Coornhert
c481ebf9e7
- Forgejo + Redis Docker stack (wetgit-forgejo role) - FastAPI + Celery systemd services (wetgit-app role) - Nginx vhosts voor git.wetgit.nl en api.wetgit.nl (wetgit-nginx role) - SSL via Let's Encrypt (certbot webroot) - Backup script (forgejo dump, geen downtime) - Codeberg mirror script - Cron jobs voor backup/mirror/log cleanup - Ansible vault voor secrets (encrypted) Geïsoleerd van dt-platform: eigen poorten, users, directories.
37 lines
1.2 KiB
Django/Jinja
37 lines
1.2 KiB
Django/Jinja
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# WetGIT Forgejo backup — managed by Ansible
|
|
# Uses Forgejo's built-in dump command (no downtime).
|
|
|
|
BACKUP_DIR="{{ app_dir }}/backups"
|
|
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
|
|
RETENTION_DAYS=14
|
|
LOG_PREFIX="[$(date '+%Y-%m-%d %H:%M:%S')]"
|
|
|
|
echo "$LOG_PREFIX Starting WetGit backup..."
|
|
|
|
# Forgejo dump (runs inside container, no service stop needed)
|
|
docker exec wetgit-forgejo forgejo dump \
|
|
--type tar.gz \
|
|
--file /data/backup-${TIMESTAMP}.tar.gz \
|
|
2>&1 || {
|
|
echo "$LOG_PREFIX ERROR: Forgejo dump failed"
|
|
exit 1
|
|
}
|
|
|
|
# Move dump from container volume to backup dir
|
|
mv "{{ forgejo_data_dir }}/backup-${TIMESTAMP}.tar.gz" \
|
|
"$BACKUP_DIR/wetgit-forgejo-${TIMESTAMP}.tar.gz"
|
|
|
|
# Also backup Redis AOF
|
|
docker exec wetgit-redis redis-cli BGSAVE 2>/dev/null || true
|
|
sleep 2
|
|
cp "{{ data_dir }}/redis/dump.rdb" \
|
|
"$BACKUP_DIR/wetgit-redis-${TIMESTAMP}.rdb" 2>/dev/null || true
|
|
|
|
# Clean old backups
|
|
find "$BACKUP_DIR" -name "wetgit-forgejo-*.tar.gz" -mtime +${RETENTION_DAYS} -delete
|
|
find "$BACKUP_DIR" -name "wetgit-redis-*.rdb" -mtime +${RETENTION_DAYS} -delete
|
|
|
|
echo "$LOG_PREFIX Backup complete: wetgit-forgejo-${TIMESTAMP}.tar.gz"
|