forked from Deuxfleurs/infrastructure
Add a backup script for emails
This commit is contained in:
parent
453b633268
commit
a13a02c45c
6 changed files with 57 additions and 1 deletions
52
app/backup/deploy/backup-daily.hcl
Normal file
52
app/backup/deploy/backup-daily.hcl
Normal file
|
|
@ -0,0 +1,52 @@
|
||||||
|
job "backup_daily" {
|
||||||
|
datacenters = ["dc1"]
|
||||||
|
type = "batch"
|
||||||
|
periodic {
|
||||||
|
cron = "@daily"
|
||||||
|
// Do not allow overlapping runs.
|
||||||
|
prohibit_overlap = true
|
||||||
|
}
|
||||||
|
|
||||||
|
task "backup-dovecot" {
|
||||||
|
constraint {
|
||||||
|
attribute = "${attr.unique.hostname}"
|
||||||
|
operator = "="
|
||||||
|
value = "digitale"
|
||||||
|
}
|
||||||
|
|
||||||
|
driver = "docker"
|
||||||
|
|
||||||
|
config {
|
||||||
|
image = "restic/restic:0.12.1"
|
||||||
|
entrypoint = [ "/bin/sh", "-c" ]
|
||||||
|
args = [ "restic backup /mail && restic forget --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y ; restic prune --max-unused 50% --max-repack-size 2G ; restic check" ]
|
||||||
|
volumes = [
|
||||||
|
"/mnt/ssd/mail:/mail"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = <<EOH
|
||||||
|
AWS_ACCESS_KEY_ID={{ key "secrets/email/dovecot/backup_aws_access_key_id" }}
|
||||||
|
AWS_SECRET_ACCESS_KEY={{ key "secrets/email/dovecot/backup_aws_secret_access_key" }}
|
||||||
|
RESTIC_REPOSITORY={{ key "secrets/email/dovecot/backup_restic_repository" }}
|
||||||
|
RESTIC_PASSWORD={{ key "secrets/email/dovecot/backup_restic_password" }}
|
||||||
|
EOH
|
||||||
|
|
||||||
|
destination = "secrets/env_vars"
|
||||||
|
env = true
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
memory = 200
|
||||||
|
}
|
||||||
|
|
||||||
|
restart {
|
||||||
|
attempts = 2
|
||||||
|
interval = "30m"
|
||||||
|
delay = "15s"
|
||||||
|
mode = "fail"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
USER AWS Acces Key ID
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
USER AWS Secret Access key
|
||||||
1
app/backup/secrets/email/dovecot/backup_restic_password
Normal file
1
app/backup/secrets/email/dovecot/backup_restic_password
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
USER Restic backup password to encrypt data
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
USER Restic Repository URL, check op_guide/backup-minio to see the format
|
||||||
|
|
@ -108,7 +108,7 @@ The idea is that the backuping service is a component of the global running serv
|
||||||
You must add:
|
You must add:
|
||||||
- `backup_aws_access_key_id`
|
- `backup_aws_access_key_id`
|
||||||
- `backup_aws_secret_access_key`
|
- `backup_aws_secret_access_key`
|
||||||
- `backup_aws_endpoint`
|
- `backup_restic_repository`
|
||||||
- `backup_restic_password`
|
- `backup_restic_password`
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue