diff --git a/README.md b/README.md index 849b95e..198b46b 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # dokku postgres (beta) [![Build Status](https://img.shields.io/travis/dokku/dokku-postgres.svg?branch=master "Build Status")](https://travis-ci.org/dokku/dokku-postgres) [![IRC Network](https://img.shields.io/badge/irc-freenode-blue.svg "IRC Freenode")](https://webchat.freenode.net/?channels=dokku) -Official postgres plugin for dokku. Currently defaults to installing [postgres 9.6.1](https://hub.docker.com/_/postgres/). +Official postgres plugin for dokku. Currently defaults to installing [postgres 9.6.4](https://hub.docker.com/_/postgres/). ## requirements @@ -17,8 +17,8 @@ sudo dokku plugin:install https://github.com/dokku/dokku-postgres.git postgres ## commands ``` -postgres:backup [--use-iam] Create a backup of the postgres service to an existing s3 bucket -postgres:backup-auth Sets up authentication for backups on the postgres service +postgres:backup [--use-iam] Create a backup of the postgres service to an existing s3 bucket +postgres:backup-auth () () () Sets up authentication for backups on the postgres service postgres:backup-deauth Removes backup authentication for the postgres service postgres:backup-schedule Schedules a backup of the postgres service postgres:backup-unschedule Unschedules the backup of the postgres service @@ -53,7 +53,7 @@ dokku postgres:create lolipop # it *must* be compatible with the # official postgres image export POSTGRES_IMAGE="postgres" -export POSTGRES_IMAGE_VERSION="9.6.1" +export POSTGRES_IMAGE_VERSION="9.6.4" dokku postgres:create lolipop # you can also specify custom environment @@ -216,9 +216,7 @@ or root. ## Backups -Datastore backups are supported via AWS S3. The only supported region is `us-east-1`, and using an S3 bucket in another region will result in an error. - -> If you would like to sponsor work to enable support for other regions, please contact [@josegonzalez](http://github.com/josegonzalez/). +Datastore backups are supported via AWS S3 and S3 compatible services like [minio](https://github.com/minio/minio). You may skip the `backup-auth` step if your dokku install is running within EC2 and has access to the bucket via an IAM profile. In that case, use the `--use-iam` @@ -243,3 +241,16 @@ dokku postgres:backup-schedule lolipop CRON_SCHEDULE BUCKET_NAME # remove the scheduled backup from cron dokku postgres:backup-unschedule lolipop ``` + +Backup auth can also be set up for different regions, signature versions and endpoints (e.g. for minio): + +``` +# setup s3 backup authentication with different region +dokku postgres:backup-auth lolipop AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION + +# setup s3 backup authentication with different signature version and endpoint +dokku postgres:backup-auth lolipop AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION AWS_SIGNATURE_VERSION ENDPOINT_URL + +# more specific example for minio auth +dokku postgres:backup-auth lolipop MINIO_ACCESS_KEY_ID MINIO_SECRET_ACCESS_KEY us-east-1 s3v4 https://YOURMINIOSERVICE +``` diff --git a/commands b/commands index 1a07da3..1f9f69d 100755 --- a/commands +++ b/commands @@ -105,7 +105,7 @@ case "$1" in declare desc="return $PLUGIN_COMMAND_PREFIX plugin help content" cat< , Create a backup of the $PLUGIN_COMMAND_PREFIX service to an existing s3 bucket - $PLUGIN_COMMAND_PREFIX:backup-auth , Sets up authentication for backups on the $PLUGIN_COMMAND_PREFIX service + $PLUGIN_COMMAND_PREFIX:backup-auth () () (), Sets up authentication for backups on the $PLUGIN_COMMAND_PREFIX service $PLUGIN_COMMAND_PREFIX:backup-deauth , Removes backup authentication for the $PLUGIN_COMMAND_PREFIX service $PLUGIN_COMMAND_PREFIX:backup-schedule , Schedules a backup of the $PLUGIN_COMMAND_PREFIX service $PLUGIN_COMMAND_PREFIX:backup-unschedule , Unschedules the backup of the $PLUGIN_COMMAND_PREFIX service diff --git a/common-functions b/common-functions index 6147cf3..0674f7b 100755 --- a/common-functions +++ b/common-functions @@ -31,6 +31,7 @@ get_random_ports() { local quit=0 while [ "$quit" -ne 1 ]; do netstat -an | grep $port > /dev/null + # shellcheck disable=SC2181 if [ $? -gt 0 ]; then quit=1 else @@ -105,15 +106,15 @@ service_alternative_alias() { service_backup() { declare desc="Creates a backup of a service to an existing s3 bucket" declare SERVICE="$1" BUCKET_NAME="$2" S3_FLAG="$3" - local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" - local AWS_ACCESS_KEY_ID_FILE="$SERVICE_ROOT/backup/AWS_ACCESS_KEY_ID" - local AWS_SECRET_ACCESS_KEY_FILE="$SERVICE_ROOT/backup/AWS_SECRET_ACCESS_KEY" - local AWS_VARS="" + local BACKUP_CONFIG_ROOT="$PLUGIN_DATA_ROOT/$SERVICE/backup" + local AWS_ACCESS_KEY_ID_FILE="$BACKUP_CONFIG_ROOT/AWS_ACCESS_KEY_ID" + local AWS_SECRET_ACCESS_KEY_FILE="$BACKUP_CONFIG_ROOT/AWS_SECRET_ACCESS_KEY" + local BACKUP_PARAMETERS="" if [[ -z "$S3_FLAG" ]]; then [[ ! -f "$AWS_ACCESS_KEY_ID_FILE" ]] && dokku_log_fail "Missing AWS_ACCESS_KEY_ID file" [[ ! -f "$AWS_SECRET_ACCESS_KEY_FILE" ]] && dokku_log_fail "Missing AWS_SECRET_ACCESS_KEY file" - AWS_VARS="-e AWS_ACCESS_KEY_ID=$(cat "$AWS_ACCESS_KEY_ID_FILE") -e AWS_SECRET_ACCESS_KEY=$(cat "$AWS_SECRET_ACCESS_KEY_FILE")" + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_ACCESS_KEY_ID=$(cat "$AWS_ACCESS_KEY_ID_FILE") -e AWS_SECRET_ACCESS_KEY=$(cat "$AWS_SECRET_ACCESS_KEY_FILE")" elif [[ $S3_FLAG != "--use-iam" ]]; then dokku_log_fail "Provide AWS credentials or use the --use-iam flag" fi @@ -122,22 +123,49 @@ service_backup() { trap 'rm -rf "$TMPDIR" > /dev/null' RETURN INT TERM EXIT (service_export "$SERVICE" > "${TMPDIR}/export") - docker run \ - "${AWS_VARS}" \ - -e BUCKET_NAME="$BUCKET_NAME" \ - -e BACKUP_NAME="${PLUGIN_COMMAND_PREFIX}-${SERVICE}" \ - -v "${TMPDIR}:/backup" dokkupaas/s3backup:0.6.0 + + # Build parameter list for s3backup tool + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e BUCKET_NAME=$BUCKET_NAME" + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e BACKUP_NAME=${PLUGIN_COMMAND_PREFIX}-${SERVICE}" + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -v ${TMPDIR}:/backup" + + if [[ -f "$BACKUP_CONFIG_ROOT/AWS_DEFAULT_REGION" ]]; then + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_DEFAULT_REGION=$(cat "$BACKUP_CONFIG_ROOT/AWS_DEFAULT_REGION")" + fi + + if [[ -f "$BACKUP_CONFIG_ROOT/AWS_SIGNATURE_VERSION" ]]; then + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_SIGNATURE_VERSION=$(cat "$BACKUP_CONFIG_ROOT/AWS_SIGNATURE_VERSION")" + fi + + if [[ -f "$BACKUP_CONFIG_ROOT/ENDPOINT_URL" ]]; then + BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e ENDPOINT_URL=$(cat "$BACKUP_CONFIG_ROOT/ENDPOINT_URL")" + fi + + # shellcheck disable=SC2086 + docker run $BACKUP_PARAMETERS dokkupaas/s3backup:0.7.0 } service_backup_auth() { declare desc="Sets up authentication" - declare SERVICE="$1" AWS_ACCESS_KEY_ID="$2" AWS_SECRET_ACCESS_KEY="$3" + declare SERVICE="$1" AWS_ACCESS_KEY_ID="$2" AWS_SECRET_ACCESS_KEY="$3" AWS_DEFAULT_REGION="$4" AWS_SIGNATURE_VERSION="$5" ENDPOINT_URL="$6" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ROOT="${SERVICE_ROOT}/backup/" mkdir -p "$SERVICE_BACKUP_ROOT" echo "$AWS_ACCESS_KEY_ID" > "${SERVICE_BACKUP_ROOT}/AWS_ACCESS_KEY_ID" echo "$AWS_SECRET_ACCESS_KEY" > "${SERVICE_BACKUP_ROOT}/AWS_SECRET_ACCESS_KEY" + + if [[ -n "$AWS_DEFAULT_REGION" ]]; then + echo "$AWS_DEFAULT_REGION" > "${SERVICE_BACKUP_ROOT}/AWS_DEFAULT_REGION" + fi + + if [[ -n "$AWS_SIGNATURE_VERSION" ]]; then + echo "$AWS_SIGNATURE_VERSION" > "${SERVICE_BACKUP_ROOT}/AWS_SIGNATURE_VERSION" + fi + + if [[ -n "$ENDPOINT_URL" ]]; then + echo "$ENDPOINT_URL" > "${SERVICE_BACKUP_ROOT}/ENDPOINT_URL" + fi } service_backup_deauth() { diff --git a/config b/config index 32f73c4..8e21adc 100644 --- a/config +++ b/config @@ -1,6 +1,6 @@ #!