aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xapp/backup/build/backup-psql/backup-psql.py41
-rw-r--r--app/backup/build/backup-psql/default.nix3
-rw-r--r--app/backup/build/backup-psql/docker.nix2
-rw-r--r--app/backup/deploy/backup-weekly.hcl2
4 files changed, 28 insertions, 20 deletions
diff --git a/app/backup/build/backup-psql/backup-psql.py b/app/backup/build/backup-psql/backup-psql.py
index fa0b94e..291cf50 100755
--- a/app/backup/build/backup-psql/backup-psql.py
+++ b/app/backup/build/backup-psql/backup-psql.py
@@ -1,5 +1,5 @@
#!/usr/bin/env python3
-import shutil,sys,os,datetime,minio
+import shutil,sys,os,datetime,minio,subprocess
working_directory = "."
if 'CACHE_DIR' in os.environ: working_directory = os.environ['CACHE_DIR']
@@ -44,20 +44,22 @@ if not client.bucket_exists(bucket):
abort(f"Bucket {bucket} does not exist or its access is forbidden, aborting")
# Perform the backup locally
-ret = os.system(f"""
-pg_basebackup \
- --host={psql_host} \
- --username={psql_user} \
- --pgdata={working_directory} \
- --format=tar \
- --wal-method=stream \
- --gzip \
- --compress=6 \
- --progress \
- --max-rate=5M
-""")
-if ret != 0:
- abort(f"pg_baseckup exit code is {ret}, 0 expected. aborting")
+try:
+ ret = subprocess.run(["pg_basebackup",
+ f"--host={psql_host}",
+ f"--username={psql_user}",
+ f"--pgdata={working_directory}",
+ f"--format=tar",
+ "--wal-method=stream",
+ "--gzip",
+ "--compress=6",
+ "--progress",
+ "--max-rate=5M",
+ ])
+ if ret.returncode != 0:
+ abort(f"pg_basebackup exited, expected return code 0, got {ret.returncode}. aborting")
+except Exception as e:
+ abort(f"pg_basebackup raised exception {e}. aborting")
# Check that the expected files are here
for p in clear_paths:
@@ -68,9 +70,12 @@ for p in clear_paths:
# Cipher them
for c, e in zip(clear_paths, crypt_paths):
print(f"Ciphering {c} to {e}")
- ret = os.system(f"age -r {pubkey} -o {e} {c}")
- if ret != 0:
- abort(f"age exit code is {ret}, 0 expected. aborting")
+ try:
+ ret = subprocess.run(["age", "-r", pubkey, "-o", e, c])
+ if ret.returncode != 0:
+ abort(f"age exit code is {ret}, 0 expected. aborting")
+ except Exception as e:
+ abort(f"aged raised an exception. {e}. aborting")
# Upload the backup to S3
for p, k in zip(crypt_paths, s3_keys):
diff --git a/app/backup/build/backup-psql/default.nix b/app/backup/build/backup-psql/default.nix
index 5d2dec7..2cd8d93 100644
--- a/app/backup/build/backup-psql/default.nix
+++ b/app/backup/build/backup-psql/default.nix
@@ -18,7 +18,10 @@ in
buildPhase = ''
cat > backup-psql <<EOF
#!${pkgs.bash}/bin/bash
+
export PYTHONPATH=${python-with-my-packages}/${python-with-my-packages.sitePackages}
+ export PATH=${python-with-my-packages}/bin:${pkgs.age}/bin:${pkgs.postgresql_14}/bin
+
${python-with-my-packages}/bin/python3 $out/lib/backup-psql.py
EOF
diff --git a/app/backup/build/backup-psql/docker.nix b/app/backup/build/backup-psql/docker.nix
index 001cada..693943a 100644
--- a/app/backup/build/backup-psql/docker.nix
+++ b/app/backup/build/backup-psql/docker.nix
@@ -3,7 +3,7 @@ let
app = import ./default.nix;
pkgs = import common.pkgsSrc {};
in
- pkgs.dockerTools.buildLayeredImage {
+ pkgs.dockerTools.buildImage {
name = "superboum/backup-psql-docker";
config = {
Cmd = [ "${app}/bin/backup-psql" ];
diff --git a/app/backup/deploy/backup-weekly.hcl b/app/backup/deploy/backup-weekly.hcl
index 9c1a0b0..3447a5d 100644
--- a/app/backup/deploy/backup-weekly.hcl
+++ b/app/backup/deploy/backup-weekly.hcl
@@ -15,7 +15,7 @@ job "backup_weekly" {
driver = "docker"
config {
- image = "superboum/backup-psql-docker:kldrj9xlbda1s4v963jhpgardg6qczgl"
+ image = "superboum/backup-psql-docker:gyr3aqgmhs0hxj0j9hkrdmm1m07i8za2"
volumes = [
// Mount a cache on the hard disk to avoid filling the SSD
"/mnt/storage/tmp_bckp_psql:/mnt/cache"