reformat readme

update alpine base image
build step
2025-02-04 21:33:31 +01:00 · 2025-02-04 21:32:35 +01:00 · 2025-02-04 21:21:36 +01:00 · 2025-02-02 21:27:28 +01:00
6 changed files with 162 additions and 515 deletions
--- a/.gitea/workflows/cd.yaml
+++ b/.gitea/workflows/cd.yaml
@@ -1,111 +1,86 @@
-name: CD
+name: Build and Release Docker Image
 on:
  push:
    branches:
-      - main
+      - v2
 env:
  DOCKER_REGISTRY: gitea.t000-n.de
 jobs:
-  check-changes:
+  build_amd64:
-    name: Check changes
+    name: Build and Push amd64
-    runs-on: ubuntu-latest
+    runs-on: [ubuntu-latest, linux_amd64]
    outputs:
      changes: ${{ steps.filter.outputs.code }}
    steps:
-      - name: Checkout
+      - name: Checkout repository
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
+        uses: actions/checkout@v4
-      - name: Get changed files
+      - name: Log in to registry
-        id: filter
+        uses: docker/login-action@v3
        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
        with:
-          filters: |
+          registry: gitea.t000-n.de
-            code:
+          username: ${{ secrets.REGISTRY_USERNAME }}
              - 'src/**'
              - 'Dockerfile'
              - 'gitea/workflows/**'
  build_and_push:
    name: Build and push
    needs:
      - check-changes
    if: ${{ needs.check-changes.outputs.changes != '0' }}
    strategy:
      matrix:
        arch:
          - amd64
          - arm64
    runs-on:
      - ubuntu-latest
      - linux_${{ matrix.arch }}
    steps:
      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
      - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
      - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
        with:
          registry: ${{ env.DOCKER_REGISTRY }}
          username: ${{ secrets.REGISTRY_USER }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
      - id: meta
        run: |
          echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}' | tr '[:upper:]' '[:lower:]') >> $GITHUB_OUTPUT
          echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT
      - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
        with:
          context: .
          file: ./Dockerfile
          platforms: linux/${{ matrix.arch }}
          push: true
          provenance: false
          tags: |
            ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-${{ matrix.arch }}
-  create_tag:
+      - name: Build Docker image for amd64
    name: Create tag
    needs:
      - check-changes
    if: ${{ needs.check-changes.outputs.changes != '0' }}
    runs-on: ubuntu-latest
    outputs:
      tag: ${{ steps.tag.outputs.new-tag }}
    steps:
      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
        with:
          fetch-depth: 0
      - uses: https://gitea.t000-n.de/t.behrendt/conventional-semantic-git-tag-increment@0.0.2
        id: tag
        with:
          token: ${{ secrets.GITEA_TOKEN }}
      - run: |
          git tag ${{ steps.tag.outputs.new-tag }}
          git push origin ${{ steps.tag.outputs.new-tag }}
      - name: Set output
        run: |
-          echo "tag=${{ steps.tag.outputs.new-tag }}" >> $GITHUB_OUTPUT
+          docker build \
            --platform linux/amd64 \
            -f Dockerfile \
            -t gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-amd64 \
            .
-  create_manifest:
+      - name: Push Docker image for amd64
    name: Create manifest
    needs:
      - build_and_push
      - create_tag
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
      - id: meta
        run: |
-          echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}' | tr '[:upper:]' '[:lower:]') >> $GITHUB_OUTPUT
+          docker push gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-amd64
-          echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT
+
-      - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
+  build_arm64:
    name: Build and Push arm64
    runs-on: [ubuntu-latest, linux_arm64]
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Log in to registry
        uses: docker/login-action@v3
        with:
-          registry: ${{ env.DOCKER_REGISTRY }}
+          registry: gitea.t000-n.de
-          username: ${{ secrets.REGISTRY_USER }}
+          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
      - run: |
          docker manifest create ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ needs.create_tag.outputs.tag }} \
            ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-amd64 \
            ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-arm64
-          docker manifest push ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ needs.create_tag.outputs.tag }}
+      - name: Build Docker image for arm64
        run: |
          docker build \
            --platform linux/arm64 \
            -f Dockerfile \
            -t gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-arm64 \
            .
