postgres-backup-s3/backup.sh at main · johnnybui/postgres-backup-s3 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
#! /bin/sh

set -e
set -o pipefail

>&2 echo "-----"

# Accept database name as argument (for multiple database support)
if [ -n "$1" ]; then
  POSTGRES_DATABASE="$1"
fi

if [ "${S3_ACCESS_KEY_ID}" = "**None**" ]; then
  echo "You need to set the S3_ACCESS_KEY_ID environment variable."
  exit 1
fi

if [ "${S3_SECRET_ACCESS_KEY}" = "**None**" ]; then
  echo "You need to set the S3_SECRET_ACCESS_KEY environment variable."
  exit 1
fi

if [ "${S3_BUCKET}" = "**None**" ]; then
  echo "You need to set the S3_BUCKET environment variable."
  exit 1
fi

if [ "${POSTGRES_DATABASE}" = "**None**" ] || [ -z "${POSTGRES_DATABASE}" ]; then
  echo "You need to set the POSTGRES_DATABASE environment variable or pass it as argument."
  exit 1
fi

# Handle multiple databases (comma or space separated)
# If POSTGRES_DATABASE contains comma or space, loop through each database
if echo "$POSTGRES_DATABASE" | grep -q "[, ]"; then
  echo "Multiple databases detected: $POSTGRES_DATABASE"

  # Convert comma to space for consistent handling
  DATABASES=$(echo "$POSTGRES_DATABASE" | tr ',' ' ')

  # Loop through each database
  for DB in $DATABASES; do
    DB=$(echo "$DB" | xargs)  # Trim whitespace
    if [ -n "$DB" ]; then
      echo ""
      echo "======================================"
      echo "Backing up database: $DB"
      echo "======================================"
      # Recursively call this script with single database
      POSTGRES_DATABASE="$DB" "$0"
      echo "✓ Completed backup for: $DB"
    fi
  done

  echo ""
  echo "======================================"
  echo "All database backups completed!"
  echo "======================================"
  exit 0
fi

# If we reach here, it's a single database - continue with normal backup

if [ "${POSTGRES_HOST}" = "**None**" ]; then
  if [ -n "${POSTGRES_PORT_5432_TCP_ADDR}" ]; then
    POSTGRES_HOST=$POSTGRES_PORT_5432_TCP_ADDR
    POSTGRES_PORT=$POSTGRES_PORT_5432_TCP_PORT
  else
    echo "You need to set the POSTGRES_HOST environment variable."
    exit 1
  fi
fi

if [ "${POSTGRES_USER}" = "**None**" ]; then
  echo "You need to set the POSTGRES_USER environment variable."
  exit 1
fi

if [ "${POSTGRES_PASSWORD}" = "**None**" ]; then
  echo "You need to set the POSTGRES_PASSWORD environment variable or link to a container named POSTGRES."
  exit 1
fi

# Configure storage based on type (S3, R2, or S3-Compatible)
STORAGE_TYPE=${STORAGE_TYPE:-S3}

case $STORAGE_TYPE in
  S3)
    # Standard AWS S3
    AWS_ARGS=""
    export AWS_DEFAULT_REGION=${S3_REGION:-us-west-1}
    >&2 echo "Using AWS S3 (region: ${AWS_DEFAULT_REGION})"
    ;;
  R2)
    # Cloudflare R2
    if [ "${R2_ACCOUNT_ID}" = "**None**" ] || [ -z "${R2_ACCOUNT_ID}" ]; then
      echo "You need to set the R2_ACCOUNT_ID environment variable when using R2."
      exit 1
    fi
    AWS_ARGS="--endpoint-url https://${R2_ACCOUNT_ID}.r2.cloudflarestorage.com"
    export AWS_DEFAULT_REGION="auto"
    >&2 echo "Using Cloudflare R2 (account: ${R2_ACCOUNT_ID})"
    ;;
  COMPATIBLE)
    # S3-Compatible services (Minio, DigitalOcean Spaces, etc.)
    if [ "${S3_ENDPOINT}" = "**None**" ] || [ -z "${S3_ENDPOINT}" ]; then
      echo "You need to set the S3_ENDPOINT environment variable when using COMPATIBLE mode."
      exit 1
    fi
    AWS_ARGS="--endpoint-url ${S3_ENDPOINT}"
    export AWS_DEFAULT_REGION=${S3_REGION:-us-east-1}
    >&2 echo "Using S3-Compatible storage (endpoint: ${S3_ENDPOINT})"
    ;;
  *)
    echo "Invalid STORAGE_TYPE: ${STORAGE_TYPE}. Must be S3, R2, or COMPATIBLE."
    exit 1
    ;;
esac

