Skip to content
Commits on Source (3)
  • nimrod's avatar
    Remove superfluous flags. · 2b93987a
    nimrod authored 
    The -v flags is already set in the alias.
    2b93987a
  • nimrod's avatar
    Backup weekly instead of daily. · 82bad8df
    nimrod authored 
    The changes are very, very rare. I'm changing the backup method to
saving tarballs as snapshots and saving the last few and this change in
the spirit of things.
    82bad8df
  • nimrod's avatar
    Backup refactor. · 9f39ec03
    nimrod authored 
    - Change from a single backup that's overwritten everytime to a
  multiple, dated backups.
- Save the last 30 days of backups.
- Save backups under the host's /var/backups instead of a Docker volume.
  Easier to backup.
- Add a restore script so that at least I would have some idea on how to
  restore this backup. Last thing I want to do when I need this backup
is to try and figure out how to restore it.
    9f39ec03
Hide whitespace changes
Inline Side-by-side
crond/crontab
View file @ 9f39ec03
@daily docker exec ldap_ldap_1 backup || wget --spider https://notify.shore.co.il/send?message=LDAP%20backup%20failed.
@weekly docker exec ldap_ldap_1 backup || wget --spider https://notify.shore.co.il/send?message=LDAP%20backup%20failed.
@daily docker exec ldap_ldap_1 find /var/backups/ldap -atime +30 -delete
docker-compose.yml
View file @ 9f39ec03
......@@ -37,7 +37,7 @@ services:
volumes:
- _run_slapd:/run/slapd
- ldap:/var/lib/ldap
- backup_ldap:/var/backups/ldap
- /var/backups/ldap:/var/backups/ldap
- /var/ssl/dhparams:/var/ssl/dhparams:ro
ldap-account-manager:
......@@ -68,9 +68,6 @@ volumes:
_run_slapd:
name: run_slapd
ldap:
backup_ldap:
labels:
snapshot: 'true'
networks:
default:
......
slapd/Dockerfile
View file @ 9f39ec03
......@@ -30,6 +30,7 @@ COPY --chown=root:root config.ldif /usr/share/slapd/
COPY --chown=root:root skel.ldif /usr/share/slapd/
COPY --chown=root:root entrypoint /usr/local/sbin/
COPY --chown=root:root backup /usr/local/sbin/
COPY --chown=root:root restore /usr/local/sbin/
EXPOSE 389 636
VOLUME [ "/var/lib/ldap" ]
VOLUME [ "/run/slapd" ]
......
slapd/backup
View file @ 9f39ec03
#!/bin/sh
set -eux
cleanup () {
rm -rf "$tempdir"
}
alias slapcat='slapcat -vF /var/lib/ldap/config'
slapcat -n0 -v -l /var/backups/ldap/config.ldif
now="$(date --utc --iso-8601=seconds)"
trap 'cleanup' INT QUIT EXIT TERM
tempdir="$(mktemp -d)"
slapcat -n0 -l "$tempdir/config.ldif"
for dn in $(ldapsearch -Y EXTERNAL -LLL -s base -b '' o namingContexts | sed -n '/namingContexts/ s/namingContexts: //gp')
do
slapcat -b "$dn" -v -l "/var/backups/ldap/$dn.ldif"
slapcat -b "$dn" -l "$tempdir/$dn.ldif"
done
tar -zcf "/var/backups/ldap/$now.ldif" -C "$tempdir" .
slapd/restore 0 → 100755
View file @ 9f39ec03
#!/bin/sh
set -eux
cleanup () {
rm -rf "$tempdir"
}
alias slapadd='slapadd -vF /var/lib/ldap/config'
src="$1"
trap 'cleanup' INT QUIT EXIT TERM
tempdir="$(mktemp -d)"
tar -xzf "$src" -C "$tempdir"
slapadd -c -n0 -l "$tempdir/config.ldif"
# shellcheck disable=SC2044
for file in $(find "$tempdir" -type f -name '*.ldif' \! -name config.ldif -printf '%f\n')
do
dn="${file%.ldif}"
slapadd -c -b "$dn" -l "$tempdir/$file"
done