      - name: Push Docker image for arm64
        run: |
          docker push gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-arm64
  manifest:
    name: Create and Push Multi-Arch Manifest
    needs: [build_amd64, build_arm64]
    runs-on: ubuntu-latest
    steps:
      - name: Log in to registry
        uses: docker/login-action@v3
        with:
          registry: gitea.t000-n.de
          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
      - name: Create and push manifest with git SHA
        run: |
          docker manifest create gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }} \
            gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-amd64 \
            gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-arm64
          docker manifest push gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}
      - name: Optionally tag manifest as latest
        if: ${{ inputs.latest == true }}
        run: |
          docker manifest create gitea.t000-n.de/t.behrendt/backupsidecar:latest \
            gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-amd64 \
            gitea.t000-n.de/t.behrendt/backupsidecar:${{ github.sha }}-arm64
          docker manifest push gitea.t000-n.de/t.behrendt/backupsidecar:latest
--- a/.gitea/workflows/ci.yaml
+++ b/.gitea/workflows/ci.yaml
@@ -1,33 +0,0 @@
 name: CI
 on:
  pull_request:
 jobs:
  build:
    name: Build Docker image
    runs-on:
      - ubuntu-latest
      - linux_amd64
    steps:
      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
      - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
      - name: Build image
        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
        with:
          context: .
          file: ./Dockerfile
          platforms: linux/amd64
          push: false
          provenance: false
          tags: |
            backupsidecar:ci-test
  check-syntax:
    name: Check syntax
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
      - name: Check syntax
        run: |
          bash -n src/backup.sh
--- a/10
+++ b/10
@@ -1,15 +1,11 @@
-FROM docker.io/alpine:3.23@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 AS base
+FROM alpine:3.21
 # Add edge repository for postgresql18-client
 RUN echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/main' >> /etc/apk/repositories
 RUN apk update && apk add --no-cache \
    bash \
    curl \
    restic \
-    jq \
+    postgresql-client \
-    postgresql18-client@edge \
+    jq
    libpq@edge
 WORKDIR /app
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # BackupSidecar
-BackupSidecar is a lightweight backup and restore solution designed to run as a cron job in Kubernetes. It automates backups and restores using Restic and supports both directory and PostgreSQL database operations. Optional notifications can be sent via Gotify to keep you informed of operation results.
+BackupSidecar is a lightweight backup solution designed to run as a cron job in Kubernetes. It automates backups using Restic and supports both directory and PostgreSQL database backups. Notifications are sent via Gotify to keep you informed of backup results.
 ## Configuration
@@ -8,53 +8,34 @@ BackupSidecar is configured through environment variables. Below is a breakdown
 ### General Settings
-These variables apply to both backup and restore operations.
+These variables apply to both directory and PostgreSQL backups.
 - **`OPERATION_MODE`** _(optional)_ - Defines the operation type (`backup` or `restore`). Defaults to `backup`.
 - **`BACKUP_MODE`** _(optional)_ - Defines the backup type (`directory` or `postgres`). Defaults to `directory`.
 - **`RESTIC_PASSWORD`** _(required)_ - The encryption password for Restic.
 - **`RESTIC_REPOSITORY`** _(required)_ - The URI of the Restic repository (e.g., `rest:http://your-rest-server:8000/backup`).
 - **`RESTIC_REST_USERNAME`** _(optional)_ - The username for REST server authentication.
 - **`RESTIC_REST_PASSWORD`** _(optional)_ - The password for REST server authentication.
- **`ENABLE_GOTIFY`** _(optional)_ - Enable Gotify notifications. Set to `true` to enable, any other value or unset disables notifications. Defaults to `true`.
+- **`GOTIFYHOST`** _(required)_ - The Gotify server URL.
- **`GOTIFYHOST`** _(required when ENABLE_GOTIFY=true)_ - The Gotify server URL.
+- **`GOTIFYTOKEN`** _(required)_ - The API token for Gotify.
- **`GOTIFYTOKEN`** _(required when ENABLE_GOTIFY=true)_ - The API token for Gotify.
+- **`GOTIFYTOPIC`** _(required)_ - The topic under which backup notifications will be sent.
 - **`GOTIFYTOPIC`** _(required when ENABLE_GOTIFY=true)_ - The topic under which backup notifications will be sent.
