150 lines
5.4 KiB
Bash
150 lines
5.4 KiB
Bash
#!/bin/bash
|
|
# start.sh: Initializes the cron schedule and starts the daemon.
|
|
|
|
# Exit immediately if any command fails
|
|
set -e
|
|
|
|
# --- 0. Sanitize and Persist ALL Environment Variables ---
|
|
# Create a profile script that will be sourced by all new shells.
|
|
# This ensures that `docker exec` sessions get the sanitized environment.
|
|
ENV_SCRIPT="/etc/profile.d/00-rustic-env.sh"
|
|
echo "# This file is auto-generated by start.sh" > "${ENV_SCRIPT}"
|
|
echo "# It sanitizes and exports variables for all shell sessions." >> "${ENV_SCRIPT}"
|
|
|
|
# List of all variables that need sanitization
|
|
VARS_TO_SANITIZE=(
|
|
"CONTAINER_ROLE"
|
|
"RUSTIC_PASSWORD"
|
|
"CRON_SCHEDULE"
|
|
"S3_ENDPOINT"
|
|
"S3_BUCKET"
|
|
"S3_REGION"
|
|
"AWS_ACCESS_KEY_ID"
|
|
"AWS_SECRET_ACCESS_KEY"
|
|
"RANDOM_DELAY_SECONDS"
|
|
"N8N_WEBHOOK_URL"
|
|
"BACKUP_PATHS"
|
|
"PRUNE_POLICY"
|
|
"CHECK_ARGS"
|
|
"CACHE_CLEANUP_DAYS"
|
|
)
|
|
|
|
for VAR_NAME in "${VARS_TO_SANITIZE[@]}"; do
|
|
# Using indirect expansion to get the value of the variable named by VAR_NAME
|
|
VAR_VALUE="${!VAR_NAME}"
|
|
|
|
# Sanitize the value by removing double quotes
|
|
SANITIZED_VALUE=${VAR_VALUE//\"/}
|
|
|
|
# Export the sanitized variable back to the current script's environment
|
|
export "${VAR_NAME}"="${SANITIZED_VALUE}"
|
|
|
|
# Write the export command to the profile script for future sessions
|
|
echo "export ${VAR_NAME}=\"${SANITIZED_VALUE}\"" >> "${ENV_SCRIPT}"
|
|
done
|
|
|
|
chmod +x "${ENV_SCRIPT}"
|
|
echo "Environment sanitized and persisted."
|
|
|
|
# --- Persist environment for Cron ---
|
|
# Save the sanitized environment to a file that the cron daemon will read.
|
|
printenv > /etc/environment
|
|
echo "Environment saved for cron."
|
|
|
|
# --- 1. Determine Container Role ---
|
|
# Default to "backup" role if not specified
|
|
CONTAINER_ROLE=${CONTAINER_ROLE:-"backup"}
|
|
|
|
# --- 2. Validate Core Variables ---
|
|
if [ -z "$RUSTIC_PASSWORD" ]; then
|
|
echo "ERROR: RUSTIC_PASSWORD environment variable is not set."
|
|
exit 1
|
|
fi
|
|
|
|
# --- 3. S3 Configuration & Bucket Check ---
|
|
# Check for S3 variables. If they exist, configure rustic and check the bucket.
|
|
if [ -n "$S3_ENDPOINT" ] && [ -n "$S3_BUCKET" ] && [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ]; then
|
|
echo "S3 environment variables detected. Configuring rustic and checking bucket..."
