Deuxfleurs/infrastructure
Archived
24
2
Fork 2
Code Issues 22 Pull requests Projects 1 Releases Wiki Activity

replace os.system with subprocess.run

Browse source
This commit is contained in:
Quentin 2022-04-15 14:57:54 +02:00
parent 83745f737a
commit b2b26879cb
4 changed files with 28 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
app/backup/build/backup-psql/backup-psql.py
View file

@ -1,5 +1,5 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import shutil,sys,os,datetime,minio import shutil,sys,os,datetime,minio,subprocess
working_directory = "." working_directory = "."
if 'CACHE_DIR' in os.environ: working_directory = os.environ['CACHE_DIR'] if 'CACHE_DIR' in os.environ: working_directory = os.environ['CACHE_DIR']
@ -44,20 +44,22 @@ if not client.bucket_exists(bucket):
abort(f"Bucket {bucket} does not exist or its access is forbidden, aborting") abort(f"Bucket {bucket} does not exist or its access is forbidden, aborting")
# Perform the backup locally # Perform the backup locally
ret = os.system(f""" try:
pg_basebackup \ ret = subprocess.run(["pg_basebackup",
--host={psql_host} \ f"--host={psql_host}",
--username={psql_user} \ f"--username={psql_user}",
--pgdata={working_directory} \ f"--pgdata={working_directory}",
--format=tar \ f"--format=tar",
--wal-method=stream \ "--wal-method=stream",
--gzip \ "--gzip",
--compress=6 \ "--compress=6",
--progress \ "--progress",
--max-rate=5M "--max-rate=5M",
""") ])
if ret != 0: if ret.returncode != 0:
abort(f"pg_baseckup exit code is {ret}, 0 expected. aborting") abort(f"pg_basebackup exited, expected return code 0, got {ret.returncode}. aborting")
except Exception as e:
abort(f"pg_basebackup raised exception {e}. aborting")
# Check that the expected files are here # Check that the expected files are here
for p in clear_paths: for p in clear_paths:
@ -68,9 +70,12 @@ for p in clear_paths:
# Cipher them # Cipher them
for c, e in zip(clear_paths, crypt_paths): for c, e in zip(clear_paths, crypt_paths):
print(f"Ciphering {c} to {e}") print(f"Ciphering {c} to {e}")
ret = os.system(f"age -r {pubkey} -o {e} {c}") try:
if ret != 0: ret = subprocess.run(["age", "-r", pubkey, "-o", e, c])
abort(f"age exit code is {ret}, 0 expected. aborting") if ret.returncode != 0:
abort(f"age exit code is {ret}, 0 expected. aborting")
except Exception as e:
abort(f"aged raised an exception. {e}. aborting")
# Upload the backup to S3 # Upload the backup to S3
for p, k in zip(crypt_paths, s3_keys): for p, k in zip(crypt_paths, s3_keys):

3
app/backup/build/backup-psql/default.nix
View file

@ -18,7 +18,10 @@ in
buildPhase = '' buildPhase = ''
cat > backup-psql <<EOF cat > backup-psql <<EOF
#!${pkgs.bash}/bin/bash #!${pkgs.bash}/bin/bash
export PYTHONPATH=${python-with-my-packages}/${python-with-my-packages.sitePackages} export PYTHONPATH=${python-with-my-packages}/${python-with-my-packages.sitePackages}
export PATH=${python-with-my-packages}/bin:${pkgs.age}/bin:${pkgs.postgresql_14}/bin
${python-with-my-packages}/bin/python3 $out/lib/backup-psql.py ${python-with-my-packages}/bin/python3 $out/lib/backup-psql.py
EOF EOF

2
app/backup/build/backup-psql/docker.nix
View file

@ -3,7 +3,7 @@ let
app = import ./default.nix; app = import ./default.nix;
pkgs = import common.pkgsSrc {}; pkgs = import common.pkgsSrc {};
in in
pkgs.dockerTools.buildLayeredImage { pkgs.dockerTools.buildImage {
name = "superboum/backup-psql-docker"; name = "superboum/backup-psql-docker";
config = { config = {
Cmd = [ "${app}/bin/backup-psql" ]; Cmd = [ "${app}/bin/backup-psql" ];

2
app/backup/deploy/backup-weekly.hcl
View file

@ -15,7 +15,7 @@ job "backup_weekly" {
driver = "docker" driver = "docker"
config { config {
image = "superboum/backup-psql-docker:kldrj9xlbda1s4v963jhpgardg6qczgl" image = "superboum/backup-psql-docker:gyr3aqgmhs0hxj0j9hkrdmm1m07i8za2"
volumes = [ volumes = [
// Mount a cache on the hard disk to avoid filling the SSD // Mount a cache on the hard disk to avoid filling the SSD
"/mnt/storage/tmp_bckp_psql:/mnt/cache" "/mnt/storage/tmp_bckp_psql:/mnt/cache"