-### Directory Operations
+### Directory Backup
-When running in `directory` mode, the following variables must be set:
+When running in `directory` mode, the following variable must be set:
 **For Backup Operations:**
 - **`SOURCEDIR`** _(required)_ - The path of the directory to be backed up.
-**For Restore Operations:**
+### PostgreSQL Backup
 - **`RESTOREDIR`** _(required)_ - The path where files should be restored to.
 - **`RESTORE_SNAPSHOT_ID`** _(optional)_ - The specific snapshot ID to restore (defaults to `latest`).
 ### PostgreSQL Operations
 For `postgres` mode, the following database-related variables are required:
 **Common Variables:**
 - **`PGHOST`** _(required)_ - The hostname of the PostgreSQL server.
- **`PGDATABASE`** _(required)_ - The name of the database.
+- **`PGDATABASE`** _(required)_ - The name of the database to back up.
 - **`PGUSER`** _(required)_ - The PostgreSQL username.
 - **`PGPORT`** _(optional)_ - The port for PostgreSQL (defaults to `5432`).
 - **`PGPASSWORD`** _(optional)_ - The password for authentication. Setting this prevents interactive prompts.
 **Backup-Specific Variables:**
 - **`PG_DUMP_ARGS`** _(optional)_ - Additional flags for `pg_dump`.
 **Restore-Specific Variables:**
 - **`RESTORE_SNAPSHOT_ID`** _(optional)_ - The specific snapshot ID to restore (defaults to `latest`).
 - **`PSQL_ARGS`** _(optional)_ - Additional flags for `psql` (e.g., `--single-transaction`).
 ## Dependencies
 Ensure the following commands are available in the container:
@@ -62,33 +43,23 @@ Ensure the following commands are available in the container:
 - `restic`
 - `curl`
 - `jq`
- `pg_dump` _(only required for PostgreSQL backup operations)_
+- `pg_dump` _(only required for `postgres` mode)_
 - `psql` _(only required for PostgreSQL restore operations)_
 ## Usage
 ### Backup Operations
 Example Kubernetes CronJob manifest for running BackupSidecar as a cron job for directory backups in minimal configuration:
 ```yaml
-apiVersion: batch/v1
+apiVersion: batch/v1beta1
 kind: CronJob
 metadata:
  name: backupsidecar-cron
  namespace: authentik
 spec:
-  schedule: "0 7 * * *"
+  schedule: "0 2 * * *" # Run daily at 2:00 AM
  concurrencyPolicy: Forbid
  successfulJobsHistoryLimit: 5
  failedJobsHistoryLimit: 3
  jobTemplate:
    spec:
      backoffLimit: 3
      activeDeadlineSeconds: 300
      template:
        spec:
          restartPolicy: OnFailure
          containers:
            - name: backupsidecar
              image: backupsidecar:latest
@@ -104,8 +75,6 @@ spec:
                  value: "directory" # or "postgres"
                - name: SOURCEDIR
                  value: "/data/source"
                - name: ENABLE_GOTIFY
                  value: "true"
                - name: GOTIFYHOST
                  value: "http://gotify.example.com"
                - name: GOTIFYTOKEN
@@ -126,116 +95,12 @@ spec:
                claimName: source-data-pvc
 ```
 ### Restore Operations
 Example Kubernetes Job manifest for running BackupSidecar to restore a directory:
 ```yaml
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: backupsidecar-restore
  namespace: authentik
 spec:
  backoffLimit: 3
  activeDeadlineSeconds: 600
  template:
    spec:
      restartPolicy: OnFailure
      containers:
        - name: backupsidecar
          image: backupsidecar:latest
          env:
            - name: OPERATION_MODE
              value: "restore"
            - name: BACKUP_MODE
              value: "directory"
            - name: RESTOREDIR
              value: "/data/restore"
            - name: RESTORE_SNAPSHOT_ID
              value: "abc123def456" # optional, defaults to latest
            - name: RESTIC_REPOSITORY
              value: "rest:http://rest-server:8000/backup"
            - name: RESTIC_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: backupsidecar-secret
                  key: restic_password
            - name: GOTIFYHOST
              value: "http://gotify.example.com"
            - name: GOTIFYTOKEN
              valueFrom:
                secretKeyRef:
                  name: backupsidecar-secret
                  key: gotify_token
            - name: GOTIFYTOPIC