export AWS_ACCESS_KEY_ID=$S3_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=$S3_SECRET_ACCESS_KEY

export PGPASSWORD=$POSTGRES_PASSWORD
POSTGRES_HOST_OPTS="-h $POSTGRES_HOST -p $POSTGRES_PORT -U $POSTGRES_USER $POSTGRES_EXTRA_OPTS"

echo "Creating dump of ${POSTGRES_DATABASE} database from ${POSTGRES_HOST}..."

if [ "$USE_CUSTOM_FORMAT" = "yes" ]; then
  SRC_FILE=dump.dump
  DEST_FILE=${POSTGRES_DATABASE}_$(date +"%Y-%m-%dT%H:%M:%SZ").dump
  if [ "${POSTGRES_DATABASE}" == "all" ]; then
    echo "ERROR: Custom format (-Fc) is not supported with pg_dumpall."
    exit 1
  else
    pg_dump -Fc $POSTGRES_HOST_OPTS $POSTGRES_DATABASE > $SRC_FILE
  fi
else
  SRC_FILE=dump.sql.gz
  DEST_FILE=${POSTGRES_DATABASE}_$(date +"%Y-%m-%dT%H:%M:%SZ").sql.gz
  if [ "${POSTGRES_DATABASE}" == "all" ]; then
    pg_dumpall $POSTGRES_HOST_OPTS | $COMPRESSION_CMD > $SRC_FILE
  else
    pg_dump $POSTGRES_HOST_OPTS $POSTGRES_DATABASE | $COMPRESSION_CMD > $SRC_FILE
  fi
fi


if [ "${ENCRYPTION_PASSWORD}" != "**None**" ]; then
  >&2 echo "Encrypting ${SRC_FILE}"
  openssl enc -aes-256-cbc -in $SRC_FILE -out ${SRC_FILE}.enc -k $ENCRYPTION_PASSWORD
  if [ $? != 0 ]; then
    >&2 echo "Error encrypting ${SRC_FILE}"
  fi
  rm $SRC_FILE
  SRC_FILE="${SRC_FILE}.enc"
  DEST_FILE="${DEST_FILE}.enc"
fi

echo "Uploading dump to $S3_BUCKET"

cat $SRC_FILE | aws $AWS_ARGS s3 cp - s3://$S3_BUCKET/$S3_PREFIX/$DEST_FILE || exit 2

if [ "${DELETE_OLDER_THAN}" != "**None**" ]; then
  >&2 echo "Checking for files older than ${DELETE_OLDER_THAN}"
  aws $AWS_ARGS s3 ls s3://$S3_BUCKET/$S3_PREFIX/ | grep " PRE " -v | while read -r line;
    do
      fileName=`echo $line|awk {'print $4'}`
      created=`echo $line|awk {'print $1" "$2'}`
      created=`date -d "$created" +%s`
      older_than=`date -d "$DELETE_OLDER_THAN" +%s`
      if [ $created -lt $older_than ]
        then
          if [ $fileName != "" ]
            then
              >&2 echo "DELETING ${fileName}"
              aws $AWS_ARGS s3 rm s3://$S3_BUCKET/$S3_PREFIX/$fileName
          fi
      else
          >&2 echo "${fileName} not older than ${DELETE_OLDER_THAN}"
      fi
    done;
fi

echo "SQL backup finished"

>&2 echo "-----"