Backup refactor.

- Change from a single backup that's overwritten everytime to a
  multiple, dated backups.
- Save the last 30 days of backups.
- Save backups under the host's /var/backups instead of a Docker volume.
  Easier to backup.
- Add a restore script so that at least I would have some idea on how to
  restore this backup. Last thing I want to do when I need this backup
is to try and figure out how to restore it.

crond/crontab

 @weekly docker exec ldap_ldap_1 backup || wget --spider https://notify.shore.co.il/send?message=LDAP%20backup%20failed.
+@daily docker exec ldap_ldap_1 find /var/backups/ldap -atime +30 -delete

docker-compose.yml

@@ -37,7 +37,7 @@ services:
     volumes:
       - _run_slapd:/run/slapd
       - ldap:/var/lib/ldap
-      - backup_ldap:/var/backups/ldap
+      - /var/backups/ldap:/var/backups/ldap
       - /var/ssl/dhparams:/var/ssl/dhparams:ro
 
   ldap-account-manager:
@@ -68,9 +68,6 @@ volumes:
   _run_slapd:
     name: run_slapd
   ldap:
-  backup_ldap:
-    labels:
-      snapshot: 'true'
 
 networks:
   default:

slapd/Dockerfile

@@ -30,6 +30,7 @@ COPY --chown=root:root config.ldif /usr/share/slapd/
 COPY --chown=root:root skel.ldif /usr/share/slapd/
 COPY --chown=root:root entrypoint /usr/local/sbin/
 COPY --chown=root:root backup /usr/local/sbin/
+COPY --chown=root:root restore /usr/local/sbin/
 EXPOSE 389 636
 VOLUME [ "/var/lib/ldap" ]
 VOLUME [ "/run/slapd" ]

slapd/backup

 #!/bin/sh
 set -eux
 
+cleanup () {
+    rm -rf "$tempdir"
+}
+
 alias slapcat='slapcat -vF /var/lib/ldap/config'
 
-slapcat -n0 -l /var/backups/ldap/config.ldif
+now="$(date --utc --iso-8601=seconds)"
+trap 'cleanup' INT QUIT EXIT TERM
+tempdir="$(mktemp -d)"
+
+slapcat -n0 -l "$tempdir/config.ldif"
 
 for dn in $(ldapsearch -Y EXTERNAL -LLL -s base -b '' o namingContexts | sed -n '/namingContexts/ s/namingContexts: //gp')
 do
-    slapcat -b "$dn" -l "/var/backups/ldap/$dn.ldif"
+    slapcat -b "$dn" -l "$tempdir/$dn.ldif"
 done
+
+tar -zcf "/var/backups/ldap/$now.tar.gz" -C "$tempdir" .

slapd/restore

+#!/bin/sh
+set -eux
+
+cleanup () {
+    rm -rf "$tempdir"
+}
+
+alias slapadd='slapadd -vF /var/lib/ldap/config'
+
+src="$1"
+
+trap 'cleanup' INT QUIT EXIT TERM
+
+tempdir="$(mktemp -d)"
+
+tar -xzf "$src" -C "$tempdir"
+
+slapadd -c -n0 -l "$tempdir/config.ldif"
+
+# shellcheck disable=SC2044
+for file in $(find "$tempdir" -type f -name '*.ldif' \! -name config.ldif -printf '%f\n')
+do
+    dn="${file%.ldif}"
+    slapadd -c -b "$dn" -l "$tempdir/$file"
+done