              value: "Restore Notification"
          volumeMounts:
            - name: restore-data
              mountPath: /data/restore
      volumes:
        - name: restore-data
          persistentVolumeClaim:
            claimName: restore-data-pvc
 ```
 Example Kubernetes Job manifest for running BackupSidecar to restore a PostgreSQL database:
 ```yaml
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: backupsidecar-postgres-restore
  namespace: authentik
 spec:
  backoffLimit: 3
  activeDeadlineSeconds: 600
  template:
    spec:
      restartPolicy: OnFailure
      containers:
        - name: backupsidecar
          image: backupsidecar:latest
          env:
            - name: OPERATION_MODE
              value: "restore"
            - name: BACKUP_MODE
              value: "postgres"
            - name: PGHOST
              value: "postgres.example.com"
            - name: PGDATABASE
              value: "mydatabase"
            - name: PGUSER
              value: "myuser"
            - name: PGPASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: password
            - name: PGPORT
              value: "5432"
            - name: RESTORE_SNAPSHOT_ID
              value: "abc123def456" # optional, defaults to latest
            - name: PSQL_ARGS
              value: "--single-transaction" # optional
            - name: RESTIC_REPOSITORY
              value: "rest:http://rest-server:8000/backup"
            - name: RESTIC_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: backupsidecar-secret
                  key: restic_password
            - name: GOTIFYHOST
              value: "http://gotify.example.com"
            - name: GOTIFYTOKEN
              valueFrom:
                secretKeyRef:
                  name: backupsidecar-secret
                  key: gotify_token
            - name: GOTIFYTOPIC
              value: "Database Restore Notification"
 ```
 ## Notifications
-The script can send success or failure notifications via Gotify when enabled. To enable notifications, set `ENABLE_GOTIFY=true` and provide the required Gotify configuration variables (`GOTIFYHOST`, `GOTIFYTOKEN`, `GOTIFYTOPIC`). When notifications are disabled, backup status messages are still logged to the console.
+The script sends success or failure notifications via Gotify.
 Example success notification:
 ```
 Backup successful. Snapshot 56ff6a909a44e01f67d2d88f9a76aa713d437809d7ed14a2361e28893f38befb: files new: 1, files changed: 0, data added: 1019 bytes in 0.277535184 sec
 ```
--- a/renovate.json
+++ b/renovate.json
@@ -1,7 +0,0 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "local>t.behrendt/renovate-configs:common",
    "local>t.behrendt/renovate-configs:action"
  ]
 }
--- a/src/backup.sh
+++ b/src/backup.sh
@@ -1,6 +1,71 @@
 #!/bin/bash
 set -euo pipefail
 #######################################
 # Determine backup mode from the environment only.
 # Valid values: "directory" or "postgres".
 # Default to "directory" if not provided.
 #######################################
 BACKUP_MODE="${BACKUP_MODE:-directory}"
 #######################################
 # Check for required external commands.
 #######################################
 REQUIRED_CMDS=(restic curl jq)
 if [ "$BACKUP_MODE" = "postgres" ]; then
    REQUIRED_CMDS+=(pg_dump)
 fi
 for cmd in "${REQUIRED_CMDS[@]}"; do
    if ! command -v "$cmd" &>/dev/null; then
        echo "Error: Required command '$cmd' is not installed." >&2
        exit 1
    fi
 done
 #######################################
 # Validate common required environment variables.
 #######################################
 # Gotify notification settings.
 : "${GOTIFYHOST:?Environment variable GOTIFYHOST is not set}"
 : "${GOTIFYTOKEN:?Environment variable GOTIFYTOKEN is not set}"
 : "${GOTIFYTOPIC:?Environment variable GOTIFYTOPIC is not set}"
 # Restic encryption password.
 : "${RESTIC_PASSWORD:?Environment variable RESTIC_PASSWORD is not set}"
 # Use the repository URI directly from the environment.
 # Example: export RESTIC_REPOSITORY="rest:http://your-rest-server:8000/backup"
 : "${RESTIC_REPOSITORY:?Environment variable RESTIC_REPOSITORY is not set}"
