From 61efd25aa4dadc6442e338a3ccf04da42aad0503 Mon Sep 17 00:00:00 2001 From: "dave@tiredofit.ca" Date: Thu, 30 Mar 2023 12:23:24 -0700 Subject: [PATCH] Release 2.6-7.4.0 - See CHANGELOG.md --- CHANGELOG.md | 9 + Dockerfile | 84 +++---- README.md | 49 ++-- install/assets/defaults/10-openldap | 21 +- .../services.available/20-openldap-backup/run | 230 ++++++++++-------- zabbix_templates/app-openldap_backup.json | 218 +++++++++++++++++ 6 files changed, 439 insertions(+), 172 deletions(-) create mode 100644 zabbix_templates/app-openldap_backup.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a55d12..55d53e5 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +## 2.6-7.4.0 2023-03-30 + + ### Changed + - Rework OpenLDAP Backup routines to become more in line with parent tiredofit/db-backup image + - config and data both get compressed into same tar file going forward + - Added ability to create "latest" symlink to last good backup + - Added ability to "archive" backups to an archive folder after a specified period of time for better external backup capabilities + + ## 2.6-7.3.2 2023-03-07 ### Changed diff --git a/Dockerfile b/Dockerfile index 968a44a..5775cdb 100755 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG OPENLDAP_VERSION ENV OPENLDAP_VERSION=${OPENLDAP_VERSION:-"2.6.4"} \ SCHEMA2LDIF_VERSION=1.3 \ - IMAGE_NAME="tiredofit/openldap:2.6" \ + IMAGE_NAME="tiredofit/openldap" \ IMAGE_REPO_URL="https://github.com/tiredofit/docker-openldap/" COPY CHANGELOG.md /tiredofit/ @@ -20,48 +20,49 @@ RUN source /assets/functions/00-container && \ package update && \ package upgrade && \ package install .openldap-build-deps \ - alpine-sdk \ - autoconf \ - automake \ - build-base \ - bzip2-dev \ - cracklib-dev \ - cyrus-sasl-dev \ - db-dev \ - git \ - groff \ - heimdal-dev \ - libarchive-dev \ - libevent-dev \ - libsodium-dev \ - libtool \ - m4 \ - mosquitto-dev \ - openssl-dev \ - unixodbc-dev \ - util-linux-dev \ - xz-dev \ - && \ + alpine-sdk \ + autoconf \ + automake \ + build-base \ + bzip2-dev \ + cracklib-dev \ + cyrus-sasl-dev \ + db-dev \ + git \ + groff \ + heimdal-dev \ + libarchive-dev \ + libevent-dev \ + libsodium-dev \ + libtool \ + m4 \ + mosquitto-dev \ + openssl-dev \ + unixodbc-dev \ + util-linux-dev \ + xz-dev \ + && \ \ package install .openldap-run-deps \ - aws-cli \ - bzip2 \ - cyrus-sasl \ - coreutils \ - cracklib \ - iptables \ - libltdl \ - libuuid \ - libintl \ - libsodium \ - openssl \ - perl \ - pigz \ - sed \ - unixodbc \ - xz \ - zstd \ - && \ + aws-cli \ + bzip2 \ + cyrus-sasl \ + coreutils \ + cracklib \ + iptables \ + libltdl \ + libuuid \ + libintl \ + libsodium \ + openssl \ + perl \ + pigz \ + sed \ + tar \ + unixodbc \ + xz \ + zstd \ + && \ \ mkdir -p /usr/src/pixz && \ curl -ssL https://github.com/vasi/pixz/releases/download/v1.0.7/pixz-1.0.7.tar.gz | tar xfz - --strip=1 -C /usr/src/pixz && \ @@ -83,7 +84,6 @@ RUN source /assets/functions/00-container && \ mkdir -p contrib/slapd-modules/ppolicy-check-password && \ git clone https://github.com/cedric-dufour/ppolicy-check-password /tiredofit/openldap:$(head -n 1 /tiredofit/CHANGELOG.md | awk '{print $2'})/contrib/slapd-modules/ppolicy-check-password && \ rm -rf /tiredofit/openldap:$(head -n 1 /tiredofit/CHANGELOG.md | awk '{print $2'})/contrib/slapd-modules/ppm && \ - #mkdir -p contrib/slapd-modules/ppm && \ git clone https://github.com/ltb-project/ppm /tiredofit/openldap:$(head -n 1 /tiredofit/CHANGELOG.md | awk '{print $2'})/contrib/slapd-modules/ppm && \ cd /tiredofit/openldap:$(head -n 1 /tiredofit/CHANGELOG.md | awk '{print $2'})/alpine && \ git filter-branch --prune-empty --subdirectory-filter main/openldap HEAD && \ diff --git a/README.md b/README.md index 44a7f2f..53b4cd8 100755 --- a/README.md +++ b/README.md @@ -74,17 +74,17 @@ Builds of the image are available on [Docker Hub](https://hub.docker.com/r/tired ```bash docker pull docker.io/tiredofdit/openldap:(imagetag) ``` -Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-openldap/pkgs/container/docker-openldap) - +Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-openldap/pkgs/container/docker-openldap) + ``` docker pull ghcr.io/tiredofit/docker-openldap:(imagetag) -``` +``` + +Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-tiredofdit/pkgs/container/docker-tiredofdit) -Builds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-tiredofdit/pkgs/container/docker-tiredofdit) - ``` docker pull ghcr.io/tiredofit/docker-tiredofdit:(imagetag) -``` +``` The following image tags are available along with their tagged release based on what's written in the [Changelog](CHANGELOG.md): @@ -159,22 +159,25 @@ Be sure to view the following repositories to understand all the customizable op #### Backup Options: -| Parameter | Description | Default | -| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | -| `ENABLE_BACKUP` | Enable Backup System | `TRUE` | -| `BACKUP_LOCATION` | Backup to `FILESYSTEM` or `S3` compatible services like S3, Minio, Wasabi | `FILESYSTEM` | -| `BACKUP_COMPRESSION` | Use either Gzip `GZ`, Bzip2 `BZ`, XZip `XZ`, ZSTD `ZSTD` or none `NONE` | `GZ` | -| `BACKUP_COMPRESSION_LEVEL` | Numberical value of what level of compression to use, most allow `1` to `9` except for `ZSTD` which allows for `1` to `19` | `3` | -| `BACKUP_INTERVAL` | How often to do a dump, in minutes. Defaults to 1440 minutes, or once per day. | | -| `BACKUP_BEGIN` | What time to do the first dump. Defaults to immediate. Must be in one of two formats | | -| | Absolute HHMM, e.g. `2330` or `0415` | | -| | Relative +MM, i.e. how many minutes after starting the container, e.g. `+0` (immediate), `+10` (in 10 minutes), or `+90` in an hour and a half | | -| `BACKUP_RETENTION` | Value in minutes to delete old backups (only fired when dump freqency fires). 1440 would delete anything above 1 day old. You don't need to set this variable if you want to hold onto everything. | | -| `BACKUP_MD5` | Generate MD5 Sum in Directory, `TRUE` or `FALSE` | `TRUE` | -| `BACKUP_PARALLEL_COMPRESSION` | Use multiple cores when compressing backups `TRUE` or `FALSE` | `TRUE` | -| `BACKUP_PATH` | Filesystem path on where to place backups | `/data/backup` | -| `BACKUP_TEMP_LOCATION` | If you wish to specify a different location, enter it here | `/tmp/backups/" | - +| Parameter | Description | Default | +| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `ENABLE_BACKUP` | Enable Backup System | `TRUE` | +| `BACKUP_BEGIN` | What time to do the first dump. Defaults to immediate. Must be in one of two formats | | +| | Absolute HHMM, e.g. `2330` or `0415` | | +| | Relative +MM, i.e. how many minutes after starting the container, e.g. `+0` (immediate), `+10` (in 10 minutes), or `+90` in an hour and a half | | +| `BACKUP_ARCHIVE_TIME` | Value in minutes to move all files older than (x) from `BACKUP_PATH` to `BACKUP_PATH_ARCHIVE` - which is useful when pairing against an external backup system. | +| `BACKUP_CHECKSUM` | `md5` or `sha1` | `md5` | +| `BACKUP_COMPRESSION_LEVEL` | Numberical value of what level of compression to use, most allow `1` to `9` except for `ZSTD` which allows for `1` to `19` | `8` | +| `BACKUP_COMPRESSION` | Use either Gzip `GZ`, Bzip2 `BZ`, XZip `XZ`, ZSTD `ZSTD` or `none` `zstd` | `GZ` | +| `BACKUP_CREATE_LATEST_SYMLINK` | Create a symbolic link pointing to last backup in this format: `latest-openldap-(config | data` | `TRUE` | +| `BACKUP_ENABLE_CHECKSUM` | Enable checksum after backup `TRUE` or `FALSE` | `TRUE` | +| `BACKUP_INTERVAL` | How often to do a dump, in minutes. Defaults to 1440 minutes, or once per day. | | +| `BACKUP_LOCATION` | Backup to `FILESYSTEM` or `S3` compatible services like S3, Minio, Wasabi | `FILESYSTEM` | +| `BACKUP_PARALLEL_COMPRESSION` | Use multiple cores when compressing backups `TRUE` or `FALSE` | `TRUE` | +| `BACKUP_PATH_ARCHIVE` | Optional Directory where the database dumps archivess are kept. | `${BACKUP_PATH}/archive/` | +| `BACKUP_PATH` | Filesystem path on where to place backups | `/data/backup` | +| `BACKUP_RETENTION` | Value in minutes to delete old backups (only fired when dump freqency fires). 1440 would delete anything above 1 day old. You don't need to set this variable if you want to hold onto everything. | | +| `BACKUP_TEMP_LOCATION` | If you wish to specify a different location, enter it here | `/tmp/backups/` | ##### Backing Up to S3 Compatible Services @@ -232,7 +235,7 @@ If you already have a check_password.conf or ppm.conf in /etc/openldap/ the foll | `TLS_RESET_PERMISSIONS` | Change permissions on certificate directories for OpenLDAP to read | `TRUE` | | `TLS_VERIFY_CLIENT` | TLS verify client. | `try` | - Help: http://www.openldap.org/doc/admin24/tls.html + Help: http://www.openldap.org/doc/admin26/tls.html #### Replication options diff --git a/install/assets/defaults/10-openldap b/install/assets/defaults/10-openldap index b456fc5..52b609e 100755 --- a/install/assets/defaults/10-openldap +++ b/install/assets/defaults/10-openldap @@ -2,19 +2,22 @@ ADD_DEFAULT_DATA=${ADD_DEFAULT_DATA:-"TRUE"} ADMIN_PASS=${ADMIN_PASS:-"admin"} -CONFIG_PASS=${CONFIG_PASS:-"config"} -CONFIG_PATH=${CONFIG_PATH:-"/etc/openldap/"} -BACKUP_TYPE=${BACKUP_TYPE:-"FILESYSTEM"} -BACKUP_COMPRESSION=${BACKUP_COMPRESSION:-ZSTD} -BACKUP_COMPRESSION_LEVEL=${BACKUP_COMPRESSION_LEVEL:-"3"} BACKUP_BEGIN=${BACKUP_BEGIN:-0400} -BACKUP_RETENTION=${BACKUP_RETENTION:-"10080"} +BACKUP_COMPRESSION=${BACKUP_COMPRESSION:-"zstd"} +BACKUP_COMPRESSION_LEVEL=${BACKUP_COMPRESSION_LEVEL:-"8"} +BACKUP_CREATE_LATEST_SYMLINK=${BACKUP_CREATE_LATEST_SYMLINK:-"TRUE"} BACKUP_INTERVAL=${BACKUP_INTERVAL:-1440} -BACKUP_PATH=${BACKUP_PATH:-/data/backup} -BACKUP_MD5=${BACKUP_MD5:-TRUE} -BACKUP_PARALLEL_COMPRESSION=${BACKUP_PARALLEL_COMPRESSION:-TRUE} +BACKUP_ENABLE_CHECKSUM=${BACKUP_ENABLE_CHECKSUM:-"TRUE"} +BACKUP_CHECKSUM=${BACKUP_CHECKSUM:-"md5"} +BACKUP_PARALLEL_COMPRESSION=${BACKUP_PARALLEL_COMPRESSION:-"TRUE"} +BACKUP_PATH=${BACKUP_PATH:-"/data/backup/"} +BACKUP_PATH_ARCHIVE=${BACKUP_PATH_ARCHIVE:-"${BACKUP_PATH}/archive/"} +BACKUP_RETENTION=${BACKUP_RETENTION:-"10080"} BACKUP_SIZE_VALUE=${BACKUP_SIZE_VALUE:-"bytes"} BACKUP_TEMP_LOCATION=${BACKUP_TEMP_LOCATION:-"/tmp/backups"} +BACKUP_TYPE=${BACKUP_TYPE:-"FILESYSTEM"} +CONFIG_PASS=${CONFIG_PASS:-"config"} +CONFIG_PATH=${CONFIG_PATH:-"/etc/openldap/"} DB_PATH=${DB_PATH:-"/var/lib/openldap"} DOMAIN=${DOMAIN:-"example.org"} ENABLE_BACKUP=${ENABLE_BACKUP:-"TRUE"} diff --git a/install/etc/services.available/20-openldap-backup/run b/install/etc/services.available/20-openldap-backup/run index e974a78..dfeae63 100755 --- a/install/etc/services.available/20-openldap-backup/run +++ b/install/etc/services.available/20-openldap-backup/run @@ -7,13 +7,7 @@ check_container_initialized check_service_initialized init 10-openldap liftoff -date >/dev/null - -if [ "$1" != "NOW" ]; then - sleep 10 -fi - -if [ "$BACKUP_LOCATION" = "S3" ] || [ "$BACKUP_LOCATION" = "s3" ] || [ "$BACKUP_LOCATION" = "MINIO" ] || [ "$BACKUP_LOCATION" = "minio" ] ; then +if [ "${BACKUP_LOCATION}" = "s3" ] || [ "${BACKUP_LOCATION}" = "minio" ]; then S3_PROTOCOL=${S3_PROTOCOL:-"https"} sanity_var S3_BUCKET "S3 Bucket" sanity_var S3_KEY_ID "S3 Key ID" @@ -24,14 +18,8 @@ if [ "$BACKUP_LOCATION" = "S3" ] || [ "$BACKUP_LOCATION" = "s3" ] || [ "$BACKUP_ file_env 'S3_KEY_SECRET' fi - -if [ "$1" = "NOW" ]; then - BACKUP_BEGIN=+0 - MANUAL=TRUE -fi - ### Set Compression Options -if var_true "${BACKUP_PARALLEL_COMPRESSION}" ; then +if var_true "${BACKUP_PARALLEL_COMPRESSION}"; then bzip="pbzip2 -${BACKUP_COMPRESSION_LEVEL}" gzip="pigz -${BACKUP_COMPRESSION_LEVEL}" xzip="pixz -${BACKUP_COMPRESSION_LEVEL}" @@ -44,167 +32,213 @@ else fi backup_openldap() { - # Schemas print_notice "Backing up configuration schemas" - target=${now}_openldap_config - compression - /usr/sbin/slapcat -F "${CONFIG_PATH}"/slapd.d -n 0 | $dumpoutput > ${BACKUP_TEMP_LOCATION}/"${target}" - generate_md5 - move_backup - # Data + target=config + /usr/sbin/slapcat -F "${CONFIG_PATH}"/slapd.d -n 0 > "${BACKUP_TEMP_LOCATION}"/"${target}" + exit_code=$? + check_exit_code $target print_notice "Backing up user data" - target=${now}_openldap_data + target=data + /usr/sbin/slapcat -F "${CONFIG_PATH}"/slapd.d -n 1 > "${BACKUP_TEMP_LOCATION}"/"${target}" + exit_code=$? + check_exit_code $target + target=${now}-openldap_${CONTAINER_NAME} compression - /usr/sbin/slapcat -F "${CONFIG_PATH}"/slapd.d -n 1 | $dumpoutput > ${BACKUP_TEMP_LOCATION}/"${target}" - generate_md5 + generate_checksum move_backup } +check_exit_code() { + print_debug "OpenLDAP Backup Exit Code is ${exit_code}" + case "${exit_code}" in + 0) + print_info "OpenLDAP Backup of '${1}' completed successfully" + ;; + *) + print_error "OpenLDAP Backup of '${1}' reported errors" + master_exit_code=1 + ;; + esac +} + compression() { - case "${BACKUP_COMPRESSION,,}" in - "bz" | "bzip2" | "bzip" | "bz2" ) - print_notice "Compressing backup with bzip2" - target=${target}.bz2 - dumpoutput="$bzip " + case "${BACKUP_COMPRESSION,,}" in + bz*) + print_notice "Compressing backup with bzip2" + target=${target}.bz2 + tar --use-compress-program="${bzip} " -cf "${BACKUP_TEMP_LOCATION}"/"${target}" -C "${BACKUP_TEMP_LOCATION}" config data ;; - "gz" | "gzip" ) - print_notice "Compressing backup with gzip" - target=${target}.gz - dumpoutput="$gzip " + gz*) + print_notice "Compressing backup with gzip" + target=${target}.gz + tar --use-compress-program="${gzip} " -cf "${BACKUP_TEMP_LOCATION}"/"${target}" -C "${BACKUP_TEMP_LOCATION}" config data ;; - "none" | "false") - dumpoutput="cat " + "none" | "false") + tar -cf "${BACKUP_TEMP_LOCATION}"/"${target}" -C "${BACKUP_TEMP_LOCATION}" config data ;; - "xz" | "xzip" ) - print_notice "Compressing backup with xzip" - target=${target}.xz - dumpoutput="$xzip " + xz*) + print_notice "Compressing backup with xzip" + target=${target}.xz + tar --use-compress-program="${xzip} " -cf "${BACKUP_TEMP_LOCATION}"/"${target}" -C "${BACKUP_TEMP_LOCATION}" config data ;; - "zstd" | "zst" ) - print_notice "Compressing backup with zstd" - target=${target}.zst - dumpoutput="$zstd " + zst*) + print_notice "Compressing backup with zstd" + target=${target}.zst + tar --use-compress-program="${zstd} " -cf "${BACKUP_TEMP_LOCATION}"/"${target}" -C "${BACKUP_TEMP_LOCATION}" config data ;; esac } -generate_md5() { - if var_true "${BACKUP_MD5}" ; then - print_notice "Generating MD5 for ${target}" - cd "${BACKUP_TEMP_LOCATION}" - md5sum "${target}" > "${target}".md5 - MD5VALUE=$(md5sum "${target}" | awk '{ print $1}') +generate_checksum() { + if var_true "${BACKUP_ENABLE_CHECKSUM}"; then + if [ "${exit_code}" = "0" ]; then + case "${BACKUP_CHECKSUM,,}" in + "md5") + checksum_command="md5sum" + checksum_extension="md5" + ;; + sha*) + checksum_command="sha1sum" + checksum_extension="sha1" + ;; + esac + + print_notice "Generating ${checksum_extension^^} for '${target}'" + cd "${BACKUP_TEMP_LOCATION}" + ${checksum_command} "${target}" >"${target}"."${checksum_extension}" + checksum_value=$(${checksum_command} "${target}" | awk ' { print $1}') + print_debug "${checksum_extension^^}: ${checksum_value} - ${target}" + else + print_error "Skipping Checksum creation because backup did not complete successfully" + fi fi } move_backup() { case "${BACKUP_SIZE_VALUE,,}" in - "b" | "bytes" ) - BACKUP_SIZE_VALUE=1 + "b" | "bytes") + BACKUP_SIZE_VALUE=1 ;; - "[kK]" | "[kK][bB]" | "kilobytes" | "[mM]" | "[mM][bB]" | "megabytes" ) - BACKUP_SIZE_VALUE="-h" + "[kK]" | "[kK][bB]" | "kilobytes" | "[mM]" | "[mM][bB]" | "megabytes") + BACKUP_SIZE_VALUE="-h" ;; - *) - BACKUP_SIZE_VALUE=1 + *) + BACKUP_SIZE_VALUE=1 ;; esac - if [ "$BACKUP_SIZE_VALUE" = "1" ] ; then - FILESIZE=$(stat -c%s "${BACKUP_TEMP_LOCATION}/${target}") + if [ "$BACKUP_SIZE_VALUE" = "1" ]; then + FILESIZE="$(stat -c%s "${BACKUP_TEMP_LOCATION}"/"${target}")" print_notice "Backup of ${target} created with the size of ${FILESIZE} bytes" else - FILESIZE=$(du -h "${BACKUP_TEMP_LOCATION}/${target}" | awk '{ print $1}') + FILESIZE=$(du -h "${BACKUP_TEMP_LOCATION}"/"${target}" | awk '{ print $1}') print_notice "Backup of ${target} created with the size of ${FILESIZE}" fi case "${BACKUP_TYPE,,}" in - "file" | "filesystem" ) + file* ) mkdir -p "${BACKUP_PATH}" - mv "${BACKUP_TEMP_LOCATION}"/*.md5 "${BACKUP_PATH}"/ + silent mv "${BACKUP_TEMP_LOCATION}"/*."${checksum_extension}" "${BACKUP_PATH}"/ mv "${BACKUP_TEMP_LOCATION}"/"${target}" "${BACKUP_PATH}"/"${target}" + if var_true "${BACKUP_CREATE_LATEST_SYMLINK}"; then + ln -sf "${BACKUP_PATH}"/"${target}" "${BACKUP_PATH}"/latest-openldap_"${CONTAINER_NAME}" + fi + if [ -n "${BACKUP_ARCHIVE_TIME}" ]; then + mkdir -p "${BACKUP_PATH_ARCHIVE}" + find "${BACKUP_PATH}"/ -maxdepth 1 -mmin +"${BACKUP_ARCHIVE_TIME}" -iname "*" -exec mv {} "${BACKUP_PATH_ARCHIVE}" \; + fi ;; - "s3" | "minio" ) + "s3" | "minio") export AWS_ACCESS_KEY_ID=${S3_KEY_ID} export AWS_SECRET_ACCESS_KEY=${S3_KEY_SECRET} export AWS_DEFAULT_REGION=${S3_REGION} - [[ ( -n "${S3_HOST}" ) ]] && PARAM_AWS_ENDPOINT_URL=" --endpoint-url ${S3_PROTOCOL}://${S3_HOST}" + [[ (-n "${S3_HOST}") ]] && PARAM_AWS_ENDPOINT_URL=" --endpoint-url ${S3_PROTOCOL}://${S3_HOST}" aws ${PARAM_AWS_ENDPOINT_URL} s3 cp ${TEMP_LOCATION}/${target} s3://${S3_BUCKET}/${S3_PATH}/${target} - rm -rf "${BACKUP_TEMP_LOCATION}"/*.md5 + silent rm -rf "${BACKUP_TEMP_LOCATION}"/"${checksum_extension}" rm -rf "${BACKUP_TEMP_LOCATION}"/"${target}" ;; esac + rm -rf "${BACKUP_TEMP_LOCATION}"/config + rm -rf "${BACKUP_TEMP_LOCATION}"/data } -### -### Container Startup -print_debug "Backup routines Initialized on $(date)" - -### Wait for Next time to start backup -if [ "$1" != "NOW" ]; then +if [ "${MODE,,}" = "manual" ] || [ "${1,,}" = "manual" ] || [ "${1,,}" = "now" ]; then + sleep 1 + BACKUP_BEGIN=+0 + manual=TRUE + print_debug "Detected Manual Mode" +else + sleep 5 current_time=$(date +"%s") today=$(date +"%Y%m%d") if [[ $BACKUP_BEGIN =~ ^\+(.*)$ ]]; then - waittime=$(( ${BASH_REMATCH[1]} * 60 )) + waittime=$((${BASH_REMATCH[1]} * 60)) target_time=$(($current_time + $waittime)) else - target_time=$(date --date="${today} ${BACKUP_BEGIN}" +"%s") + target_time=$(date --date="${today}${BACKUP_BEGIN}" +"%s") if [[ "$target_time" < "$current_time" ]]; then - target_time=$(($target_time + 24*60*60)) + target_time=$(($target_time + 24 * 60 * 60)) fi waittime=$(($target_time - $current_time)) fi + print_debug "Wait Time: ${waittime} Target time: ${target_time} Current Time: ${current_time}" print_notice "Next Backup at $(date -d @${target_time} +"%Y-%m-%d %T %Z")" sleep $waittime fi ### Commence Backup - while true; do - # make sure the directory exists - mkdir -p ${BACKUP_TEMP_LOCATION} +while true; do + mkdir -p "${BACKUP_TEMP_LOCATION}" + backup_start_time=$(date +"%s") + print_debug "Backup routines started time: $(date +'%Y-%m-%d %T %Z')" now=$(date +"%Y%m%d-%H%M%S") now_time=$(date +"%H:%M:%S") now_date=$(date +"%Y-%m-%d") backup_openldap - -### Zabbix - if var_true "${CONTAINER_ENABLE_MONITORING}" ; then + backup_finish_time=$(date +"%s") + backup_total_time=$(echo $((backup_finish_time - backup_start_time))) + if [ -z "$master_exit_code" ]; then master_exit_code="0"; fi + print_info "Backup routines finish time: $(date -d @${backup_finish_time} +"%Y-%m-%d %T %Z") with overall exit code ${master_exit_code}" + print_notice "Backup routines time taken: $(echo ${backup_total_time} | awk '{printf "Hours: %d Minutes: %02d Seconds: %02d", $1/3600, ($1/60)%60, $1%60}')" + + ### Zabbix + if var_true "${CONTAINER_ENABLE_MONITORING}"; then print_notice "Sending Backup Statistics to Zabbix" - silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k dbbackup.size -o $(stat -c%s "${BACKUP_PATH}"/"${target}") - silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k dbbackup.datetime -o $(date -r "${BACKUP_PATH}"/"${target}" +'%s') + silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k openldap.backup.size -o "$(stat -c%s "${BACKUP_PATH}"/"${target}")" + silent zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -k openldap.backup.datetime -o "$(date -r "${BACKUP_PATH}"/"${target}" +'%s')" fi -### Automatic Cleanup - if [[ -n "$BACKUP_RETENTION" ]]; then + ### Automatic Cleanup + if [[ -n "${BACKUP_RETENTION}" ]]; then print_notice "Cleaning up old backups" - find "$BACKUP_PATH"/ -mmin +"$BACKUP_RETENTION" -iname "*" -exec rm {} \; + find "${BACKUP_PATH}"/ -mmin +"${BACKUP_RETENTION}" -iname "*" -exec rm {} \; fi - if [ -n "$POST_SCRIPT" ] ; then + ### Post Backup Custom Script Support + if [ -n "${POST_SCRIPT}" ]; then print_notice "Found POST_SCRIPT environment variable. Executing" eval "${POST_SCRIPT}" fi -### Post Backup Custom Script Support - if [ -d /assets/custom-backup-scripts/ ] ; then - print_notice "Found Custom Scripts to Execute" - for f in $(find /assets/custom-backup-scripts/ -name \*.sh -type f); do - print_notice "Running Script ${f}" - ## script DATE TIME BACKUP_FILENAME FILESIZE MD5_VALUE - ${f} "${now_date}" "${now_time}" "${target}" "${FILESIZE}" "${MD5VALUE}" - done + if [ -d /assets/custom-backup-scripts/ ]; then + print_notice "Found Custom Scripts to Execute" + for f in $(find /assets/custom-backup-scripts/ -name \*.sh -type f); do + print_notice "Running Script ${f}" + ## script DATE TIME BACKUP_FILENAME FILESIZE CHECKSUM VALUE + ${f} "${now_date}" "${now_time}" "${target}" "${FILESIZE}" ${checksum_value} + done fi ### Go back to Sleep until next Backup time - if var_true $MANUAL ; then - exit 0; + if var_true "${manual}"; then + print_debug "Exiting due to manual mode" + exit ${master_exit_code} else - sleep $(($BACKUP_INTERVAL*60)) + print_notice "Sleeping for another $(($BACKUP_INTERVAL * 60 - backup_total_time)) seconds. Waking up at $(date -d@"$(($(date +%s) + $(($BACKUP_INTERVAL * 60 - backup_total_time))))" +"%Y-%m-%d %T %Z") " + sleep $(($BACKUP_INTERVAL * 60 - backup_total_time)) fi - - done -fi +done diff --git a/zabbix_templates/app-openldap_backup.json b/zabbix_templates/app-openldap_backup.json new file mode 100644 index 0000000..ddffbc7 --- /dev/null +++ b/zabbix_templates/app-openldap_backup.json @@ -0,0 +1,218 @@ +{ + "zabbix_export": { + "version": "6.2", + "date": "2023-03-30T18:32:26Z", + "template_groups": [ + { + "uuid": "fa56524b5dbb4ec09d9777a6f7ccfbe4", + "name": "DB/Backup" + }, + { + "uuid": "748ad4d098d447d492bb935c907f652f", + "name": "Templates/Databases" + } + ], + "templates": [ + { + "uuid": "b91f579b2d02424981425412d257ffd5", + "template": "OpenLDAP Backup", + "name": "OpenLDAP Backup", + "description": "Template for OpenLDAP Backup\n\nMeant for use specifically with https://github.com/tiredofit/docker-openldap", + "groups": [ + { + "name": "DB/Backup" + }, + { + "name": "Templates/Databases" + } + ], + "items": [ + { + "uuid": "1d185ba7eb684da0b5d24513abfe749f", + "name": "OpenLDAP Backup: Backup Size", + "type": "TRAP", + "key": "dbbackup.size", + "delay": "0", + "history": "7d", + "units": "B", + "request_method": "POST", + "tags": [ + { + "tag": "Application", + "value": "OpenLDAP Backup" + } + ], + "triggers": [ + { + "uuid": "3955db038ca2409693f7149be8710e4a", + "expression": "last(/OpenLDAP Backup/dbbackup.size)/last(/OpenLDAP Backup/dbbackup.size,#2)>1.2", + "name": "OpenLDAP Backup: 20% Greater in Size", + "priority": "WARNING", + "manual_close": "YES" + }, + { + "uuid": "f31f4eac5dfd486aaf87300fcad746a3", + "expression": "last(/OpenLDAP Backup/dbbackup.size)/last(/OpenLDAP Backup/dbbackup.size,#2)<0.2", + "name": "OpenLDAP Backup: 20% Smaller in Size", + "priority": "WARNING", + "manual_close": "YES" + }, + { + "uuid": "7a82cf37d0f2488a8d0596104a90b0db", + "expression": "last(/OpenLDAP Backup/dbbackup.size)<1K", + "name": "OpenLDAP Backup: empty", + "priority": "HIGH" + } + ] + }, + { + "uuid": "9a788c5f12414f69a45e87d41ece732b", + "name": "OpenLDAP Backup: Backup Duration", + "type": "TRAP", + "key": "openldap.backup.backup_duration", + "delay": "0", + "history": "7d", + "units": "uptime", + "description": "How long the backup took", + "tags": [ + { + "tag": "Application", + "value": "OpenLDAP Backup" + } + ] + }, + { + "uuid": "5e8727e6cc5e4e5d90765d2b0636a881", + "name": "OpenLDAP Backup: Backup Time", + "type": "TRAP", + "key": "openldap.backup.datetime", + "delay": "0", + "history": "7d", + "units": "unixtime", + "request_method": "POST", + "tags": [ + { + "tag": "Application", + "value": "OpenLDAP Backup" + } + ], + "triggers": [ + { + "uuid": "febb127a42d44ece975fe8c3c942e174", + "expression": "nodata(/OpenLDAP Backup/openldap.backup.datetime,2d)=1", + "name": "OpenLDAP Backup: No backups detected in 2 days", + "priority": "DISASTER", + "manual_close": "YES" + }, + { + "uuid": "4df7ad82b2884d60b1c99b7cb99b7f35", + "expression": "fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,172800s)=0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,259200s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,345600s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,432800s)<>0", + "name": "OpenLDAP Backup: No Backups occurred in 2 days", + "priority": "AVERAGE" + }, + { + "uuid": "cb9eeb35b9a64ac2a6eca1602a1abd28", + "expression": "fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,172800s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,259200s)=0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,345600s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,432800s)<>0", + "name": "OpenLDAP Backup: No Backups occurred in 3 days", + "priority": "AVERAGE" + }, + { + "uuid": "3fc9786a491c45398d3918feb0bc1079", + "expression": "fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,172800s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,259200s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,345600s)=0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,432800s)<>0", + "name": "OpenLDAP Backup: No Backups occurred in 4 days", + "priority": "AVERAGE" + }, + { + "uuid": "b4dcc109d512408c83f8b67904d47e96", + "expression": "fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,172800s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,259200s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,345600s)<>0 and fuzzytime(/OpenLDAP Backup/openldap.backup.datetime,432800s)=0", + "name": "OpenLDAP Backup: No Backups occurred in 5 days or more", + "priority": "HIGH" + } + ] + }, + { + "uuid": "a17a4927f0ad4471ae6b040a31570583", + "name": "OpenLDAP Backup: Last Backup Status", + "type": "TRAP", + "key": "openldap.backup.status", + "delay": "0", + "history": "7d", + "description": "Maps Exit Codes received by backup applications", + "tags": [ + { + "tag": "Application", + "value": "OpenLDAP Backup" + } + ], + "triggers": [ + { + "uuid": "ecd3f445189d4c7d900f1e9d8ed73d83", + "expression": "last(/OpenLDAP Backup/openldap.backup.status)=1", + "name": "OpenLDAP Backup: Failed Backup Detected", + "priority": "HIGH", + "manual_close": "YES" + } + ] + } + ], + "tags": [ + { + "tag": "Service", + "value": "Backup" + }, + { + "tag": "Service", + "value": "Database" + } + ], + "valuemaps": [ + { + "uuid": "15430865d6ed400cbed054efed687225", + "name": "OpenLDAP Backup Status", + "mappings": [ + { + "value": "0", + "newvalue": "OK" + }, + { + "type": "GREATER_OR_EQUAL", + "value": "1", + "newvalue": "FAIL" + } + ] + } + ] + } + ], + "graphs": [ + { + "uuid": "5ff167e7d1964e02842868988a6b8892", + "name": "OpenLDAP Backup: Backup Duration", + "graph_items": [ + { + "color": "199C0D", + "item": { + "host": "OpenLDAP Backup", + "key": "openldap.backup.backup_duration" + } + } + ] + }, + { + "uuid": "b9830cb151334f7081ee90182051dc34", + "name": "OpenLDAP Backup: Backup Size", + "type": "STACKED", + "graph_items": [ + { + "sortorder": "1", + "color": "1A7C11", + "item": { + "host": "OpenLDAP Backup", + "key": "dbbackup.size" + } + } + ] + } + ] + } +} \ No newline at end of file