service":"productier-backup-job","status":"$(json_escape "$status")","startedAt":"$started_at_utc","finishedAt":"$(date -u +%Y-%m-%dT%H:%M:%SZ)","backup":"$(json_escape "$latest_backup")","message":"$(json_escape "$message")"}
EOF
)"
local auth_header=()
if [[ -n "$OPS_ALERT_WEBHOOK_BEARER_TOKEN" ]]; then
auth_header=(-H "Authorization: Bearer $OPS_ALERT_WEBHOOK_BEARER_TOKEN")
fi
if ! curl -fsS -m "$OPS_ALERT_TIMEOUT_SECONDS" \
-H "Content-Type: application/json" \
"${auth_header[@]}" \
-d "$payload" \
"$OPS_ALERT_WEBHOOK_URL" >/dev/null; then
echo "[warn] failed to deliver backup alert webhook"
fi
}
on_error() {
local exit_code="$1"
send_alert "failure" "backup job failed with exit code ${exit_code}"
}
trap 'on_error $?' ERR
mkdir -p "$BACKUP_ROOT"
if command -v flock >/dev/null 2>&1; then
exec 9>"$LOCK_FILE"
if ! flock -n 9; then
echo "[error] backup job already running (lock file: $LOCK_FILE)" >&2
exit 1
fi
else
echo "[warn] flock not found; running without lock protection"
fi
echo "[info] starting backup job (env=$ENV_FILE root=$BACKUP_ROOT keep=$KEEP_COUNT)"
bash "$ROOT_DIR/scripts/ops/backup-prod.sh" "$ENV_FILE" "$BACKUP_ROOT"
latest_backup="$(find "$BACKUP_ROOT" -mindepth 1 -maxdepth 1 -type d -printf '%f\n' \
| grep -E '^[0-9]{8}T[0-9]{6}Z$' \
| sort \
| tail -n 1)"
if [[ -z "$latest_backup" ]]; then
echo "[error] no backup directory found after backup execution" >&2
exit 1
fi
bash "$ROOT_DIR/scripts/ops/verify-backup.sh" "$BACKUP_ROOT/$latest_backup"
bash "$ROOT_DIR/scripts/ops/prune-backups.sh" "$BACKUP_ROOT" "$KEEP_COUNT"
echo "[ok] backup job completed"
if [[ "$OPS_NOTIFY_ON_SUCCESS" == "1" || "$OPS_NOTIFY_ON_SUCCESS" == "true" ]]; then
send_alert "success" "backup job completed successfully"
fi
Reference in New Issue View Git Blame Copy Permalink