 #######################################
 # Validate mode-specific environment variables.
 #######################################
 case "$BACKUP_MODE" in
    directory)
        : "${SOURCEDIR:?Environment variable SOURCEDIR is not set (required for directory backup mode)}"
        ;;
    postgres)
        : "${PGHOST:?Environment variable PGHOST is not set (required for PostgreSQL backup mode)}"
        : "${PGDATABASE:?Environment variable PGDATABASE is not set (required for PostgreSQL backup mode)}"
        : "${PGUSER:?Environment variable PGUSER is not set (required for PostgreSQL backup mode)}"
        # Optional: default PGPORT to 5432.
        : "${PGPORT:=5432}"
        if [ -z "${PGPASSWORD:-}" ]; then
            echo "Warning: Environment variable PGPASSWORD is not set. pg_dump may fail if authentication is required."
        fi
        ;;
    *)
        echo "Error: Unknown backup mode '$BACKUP_MODE'. Valid modes are 'directory' and 'postgres'." >&2
        exit 1
        ;;
 esac
 #######################################
 # Build the Gotify URL.
 #######################################
 GOTIFYURL="${GOTIFYHOST}/message?token=${GOTIFYTOKEN}"
 #######################################
 # Date format for logging.
 #######################################
@@ -15,111 +80,6 @@ log() {
    echo "$(date +"$LOG_DATE_FORMAT") - $*"
 }
 #######################################
 # Determine operation mode from the environment only.
 # Valid values: "backup" or "restore".
 # Default to "backup" if not provided.
 #######################################
 OPERATION_MODE="${OPERATION_MODE:-backup}"
 #######################################
 # Determine backup mode from the environment only.
 # Valid values: "directory" or "postgres".
 # Default to "directory" if not provided.
 #######################################
 BACKUP_MODE="${BACKUP_MODE:-directory}"
 #######################################
 # Check for required external commands.
 #######################################
 REQUIRED_CMDS=(restic curl jq)
 if [ "$BACKUP_MODE" = "postgres" ]; then
    if [ "$OPERATION_MODE" = "backup" ]; then
        REQUIRED_CMDS+=(pg_dump)
    elif [ "$OPERATION_MODE" = "restore" ]; then
        REQUIRED_CMDS+=(psql)
    fi
 fi
 for cmd in "${REQUIRED_CMDS[@]}"; do
    if ! command -v "$cmd" &>/dev/null; then
        log "Error: Required command '$cmd' is not installed."
        exit 1
    fi
 done
 #######################################
 # Validate common required environment variables.
 #######################################
 # Gotify notification settings (optional).
 # Set ENABLE_GOTIFY to "true" to enable notifications, any other value or unset disables them.
 ENABLE_GOTIFY="${ENABLE_GOTIFY:-true}"
 if [ "$ENABLE_GOTIFY" = "true" ]; then
    : "${GOTIFYHOST:?Environment variable GOTIFYHOST is not set (required when ENABLE_GOTIFY=true)}"
    : "${GOTIFYTOKEN:?Environment variable GOTIFYTOKEN is not set (required when ENABLE_GOTIFY=true)}"
    : "${GOTIFYTOPIC:?Environment variable GOTIFYTOPIC is not set (required when ENABLE_GOTIFY=true)}"
 else
    log "Gotify notifications disabled. Backup status will be logged to console only."
 fi
 # Restic encryption password.
 : "${RESTIC_PASSWORD:?Environment variable RESTIC_PASSWORD is not set}"
 # Use the repository URI directly from the environment.
 # Example: export RESTIC_REPOSITORY="rest:http://your-rest-server:8000/backup"
 : "${RESTIC_REPOSITORY:?Environment variable RESTIC_REPOSITORY is not set}"
 #######################################
 # Validate operation mode.
 #######################################
 case "$OPERATION_MODE" in
    backup|restore)
        ;;
    *)
        echo "Error: Unknown operation mode '$OPERATION_MODE'. Valid modes are 'backup' and 'restore'." >&2
        exit 1
        ;;
 esac
 #######################################
 # Validate mode-specific environment variables.
 #######################################
 case "$BACKUP_MODE" in
    directory)
        if [ "$OPERATION_MODE" = "backup" ]; then
            : "${SOURCEDIR:?Environment variable SOURCEDIR is not set (required for directory backup mode)}"
        elif [ "$OPERATION_MODE" = "restore" ]; then
            : "${RESTOREDIR:?Environment variable RESTOREDIR is not set (required for directory restore mode)}"
        fi
        ;;
    postgres)
        : "${PGHOST:?Environment variable PGHOST is not set (required for PostgreSQL mode)}"
        : "${PGDATABASE:?Environment variable PGDATABASE is not set (required for PostgreSQL mode)}"
        : "${PGUSER:?Environment variable PGUSER is not set (required for PostgreSQL mode)}"
        # Optional: default PGPORT to 5432.
        : "${PGPORT:=5432}"
        if [ -z "${PGPASSWORD:-}" ]; then
            if [ "$OPERATION_MODE" = "backup" ]; then
                echo "Warning: Environment variable PGPASSWORD is not set. pg_dump may fail if authentication is required."
            elif [ "$OPERATION_MODE" = "restore" ]; then
                echo "Warning: Environment variable PGPASSWORD is not set. psql may fail if authentication is required."
            fi
        fi
        ;;
    *)
        echo "Error: Unknown backup mode '$BACKUP_MODE'. Valid modes are 'directory' and 'postgres'." >&2
        exit 1
        ;;
 esac
 #######################################
 # Build the Gotify URL (only if Gotify is enabled).
 #######################################
 if [ "$ENABLE_GOTIFY" = "true" ]; then
    GOTIFYURL="${GOTIFYHOST}/message?token=${GOTIFYTOKEN}"
 fi
 #######################################
 # Send a notification via Gotify.
 # Arguments:
@@ -127,13 +87,6 @@ fi
 #######################################
 send_notification() {
    local message="$1"
    # Only send notification if Gotify is enabled
    if [ "$ENABLE_GOTIFY" != "true" ]; then
        log "$message"
        return 0
    fi
    if ! curl -s -X POST "$GOTIFYURL" -F "title=${GOTIFYTOPIC}" -F "message=${message}" >/dev/null; then
        log "Warning: Failed to send notification with message: ${message}"
    fi
@@ -147,10 +100,9 @@ send_notification() {
 #######################################
 run_restic_backup() {
    local source_dir="$1"
    cd "${source_dir}"
    log "Starting backup of '${source_dir}' to repository ${RESTIC_REPOSITORY}"
    # Capture both stdout and stderr in a variable
-    backup_output=$(restic -r "${RESTIC_REPOSITORY}" backup --no-cache --json --verbose . 2>&1)
+    backup_output=$(restic -r "${RESTIC_REPOSITORY}" backup --no-cache --json --verbose "${source_dir}" 2>&1)
    # Optionally, also print the output to the console:
    echo "$backup_output"
    # Parse the JSON lines output for the summary message
@@ -204,89 +156,6 @@ backup_postgres() {
    run_restic_backup "${TEMP_BACKUP_DIR}"
 }
 #######################################
 # Run the restore using restic.
 # Arguments:
 #   $1 - The target directory to restore to.
 #   $2 - Optional snapshot ID to restore (defaults to latest).
 #######################################
 run_restic_restore() {
    local target_dir="$1"
    local snapshot_id="$2"
    log "Starting restore from repository ${RESTIC_REPOSITORY} to '${target_dir}'"
    log "Using snapshot: ${snapshot_id}"
    # Create target directory if it doesn't exist
    mkdir -p "${target_dir}"
    # Capture both stdout and stderr in a variable
    restore_output=$(restic -r "${RESTIC_REPOSITORY}" restore "${snapshot_id}" --target "${target_dir}" --no-cache --json --verbose 2>&1)
    # Optionally, also print the output to the console:
    echo "$restore_output"
    # Parse the JSON lines output for the summary message
    summary=$(echo "$restore_output" | jq -r 'select(.message_type=="summary") | "Restore completed: " + (.files_restored|tostring) + " files restored, " + (.bytes_restored|tostring) + " bytes in " + (.total_duration|tostring) + " sec"' 2>/dev/null || echo "Restore completed")
    # Check exit code of restic restore
    if [ $? -eq 0 ]; then
        msg="Restore successful. $summary"
        log "$msg"
        send_notification "$msg"
    else
        exit_code=$?
