From 745fd716c6cb23a8f94434046db7ea87b4362bd8 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 4 Jan 2025 21:00:12 +0200
Subject: [PATCH] Matrix: Add backups.

- Mark the Synapse data volume for snapshot by `dvb` (it just a bunch of
  files anyway).
- Do weekly backups of the database.
---
 Compose/matrix/crond/.dockerignore |  3 +++
 Compose/matrix/crond/Dockerfile    | 13 +++++++++++++
 Compose/matrix/crond/README.md     |  5 +++++
 Compose/matrix/crond/backup        |  7 +++++++
 Compose/matrix/crond/crontab       |  2 ++
 Compose/matrix/docker-compose.yaml | 12 ++++++++++++
 6 files changed, 42 insertions(+)
 create mode 100644 Compose/matrix/crond/.dockerignore
 create mode 100644 Compose/matrix/crond/Dockerfile
 create mode 100644 Compose/matrix/crond/README.md
 create mode 100755 Compose/matrix/crond/backup
 create mode 100644 Compose/matrix/crond/crontab

diff --git a/Compose/matrix/crond/.dockerignore b/Compose/matrix/crond/.dockerignore
new file mode 100644
index 0000000..93f29ef
--- /dev/null
+++ b/Compose/matrix/crond/.dockerignore
@@ -0,0 +1,3 @@
+*
+!backup
+!crontab
diff --git a/Compose/matrix/crond/Dockerfile b/Compose/matrix/crond/Dockerfile
new file mode 100644
index 0000000..006a75e
--- /dev/null
+++ b/Compose/matrix/crond/Dockerfile
@@ -0,0 +1,13 @@
+
+# hadolint ignore=DL3006
+FROM registry.shore.co.il/cron as supersonic
+# hadolint ignore=DL3002
+USER root
+# hadolint ignore=DL3018
+RUN apk add --update --no-cache \
+    docker-cli \
+    findutils \
+    ;
+COPY --chown=root:root backup /usr/local/bin/
+COPY --chown=root:root restore /usr/local/bin/
+VOLUME /var/backups
diff --git a/Compose/matrix/crond/README.md b/Compose/matrix/crond/README.md
new file mode 100644
index 0000000..c612af3
--- /dev/null
+++ b/Compose/matrix/crond/README.md
@@ -0,0 +1,5 @@
+# crond
+
+Runs background jobs for the Matrix server. The jobs are:
+
+- Postgres DB backup.
diff --git a/Compose/matrix/crond/backup b/Compose/matrix/crond/backup
new file mode 100755
index 0000000..e338f79
--- /dev/null
+++ b/Compose/matrix/crond/backup
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -eu
+
+now="$(date --utc -Iseconds)"
+dest="/var/backups/${now}.sql.zstd"
+mkdir --parents "$(dirname "$dest")"
+docker exec matrix-postgres-1 backup > "$dest"
diff --git a/Compose/matrix/crond/crontab b/Compose/matrix/crond/crontab
new file mode 100644
index 0000000..2aac7ac
--- /dev/null
+++ b/Compose/matrix/crond/crontab
@@ -0,0 +1,2 @@
+@weekly backup || wget --spider https://notify.shore.co.il/send?message=Matrix%20DB%20backup%20failed.
+@daily find /var/backups -atime +18 -delete
diff --git a/Compose/matrix/docker-compose.yaml b/Compose/matrix/docker-compose.yaml
index c955fde..88f8a86 100644
--- a/Compose/matrix/docker-compose.yaml
+++ b/Compose/matrix/docker-compose.yaml
@@ -2,6 +2,16 @@
 version: '3.5'
 
 services:
+  cron:
+    build:
+      context: crond/
+    depends_on:
+      - postgres
+    restart: always
+    volumes:
+      - /run/docker.sock:/run/docker.sock
+      - /var/backups/matrix:/var/backups
+
   postgres:
     environment:
       POSTGRES_DB: &postgres_db synapse
@@ -39,6 +49,8 @@ services:
 
 volumes:
   data:
+    labels:
+      snapshot: 'true'
   postgres:
   _run_slapd:
     external: true
-- 
GitLab