Skip to content
Snippets Groups Projects
Normal view Permalink
Readme.md 2.93 KiB
Newer Older
  • Learn to ignore specific revisions
    • Jonas Leder's avatar
    add readme
    Jonas Leder committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 
    # PostgreSQL Backup & Encryption Docker Container

This Docker container is designed to perform backups of a PostgreSQL database, encrypt the backup, and optionally upload it to an S3 bucket. The backup is either saved locally or streamed directly to S3, based on the configuration.

## Features

- Performs `pg_dump` to create a backup of the PostgreSQL database.
- Compresses and encrypts the backup using AES-256 encryption.
- Supports streaming backups directly to an S3 bucket.
- Configurable via environment variables.

## Environment Variables

The script requires several environment variables to run properly. These can be set in your `docker run` command or in a `.env` file.

### Required Environment Variables:

- **`POSTGRES_VERSION`**: The version of PostgreSQL (`16` or `17`).
- **`POSTGRES_HOST`**: The hostname or IP address of the PostgreSQL server.
- **`POSTGRES_USERNAME`**: The username to connect to the PostgreSQL database.
- **`POSTGRES_PASSWORD`**: The password for the PostgreSQL user.
- **`POSTGRES_DATABASE`**: The name of the database to back up.
- **`ENCRYPTION_PASSWORD`**: The password used for AES-256 encryption.
- **`TARGET_FOLDER`**: The target location for the backup (`local` or `s3`).

### Optional S3-related Environment Variables (if `TARGET_FOLDER` is set to `s3`):

- **`S3_ENDPOINT`**: The S3 endpoint (e.g., `https://s3.amazonaws.com`).
- **`S3_BUCKET`**: The name of the S3 bucket.
- **`S3_ACCESS_KEY`**: The access key for S3.
- **`S3_ACCESS_SECRET`**: The secret key for S3.
- **`S3_PATH`**: The path inside the S3 bucket where the backup will be stored (e.g., `backups/postgres`).
- **`S3_REGION`**: The region of the S3 bucket (e.g., `us-west-2`). Defaults to `us-east-1`.
- **`S3_USE_PATH_STYLE`**: Set to `true` to use path-style access with S3-compatible services. Defaults to `false`.

## Example Usage

### Running the Container with Local Backup

```bash
docker run --rm \
  -e POSTGRES_VERSION=17 \
  -e POSTGRES_HOST="your-postgres-host" \
  -e POSTGRES_USERNAME="your-postgres-username" \
  -e POSTGRES_PASSWORD="your-postgres-password" \
  -e POSTGRES_DATABASE="your-database-name" \
  -e ENCRYPTION_PASSWORD="your-encryption-password" \
  -e TARGET_FOLDER="local" \
  -v /path/to/local/backups:/backups \
    Jonas Leder's avatar
    set correct image name  
    Jonas Leder committed
    50 
      jonasled.dev/infra/images/postgres-backup:latest
    Jonas Leder's avatar
    add readme
    Jonas Leder committed
    51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 
    ```

### Running the Container with S3 Backup

docker run --rm \
  -e POSTGRES_VERSION=17 \
  -e POSTGRES_HOST="your-postgres-host" \
  -e POSTGRES_USERNAME="your-postgres-username" \
  -e POSTGRES_PASSWORD="your-postgres-password" \
  -e POSTGRES_DATABASE="your-database-name" \
  -e ENCRYPTION_PASSWORD="your-encryption-password" \
  -e TARGET_FOLDER="s3" \
  -e S3_ENDPOINT="https://s3.amazonaws.com" \
  -e S3_BUCKET="your-s3-bucket-name" \
  -e S3_ACCESS_KEY="your-s3-access-key" \
  -e S3_ACCESS_SECRET="your-s3-access-secret" \
  -e S3_PATH="backups/postgres" \
  -e S3_REGION="us-west-2" \
  -e S3_USE_PATH_STYLE="true" \
    Jonas Leder's avatar
    set correct image name  
    Jonas Leder committed
    70 
      jonasled.dev/infra/images/postgres-backup:latest