        msg="Restore failed with error code ${exit_code}. $restore_output"
        log "$msg"
        send_notification "$msg"
        exit "$exit_code"
    fi
 }
 #######################################
 # Restore a directory (regular mode).
 #######################################
 restore_directory() {
    local snapshot_id="${RESTORE_SNAPSHOT_ID:-latest}"
    run_restic_restore "${RESTOREDIR}" "${snapshot_id}"
 }
 #######################################
 # Restore a PostgreSQL database.
 # Restores the database dump from the backup and applies it to the database.
 #######################################
 restore_postgres() {
    local snapshot_id="${RESTORE_SNAPSHOT_ID:-latest}"
    log "Starting PostgreSQL restore for database '${PGDATABASE}' on host '${PGHOST}'"
    # Create a temporary directory for the restore.
    TEMP_RESTORE_DIR=$(mktemp -d)
    log "Created temporary directory: ${TEMP_RESTORE_DIR}"
    # Restore the backup to the temporary directory
    run_restic_restore "${TEMP_RESTORE_DIR}" "${snapshot_id}"
    local dump_file="${TEMP_RESTORE_DIR}/dump.sql"
    if [ ! -f "${dump_file}" ]; then
        local msg="PostgreSQL restore failed. Database dump file not found at ${dump_file}"
        log "$msg"
        send_notification "$msg"
        exit 1
    fi
    log "Restoring PostgreSQL database from ${dump_file}..."
    if psql -h "${PGHOST}" -p "${PGPORT}" -U "${PGUSER}" -d "${PGDATABASE}" ${PSQL_ARGS:-} < "${dump_file}"; then
        local msg="PostgreSQL database restored successfully"
        log "$msg"
        send_notification "$msg"
    else
        local exit_code=$?
        local msg="PostgreSQL restore failed with error code ${exit_code}"
        log "$msg"
        send_notification "$msg"
        exit "$exit_code"
    fi
 }
 #######################################
 # Cleanup temporary resources.
 #######################################
@@ -295,10 +164,6 @@ cleanup() {
        rm -rf "${TEMP_BACKUP_DIR}"
        log "Removed temporary directory ${TEMP_BACKUP_DIR}"
    fi
    if [ -n "${TEMP_RESTORE_DIR:-}" ] && [ -d "${TEMP_RESTORE_DIR}" ]; then
        rm -rf "${TEMP_RESTORE_DIR}"
        log "Removed temporary directory ${TEMP_RESTORE_DIR}"
    fi
 }
 trap cleanup EXIT
@@ -306,26 +171,12 @@ trap cleanup EXIT
 # Main routine.
 #######################################
 main() {
-    case "$OPERATION_MODE" in
+    case "$BACKUP_MODE" in
-        backup)
+        directory)
-            case "$BACKUP_MODE" in
+            backup_directory
                directory)
                    backup_directory
                    ;;
                postgres)
                    backup_postgres
                    ;;
            esac
            ;;
-        restore)
+        postgres)
-            case "$BACKUP_MODE" in
+            backup_postgres
                directory)
                    restore_directory
                    ;;
                postgres)
                    restore_postgres
                    ;;
            esac
            ;;
    esac
 }
Author	SHA1	Message	Date
Timo Behrendt	ba63df67c3	reformat readme All checks were successful Build and Release Docker Image / Build and Push amd64 (push) Successful in 22s Details Build and Release Docker Image / Build and Push arm64 (push) Successful in 45s Details Build and Release Docker Image / Create and Push Multi-Arch Manifest (push) Successful in 18s Details	2025-02-04 21:33:31 +01:00
Timo Behrendt	2070e56db5	update alpine base image	2025-02-04 21:32:35 +01:00
Timo Behrendt	3a058825db	build step All checks were successful Build and Release Docker Image / Build and Push amd64 (push) Successful in 14s Details Build and Release Docker Image / Build and Push arm64 (push) Successful in 27s Details Build and Release Docker Image / Create and Push Multi-Arch Manifest (push) Successful in 18s Details	2025-02-04 21:21:36 +01:00
Timo Behrendt	1f0df426be	refactor script	2025-02-02 21:27:28 +01:00