aboutsummaryrefslogtreecommitdiff
path: root/app/backup/build/backup-consul
diff options
context:
space:
mode:
authorQuentin <quentin@dufour.io>2021-01-18 08:18:21 +0100
committerQuentin <quentin@dufour.io>2021-01-18 08:18:21 +0100
commitad6017eea058f7cb6fdf078783f992a4f45a3e15 (patch)
tree6620bcc9e1ea61a5689b763b9ad8280275e35e76 /app/backup/build/backup-consul
parent79b7273ff2a487d6721d393682c8ad3927467a75 (diff)
parentc642370def01f09d966b3b9c643cfe416ea115cf (diff)
downloadinfrastructure-ad6017eea058f7cb6fdf078783f992a4f45a3e15.tar.gz
infrastructure-ad6017eea058f7cb6fdf078783f992a4f45a3e15.zip
Merge pull request 'Reorganize app/ and add script for secret management' (#29) from test_reorganize into master
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/pulls/29
Diffstat (limited to 'app/backup/build/backup-consul')
-rw-r--r--app/backup/build/backup-consul/Dockerfile28
-rwxr-xr-xapp/backup/build/backup-consul/do_backup.sh20
2 files changed, 48 insertions, 0 deletions
diff --git a/app/backup/build/backup-consul/Dockerfile b/app/backup/build/backup-consul/Dockerfile
new file mode 100644
index 0000000..0a5c38f
--- /dev/null
+++ b/app/backup/build/backup-consul/Dockerfile
@@ -0,0 +1,28 @@
+FROM golang:buster as builder
+
+WORKDIR /root
+RUN git clone https://filippo.io/age && cd age/cmd/age && go build -o age .
+
+FROM amd64/debian:buster
+
+COPY --from=builder /root/age/cmd/age/age /usr/local/bin/age
+
+RUN apt-get update && \
+ apt-get -qq -y full-upgrade && \
+ apt-get install -y rsync wget openssh-client unzip && \
+ apt-get clean && \
+ rm -f /var/lib/apt/lists/*_*
+
+RUN mkdir -p /root/.ssh
+WORKDIR /root
+
+RUN wget https://releases.hashicorp.com/consul/1.8.5/consul_1.8.5_linux_amd64.zip && \
+ unzip consul_1.8.5_linux_amd64.zip && \
+ chmod +x consul && \
+ mv consul /usr/local/bin && \
+ rm consul_1.8.5_linux_amd64.zip
+
+COPY do_backup.sh /root/do_backup.sh
+
+CMD "/root/do_backup.sh"
+
diff --git a/app/backup/build/backup-consul/do_backup.sh b/app/backup/build/backup-consul/do_backup.sh
new file mode 100755
index 0000000..a34e7b7
--- /dev/null
+++ b/app/backup/build/backup-consul/do_backup.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -x -e
+
+cd /root
+
+chmod 0600 .ssh/id_ed25519
+
+cat > .ssh/config <<EOF
+Host backuphost
+ HostName $TARGET_SSH_HOST
+ Port $TARGET_SSH_PORT
+ User $TARGET_SSH_USER
+EOF
+
+consul kv export | \
+ gzip | \
+ age -r "$(cat /root/.ssh/id_ed25519.pub)" | \
+ ssh backuphost "cat > $TARGET_SSH_DIR/consul/$(date --iso-8601=minute)_consul_kv_export.gz.age"
+