t.behrendt/backupsidecar
1
0
Fork 0
Code Issues 4 Pull Requests 3 Actions Packages Activity
Files
cd92ce697e57c6955e118b7c2291378875ce3e35
backupsidecar/README.md
Timo Behrendt cd92ce697e
All checks were successful
CD / Check changes (push) Successful in 6s
Details
CD / Create tag (push) Successful in 14s
Details
CD / Build and push (amd64) (push) Successful in 24s
Details
CD / Build and push (arm64) (push) Successful in 1m25s
Details
CD / Create manifest (push) Successful in 21s
Details
feat: make gotify optional (#14) 
Reviewed-on: #14
Co-authored-by: Timo Behrendt <t.behrendt@t00n.de>
Co-committed-by: Timo Behrendt <t.behrendt@t00n.de>
2025-09-04 19:34:53 +02:00

124 lines
5.1 KiB
Markdown
Raw Blame History

# BackupSidecar
BackupSidecar is a lightweight backup solution designed to run as a cron job in Kubernetes. It automates backups using Restic and supports both directory and PostgreSQL database backups. Optional notifications can be sent via Gotify to keep you informed of backup results.
## Configuration
BackupSidecar is configured through environment variables. Below is a breakdown of the available settings.
### General Settings
These variables apply to both directory and PostgreSQL backups.
- **`BACKUP_MODE`** _(optional)_ - Defines the backup type (`directory` or `postgres`). Defaults to `directory`.
- **`RESTIC_PASSWORD`** _(required)_ - The encryption password for Restic.
- **`RESTIC_REPOSITORY`** _(required)_ - The URI of the Restic repository (e.g., `rest:http://your-rest-server:8000/backup`).
- **`RESTIC_REST_USERNAME`** _(optional)_ - The username for REST server authentication.
- **`RESTIC_REST_PASSWORD`** _(optional)_ - The password for REST server authentication.
- **`ENABLE_GOTIFY`** _(optional)_ - Enable Gotify notifications. Set to `true` to enable, any other value or unset disables notifications. Defaults to `true`.
- **`GOTIFYHOST`** _(required when ENABLE_GOTIFY=true)_ - The Gotify server URL.
- **`GOTIFYTOKEN`** _(required when ENABLE_GOTIFY=true)_ - The API token for Gotify.
- **`GOTIFYTOPIC`** _(required when ENABLE_GOTIFY=true)_ - The topic under which backup notifications will be sent.
### Directory Backup
When running in `directory` mode, the following variable must be set:
- **`SOURCEDIR`** _(required)_ - The path of the directory to be backed up.
### PostgreSQL Backup
For `postgres` mode, the following database-related variables are required:
- **`PGHOST`** _(required)_ - The hostname of the PostgreSQL server.
- **`PGDATABASE`** _(required)_ - The name of the database to back up.
- **`PGUSER`** _(required)_ - The PostgreSQL username.
- **`PGPORT`** _(optional)_ - The port for PostgreSQL (defaults to `5432`).
- **`PGPASSWORD`** _(optional)_ - The password for authentication. Setting this prevents interactive prompts.
- **`PG_DUMP_ARGS`** _(optional)_ - Additional flags for `pg_dump`.
## Dependencies
Ensure the following commands are available in the container:
- `restic`
- `curl`
- `jq`
- `pg_dump` _(only required for `postgres` mode)_
## Usage
Example Kubernetes CronJob manifest for running BackupSidecar as a cron job for directory backups in minimal configuration:
```yaml
apiVersion: batch/v1
kind: CronJob
metadata:
name: backupsidecar-cron
namespace: authentik
spec:
schedule: "0 7 * * *"
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 5
failedJobsHistoryLimit: 3
jobTemplate:
spec:
backoffLimit: 3
activeDeadlineSeconds: 300
template:
spec:
restartPolicy: OnFailure
containers:
- name: backupsidecar
image: backupsidecar:latest
env:
- name: RESTIC_REPOSITORY
value: "rest:http://rest-server:8000/backup"
- name: RESTIC_PASSWORD
valueFrom:
secretKeyRef:
name: backupsidecar-secret
key: restic_password
- name: BACKUP_MODE
value: "directory" # or "postgres"
- name: SOURCEDIR
value: "/data/source"
- name: ENABLE_GOTIFY
value: "true"
- name: GOTIFYHOST
value: "http://gotify.example.com"
- name: GOTIFYTOKEN
valueFrom:
secretKeyRef:
name: backupsidecar-secret
key: gotify_token
- name: GOTIFYTOPIC
value: "Backup Notification"
# (For PostgreSQL mode, add PGHOST, PGDATABASE, PGUSER, PGPORT, PGPASSWORD)
volumeMounts:
- name: source-data
mountPath: /data/source
restartPolicy: OnFailure
volumes:
- name: source-data
persistentVolumeClaim:
claimName: source-data-pvc
```
## Notifications
The script can send success or failure notifications via Gotify when enabled. To enable notifications, set `ENABLE_GOTIFY=true` and provide the required Gotify configuration variables (`GOTIFYHOST`, `GOTIFYTOKEN`, `GOTIFYTOPIC`). When notifications are disabled, backup status messages are still logged to the console.
Example success notification:
```
Backup successful. Snapshot 56ff6a909a44e01f67d2d88f9a76aa713d437809d7ed14a2361e28893f38befb: files new: 1, files changed: 0, data added: 1019 bytes in 0.277535184 sec
```
When Gotify is disabled, you'll see a single message at startup indicating notifications are disabled, followed by normal backup status messages:
```
2024-01-15T10:30:00 - Gotify notifications disabled. Backup status will be logged to console only.
2024-01-15T10:30:05 - Backup successful. Snapshot 56ff6a909a44e01f67d2d88f9a76aa713d437809d7ed14a2361e28893f38befb: files new: 1, files changed: 0, data added: 1019 bytes in 0.277535184 sec
```
Reference in New Issue View Git Blame Copy Permalink