/usr/bin/env bash export POSTGRES_IMAGE=${POSTGRES_IMAGE:="postgres"} -export POSTGRES_IMAGE_VERSION=${POSTGRES_IMAGE_VERSION:="9.6.1"} +export POSTGRES_IMAGE_VERSION=${POSTGRES_IMAGE_VERSION:="9.6.4"} export POSTGRES_ROOT=${POSTGRES_ROOT:="/var/lib/dokku/services/postgres"} export PLUGIN_COMMAND_PREFIX="postgres" diff --git a/install b/install index 72b46a5..60f5315 100755 --- a/install +++ b/install @@ -13,7 +13,7 @@ plugin-install() { pull-docker-image "${PLUGIN_IMAGE}:${PLUGIN_IMAGE_VERSION}" pull-docker-image "svendowideit/ambassador:latest" pull-docker-image "dokkupaas/wait:0.2" - pull-docker-image "dokkupaas/s3backup:0.6.0" + pull-docker-image "dokkupaas/s3backup:0.7.0" pull-docker-image "busybox:latest" mkdir -p "$PLUGIN_DATA_ROOT" || echo "Failed to create $PLUGIN_SERVICE directory" diff --git a/tests/bin/docker b/tests/bin/docker index 3f7c88f..60cd261 100755 --- a/tests/bin/docker +++ b/tests/bin/docker @@ -22,7 +22,7 @@ case "$1" in echo "mongo 3.2.9 12eadb136159 2 days ago 291.1 MB" echo "mysql 5.7.12 57d56ac47bed 2 days ago 321.3 MB" echo "nats 0.9.4 9216d5a4eec8 2 days ago 109.3 MB" - echo "postgres 9.6.1 6412eb70175e 2 days ago 265.7 MB" + echo "postgres 9.6.4 6412eb70175e 2 days ago 265.7 MB" echo "rabbitmq 3.6.5-management 327b803301e9 2 days ago 143.5 MB" echo "redis 3.2.3 9216d5a4eec8 2 days ago 109.3 MB" echo "rethinkdb 2.3.4 f27010a550ec 2 days ago 196.3 MB" @@ -71,7 +71,7 @@ case "$1" in echo 'c0f74fc90377 mongo:3.2.9 "/entrypoint.sh mong" 11 seconds ago Up 10 seconds 27017/tcp dokku.mongo.l' echo '0f33b1c86da9 mysql:5.7.12 "/entrypoint.sh mysq" 11 seconds ago Up 10 seconds 3306/tcp dokku.mysql.l' echo '9f10b6dc12d5 nats:0.9.4 "/entrypoint.sh redi" 11 seconds ago Up 10 seconds 4222/tcp dokku.nats.l' - echo '7f899b723c08 postgres:9.6.1 "/docker-entrypoint." 11 seconds ago Up 10 seconds 5432/tcp dokku.postgres.l' + echo '7f899b723c08 postgres:9.6.4 "/docker-entrypoint." 11 seconds ago Up 10 seconds 5432/tcp dokku.postgres.l' echo '5e50a462661e rabbitmq:3.6.5-management "/docker-entrypoint." 11 seconds ago Up 10 seconds 5672/tcp, 15672/tcp dokku.rabbitmq.l' echo 'c39ca00fa3c6 redis:3.2.3 "/entrypoint.sh redi" 11 seconds ago Up 10 seconds 6379/tcp dokku.redis.l' echo 'dc98c2939a80 rethinkdb:2.3.4 "rethinkdb --bind al" 11 seconds ago Up 10 seconds 8080/tcp, 28015/tcp, 29015/tcp dokku.rethinkdb.l' diff --git a/tests/service_list.bats b/tests/service_list.bats index b3969d4..47a6085 100755 --- a/tests/service_list.bats +++ b/tests/service_list.bats @@ -11,20 +11,20 @@ teardown() { @test "($PLUGIN_COMMAND_PREFIX:list) with no exposed ports, no linked apps" { run dokku "$PLUGIN_COMMAND_PREFIX:list" - assert_contains "${lines[*]}" "l postgres:9.6.1 running - -" + assert_contains "${lines[*]}" "l postgres:9.6.4 running - -" } @test "($PLUGIN_COMMAND_PREFIX:list) with exposed ports" { dokku "$PLUGIN_COMMAND_PREFIX:expose" l 4242 run dokku "$PLUGIN_COMMAND_PREFIX:list" - assert_contains "${lines[*]}" "l postgres:9.6.1 running 5432->4242 -" + assert_contains "${lines[*]}" "l postgres:9.6.4 running 5432->4242 -" } @test "($PLUGIN_COMMAND_PREFIX:list) with linked app" { dokku apps:create my_app dokku "$PLUGIN_COMMAND_PREFIX:link" l my_app run dokku "$PLUGIN_COMMAND_PREFIX:list" - assert_contains "${lines[*]}" "l postgres:9.6.1 running - my_app" + assert_contains "${lines[*]}" "l postgres:9.6.4 running - my_app" dokku --force apps:destroy my_app }