diff --git a/abra.sh b/abra.sh index 1c66304..8cac4ed 100644 --- a/abra.sh +++ b/abra.sh @@ -1 +1,2 @@ export DB_ENTRYPOINT_VERSION=v1 +export PG_BACKUP_VERSION=v2 diff --git a/compose.yml b/compose.yml index 79edcd7..019885e 100644 --- a/compose.yml +++ b/compose.yml @@ -3,7 +3,7 @@ version: "3.8" services: app: - image: bitnami/discourse:3.3.1 + image: bitnamilegacy/discourse:3.5.0 networks: - proxy - internal @@ -43,16 +43,16 @@ services: #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - - "coop-cloud.${STACK_NAME}.version=0.7.0+3.3.1" + - "coop-cloud.${STACK_NAME}.version=0.9.0+3.5.0" healthcheck: test: "ruby -e \"require 'uri'; require 'net/http'; uri = URI('http://localhost:3000/srv/status'); res = Net::HTTP.get_response(uri); if res.is_a?(Net::HTTPSuccess) then exit (0) else exit (1) end\"" interval: 30s timeout: 10s retries: 6 - start_period: 5m + start_period: 20m db: - image: postgres:13 + image: pgvector/pgvector:pg17 networks: - internal secrets: @@ -63,6 +63,9 @@ services: - source: db_entrypoint target: /docker-entrypoint.sh mode: 0555 + - source: pg_backup + target: /pg_backup.sh + mode: 0555 entrypoint: /docker-entrypoint.sh environment: - POSTGRES_HOST_AUTH_METHOD=trust @@ -72,19 +75,19 @@ services: deploy: labels: backupbot.backup: "true" - backupbot.backup.pre-hook: "bash -c 'PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup.sql'" - backupbot.backup.post-hook: "rm -rf /tmp/backup.sql" - backupbot.backup.path: "/tmp/backup.sql" + backupbot.backup.pre-hook: "/pg_backup.sh backup" + backupbot.backup.volumes.postgresql_data.path: "backup.sql" + backupbot.restore.post-hook: "/pg_backup.sh restore" redis: - image: redis:7.4-alpine + image: redis:8.0-alpine networks: - internal volumes: - 'redis_data:/data' sidekiq: - image: bitnami/discourse:3.3.1 + image: bitnamilegacy/discourse:3.5.0 networks: - proxy - internal @@ -132,3 +135,6 @@ configs: name: ${STACK_NAME}_db_entrypoint_${DB_ENTRYPOINT_VERSION} file: entrypoint.postgres.sh.tmpl template_driver: golang + pg_backup: + name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION} + file: pg_backup.sh diff --git a/pg_backup.sh b/pg_backup.sh new file mode 100755 index 0000000..382a1d2 --- /dev/null +++ b/pg_backup.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# Postgres backup/restore hook for the discourse `db` service. + +set -e + +BACKUP_FILE='/var/lib/postgresql/data/backup.sql' +export PGPASSWORD=$(cat "${POSTGRES_PASSWORD_FILE:-/run/secrets/db_password}") +DB_USER="${POSTGRES_USER:-discourse}" +DB_NAME="${POSTGRES_DB:-discourse}" + +function backup { + pg_dump -U "$DB_USER" "$DB_NAME" | gzip > "$BACKUP_FILE" +} + +function restore { + cd /var/lib/postgresql/data/ + + # Block all non-local connections so the running discourse app + sidekiq cannot reconnect and + # interfere with the drop/recreate/reimport. Restored on exit. + restore_hba() { + cat pg_hba.conf.bak > pg_hba.conf + rm -f pg_hba.conf.bak + su postgres -c 'pg_ctl reload' + } + cp pg_hba.conf pg_hba.conf.bak + echo 'local all all trust' > pg_hba.conf + su postgres -c 'pg_ctl reload' + trap restore_hba EXIT INT TERM + + # terminate any lingering local sessions before recreate + # see https://stackoverflow.com/questions/5108876/kill-a-postgresql-session-connection + psql -U "$DB_USER" -d postgres -c \ + "SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname='${DB_NAME}' AND pid<>pg_backend_pid();" + + # drop database and then recreate it + psql -U "$DB_USER" -d postgres -c "DROP DATABASE ${DB_NAME} WITH (FORCE);" + createdb -U "$DB_USER" "$DB_NAME" + + # reimport data + gunzip -c "$BACKUP_FILE" | psql -U "$DB_USER" -d "$DB_NAME" -1 -v ON_ERROR_STOP=1 -f - +} + +$@