|
|
|
|
# Set a default region if not provided
|
|
S3_REGION=${S3_REGION:-"us-east-1"}
|
|
|
|
# --- Create rustic config file ---
|
|
mkdir -p /etc/rustic
|
|
cat <<EOF > /etc/rustic/rustic.toml
|
|
[repository]
|
|
repository = "opendal:s3"
|
|
password = "${RUSTIC_PASSWORD}"
|
|
|
|
[repository.options]
|
|
endpoint = "${S3_ENDPOINT}"
|
|
bucket = "${S3_BUCKET}"
|
|
region = "${S3_REGION}"
|
|
access_key_id = "${AWS_ACCESS_KEY_ID}"
|
|
secret_access_key = "${AWS_SECRET_ACCESS_KEY}"
|
|
EOF
|
|
echo "Rustic config created at /etc/rustic/rustic.toml"
|
|
|
|
# --- Check and Create S3 Bucket ---
|
|
echo "Configuring MinIO client for endpoint: ${S3_ENDPOINT}"
|
|
mc alias set s3_storage "${S3_ENDPOINT}" "${AWS_ACCESS_KEY_ID}" "${AWS_SECRET_ACCESS_KEY}" --api S3v4
|
|
|
|
if mc ls "s3_storage/${S3_BUCKET}" > /dev/null 2>&1; then
|
|
echo "Bucket '${S3_BUCKET}' already exists."
|
|
else
|
|
echo "Bucket '${S3_BUCKET}' not found. Creating it..."
|
|
mc mb "s3_storage/${S3_BUCKET}"
|
|
echo "Bucket '${S3_BUCKET}' created successfully."
|
|
fi
|
|
else
|
|
echo "WARNING: S3 environment variables (S3_ENDPOINT, S3_BUCKET, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) are not fully set."
|
|
echo "Skipping S3 configuration and bucket creation. Rustic might fail if not configured otherwise."
|
|
fi
|
|
|
|
|
|
# --- 4. Role-based Execution ---
|
|
if [ "$CONTAINER_ROLE" = "backup" ]; then
|
|
echo "--- Starting in Backup Mode ---"
|
|
if [ -z "$CRON_SCHEDULE" ]; then
|
|
echo "ERROR: CRON_SCHEDULE environment variable is not set for backup mode."
|
|
exit 1
|
|
fi
|
|
# Create Dynamic Crontab
|
|
CRONTAB_FILE="/var/spool/cron/crontabs/root"
|
|
echo "Creating crontab with full PATH..."
|
|
# Define the PATH for the cron environment to ensure all binaries are found.
|
|
echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" > "${CRONTAB_FILE}"
|
|
# Add the cron job, redirecting all output to the container's stdout/stderr
|
|
echo "${CRON_SCHEDULE} /usr/local/bin/backup.sh > /proc/1/fd/1 2>&1" >> "${CRONTAB_FILE}"
|
|
chmod 600 ${CRONTAB_FILE}
|
|
|
|
# Start Cron Daemon
|
|
echo "Starting cron daemon in foreground..."
|
|
exec /usr/sbin/cron -f -L 8
|
|
|
|
elif [ "$CONTAINER_ROLE" = "prune" ]; then
|
|
echo "--- Starting in Prune (maintenance) Mode ---"
|
|
if [ -z "$CRON_SCHEDULE" ]; then
|
|
echo "ERROR: CRON_SCHEDULE environment variable is not set for prune mode."
|
|
exit 1
|
|
fi
|
|
CRONTAB_FILE="/var/spool/cron/crontabs/root"
|
|
echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" > "${CRONTAB_FILE}"
|
|
echo "${CRON_SCHEDULE} /usr/local/bin/prune.sh > /proc/1/fd/1 2>&1" >> "${CRONTAB_FILE}"
|
|
chmod 600 ${CRONTAB_FILE}
|
|
echo "Starting cron daemon in foreground..."
|
|
exec /usr/sbin/cron -f -L 8
|
|
|
|
elif [ "$CONTAINER_ROLE" = "restore" ]; then
|
|
echo "--- Starting in Restore Mode ---"
|
|
echo "The container is now running and ready for restore operations."
|
|
echo "To restore a backup, run the following command:"
|
|
echo " docker exec -it ${HOSTNAME} /usr/local/bin/restore.sh"
|
|
echo "--------------------------------------------------------"
|
|
# Keep container alive
|
|
exec tail -f /dev/null
|
|
|
|
else
|
|
echo "ERROR: Invalid CONTAINER_ROLE specified: '${CONTAINER_ROLE}'. Use 'backup' or 'restore'."
|
|
exit 1
|
|
fi |