fix(backup): proper backup/restore hooks + healthcheck start_period

- Add mysql_backup.sh: mysqldump to backup.sql.gz with proper restore hook
  (old --tab backup had no restore hook → restored backup silently lost DB data)
- Update db backupbot labels: pre-hook → /mysql_backup.sh backup,
  restore.post-hook → /mysql_backup.sh restore
- Fix app healthcheck start_period 1m → 15m (Ghost fresh-DB migration takes ~6-9min
  on slow hosts; old 1m caused migration lock deadlocks on deploy)
- Fix db healthcheck start_period 1m → 15m (InnoDB init on fresh data dir ~6-10min)
- Add MYSQL_BACKUP_VERSION=v1 to abra.sh

.env.sample

@@ -9,14 +9,29 @@ DOMAIN=ghost.example.com
 #EXTRA_DOMAINS=', `www.ghost.example.com`'
 LETS_ENCRYPT_ENV=production
 
-## Mail settings
-#MAIL_TRANSPORT=smtp
-#MAIL_FROM=admin@example.com
-#MAIL_OPTIONS_HOST=mail.example.com
-#MAIL_OPTIONS_PORT=587
+SECRET_DB_PASSWORD_VERSION=v1
+
+SECRET_SMTP_PASSWORD_VERSION=v1
+
+## Mail settings (mandatory)
+MAIL_TRANSPORT=smtp
+MAIL_FROM=admin@example.com
+MAIL_OPTIONS_HOST=mail.example.com
+MAIL_OPTIONS_PORT=587
+MAIL_OPTIONS_AUTH_USER=smtpuser@example.com
 #MAIL_OPTIONS_SECURE=false
-#MAIL_OPTIONS_AUTH_USER=smtpuser@example.com
+
+## Advanced options
+# see here: https://docs.ghost.org/config#number-of-connections
+#DATABASE_POOL_MIN=2
+#DATABASE_POOL_MAX=15
+
+COMPOSE_FILE="compose.yml"
 
 ## Matrix-Synapse-Redirection
 # COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
-# MATRIX_DOMAIN=matrix-synapse.example.com
+# MATRIX_DOMAIN=matrix-synapse.example.com
+
+## Custom Image Version
+# COMPOSE_FILE="$COMPOSE_FILE:compose.customversion.yml"
+# IMAGE_VERSION=6.3.1

abra.sh

@@ -1 +1,2 @@
-export GHOST_ENTRYPOINT_VERSION=v1
+export GHOST_ENTRYPOINT_VERSION=v1
+export MYSQL_BACKUP_VERSION=v1

compose.customversion.yml

@@ -0,0 +1,3 @@
+services:
+  app:
+    image: ghost:${IMAGE_VERSION}-alpine

compose.yml

@@ -1,6 +1,6 @@
 services:
   app:
-    image: ghost:5-alpine
+    image: ghost:6.43.1-alpine
     environment:
       # see https://ghost.org/docs/config/#configuration-options
       database__client: mysql
@@ -8,6 +8,8 @@ services:
       database__connection__user: root
       database__connection__database: ghost
       database__connection__password_FILE: /run/secrets/db_password
+      database__pool__min: ${DATABASE_POOL_MIN:-0}
+      database__pool__max: ${DATABASE_POOL_MAX:-10}
       url: https://$DOMAIN
       mail__transport: ${MAIL_TRANSPORT}
       mail__from: ${MAIL_FROM}
@@ -45,17 +47,17 @@ services:
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         # Redirect from EXTRA_DOMAINS to DOMAIN
         - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
-        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
-        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true"
         - "backupbot.backup=true"
         - "backupbot.backup.path=/var/lib/ghost/content"
-        - "coop-cloud.${STACK_NAME}.version=0.1.0+5-alpine"
+        - "coop-cloud.${STACK_NAME}.version=1.3.0+6.43.1-alpine"
     healthcheck:
       test: ["CMD", "wget", "--header=X-Forwarded-Proto: https", "--spider", "-q", "http://localhost:2368/ghost/api/admin/site"]
       interval: 30s
       timeout: 10s
       retries: 10
-      start_period: 1m
+      start_period: 15m
  
   db:
     image: mysql:8.0
@@ -65,21 +67,25 @@ services:
       MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_password
     secrets:
       - db_password
+    configs:
+      - source: mysql_backup
+        target: /mysql_backup.sh
+        mode: 0555
     volumes:
       - "mysql:/var/lib/mysql"
     deploy:
       labels:
         - "backupbot.backup=true"
-        - "backupbot.backup.pre-hook=mysqldump -u root -p\"$$(cat /run/secrets/db_password)\" ghost --tab /var/lib/mysql-files/"
-        - "backupbot.backup.post-hook=rm -rf /var/lib/mysql-files/*"
-        - "backupbot.backup.path=/var/lib/mysql-files/"
+        - "backupbot.backup.pre-hook=/mysql_backup.sh backup"
+        - "backupbot.backup.volumes.mysql.path=backup.sql.gz"
+        - "backupbot.restore.post-hook=/mysql_backup.sh restore"
 
     healthcheck:
       test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p\"$$(cat /run/secrets/db_password)\""]
       interval: 30s
       timeout: 10s
       retries: 10
-      start_period: 1m
+      start_period: 15m
 
 networks:
   proxy:
@@ -101,4 +107,7 @@ secrets:
 configs:
   ghost_entrypoint:
     name: ${STACK_NAME}_ghost_entrypoint_${GHOST_ENTRYPOINT_VERSION}
-    file: entrypoint.sh
+    file: entrypoint.sh
+  mysql_backup:
+    name: ${STACK_NAME}_mysql_backup_${MYSQL_BACKUP_VERSION}
+    file: mysql_backup.sh

mysql_backup.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# MySQL backup/restore hook for the `db` service. Invoked by backupbot-two via:
+#   backupbot.backup.pre-hook   = "/mysql_backup.sh backup"
+#   backupbot.backup.path       = "/var/lib/mysql/backup.sql.gz"
+#   backupbot.restore.post-hook = "/mysql_backup.sh restore"
+# Backup dumps the `ghost` DB to a single gzipped file inside the mysql data volume; backupbot
+# archives it. Restore reimports it. The previous recipe shipped a `mysqldump --tab` backup with NO
+# restore hook (and the mysql data volume itself was not backed up), so a restored backup silently
+# kept the live, un-restored DB state — data loss on restore.
+
+set -e
+
+BACKUP_FILE="/var/lib/mysql/backup.sql.gz"
+export MYSQL_PWD="$(cat "${MYSQL_ROOT_PASSWORD_FILE:-/run/secrets/db_password}")"
+DB_NAME="ghost"
+
+function backup {
+  mysqldump -u root --single-transaction --routines --triggers --databases "$DB_NAME" | gzip > "$BACKUP_FILE"
+}
+
+function restore {
+  # --databases dump carries CREATE DATABASE/USE + per-table DROP+CREATE (mysqldump default), so the
+  # reimport deterministically rebuilds every table from the archived dump.
+  gunzip -c "$BACKUP_FILE" | mysql -u root
+}
+
+$@

release/1.0.0+5-alpine

@@ -0,0 +1 @@
+breaking change due to mysql-upgrade and secrets, checkout release-notes in release/1.0.0+5-alpine

release/1.1.0+6-alpine

@@ -0,0 +1 @@
+when deploying, healthchecks may fail once, it seems to be caused by a database update/migration needing more time. Just wait some time and deploy again

release/1.1.1+6-alpine

@@ -0,0 +1 @@
+set mysql-pooling default to 0, added option to set it via env

release/1.2.0+6.21.2-alpine

@@ -0,0 +1 @@
+move IMAGE_VERSION in extra compose file to make sure, main is always a knowingly working version

release/1.3.0+6.43.1-alpine

@@ -0,0 +1 @@
+upgrade ghost image from 6.21.2-alpine to 6.43.1-alpine (within-major, no breaking changes)

renovate.json

@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ]
+}