diff options
-rwxr-xr-x | app/backup/build/backup-psql/backup-psql.py | 41 | ||||
-rw-r--r-- | app/backup/build/backup-psql/default.nix | 3 | ||||
-rw-r--r-- | app/backup/build/backup-psql/docker.nix | 2 | ||||
-rw-r--r-- | app/backup/deploy/backup-weekly.hcl | 2 |
4 files changed, 28 insertions, 20 deletions
diff --git a/app/backup/build/backup-psql/backup-psql.py b/app/backup/build/backup-psql/backup-psql.py index fa0b94e..291cf50 100755 --- a/app/backup/build/backup-psql/backup-psql.py +++ b/app/backup/build/backup-psql/backup-psql.py @@ -1,5 +1,5 @@ #!/usr/bin/env python3 -import shutil,sys,os,datetime,minio +import shutil,sys,os,datetime,minio,subprocess working_directory = "." if 'CACHE_DIR' in os.environ: working_directory = os.environ['CACHE_DIR'] @@ -44,20 +44,22 @@ if not client.bucket_exists(bucket): abort(f"Bucket {bucket} does not exist or its access is forbidden, aborting") # Perform the backup locally -ret = os.system(f""" -pg_basebackup \ - --host={psql_host} \ - --username={psql_user} \ - --pgdata={working_directory} \ - --format=tar \ - --wal-method=stream \ - --gzip \ - --compress=6 \ - --progress \ - --max-rate=5M -""") -if ret != 0: - abort(f"pg_baseckup exit code is {ret}, 0 expected. aborting") +try: + ret = subprocess.run(["pg_basebackup", + f"--host={psql_host}", + f"--username={psql_user}", + f"--pgdata={working_directory}", + f"--format=tar", + "--wal-method=stream", + "--gzip", + "--compress=6", + "--progress", + "--max-rate=5M", + ]) + if ret.returncode != 0: + abort(f"pg_basebackup exited, expected return code 0, got {ret.returncode}. aborting") +except Exception as e: + abort(f"pg_basebackup raised exception {e}. aborting") # Check that the expected files are here for p in clear_paths: @@ -68,9 +70,12 @@ for p in clear_paths: # Cipher them for c, e in zip(clear_paths, crypt_paths): print(f"Ciphering {c} to {e}") - ret = os.system(f"age -r {pubkey} -o {e} {c}") - if ret != 0: - abort(f"age exit code is {ret}, 0 expected. aborting") + try: + ret = subprocess.run(["age", "-r", pubkey, "-o", e, c]) + if ret.returncode != 0: + abort(f"age exit code is {ret}, 0 expected. aborting") + except Exception as e: + abort(f"aged raised an exception. {e}. aborting") # Upload the backup to S3 for p, k in zip(crypt_paths, s3_keys): diff --git a/app/backup/build/backup-psql/default.nix b/app/backup/build/backup-psql/default.nix index 5d2dec7..2cd8d93 100644 --- a/app/backup/build/backup-psql/default.nix +++ b/app/backup/build/backup-psql/default.nix @@ -18,7 +18,10 @@ in buildPhase = '' cat > backup-psql <<EOF #!${pkgs.bash}/bin/bash + export PYTHONPATH=${python-with-my-packages}/${python-with-my-packages.sitePackages} + export PATH=${python-with-my-packages}/bin:${pkgs.age}/bin:${pkgs.postgresql_14}/bin + ${python-with-my-packages}/bin/python3 $out/lib/backup-psql.py EOF diff --git a/app/backup/build/backup-psql/docker.nix b/app/backup/build/backup-psql/docker.nix index 001cada..693943a 100644 --- a/app/backup/build/backup-psql/docker.nix +++ b/app/backup/build/backup-psql/docker.nix @@ -3,7 +3,7 @@ let app = import ./default.nix; pkgs = import common.pkgsSrc {}; in - pkgs.dockerTools.buildLayeredImage { + pkgs.dockerTools.buildImage { name = "superboum/backup-psql-docker"; config = { Cmd = [ "${app}/bin/backup-psql" ]; diff --git a/app/backup/deploy/backup-weekly.hcl b/app/backup/deploy/backup-weekly.hcl index 9c1a0b0..3447a5d 100644 --- a/app/backup/deploy/backup-weekly.hcl +++ b/app/backup/deploy/backup-weekly.hcl @@ -15,7 +15,7 @@ job "backup_weekly" { driver = "docker" config { - image = "superboum/backup-psql-docker:kldrj9xlbda1s4v963jhpgardg6qczgl" + image = "superboum/backup-psql-docker:gyr3aqgmhs0hxj0j9hkrdmm1m07i8za2" volumes = [ // Mount a cache on the hard disk to avoid filling the SSD "/mnt/storage/tmp_bckp_psql:/mnt/cache" |