PostgreSQL Backup & Encryption Docker Container
This Docker container is designed to perform backups of a PostgreSQL database, encrypt the backup, and optionally upload it to an S3 bucket. The backup is either saved locally or streamed directly to S3, based on the configuration.
Features
- Performs
pg_dump
to create a backup of the PostgreSQL database. - Compresses and encrypts the backup using AES-256 encryption.
- Supports streaming backups directly to an S3 bucket.
- Configurable via environment variables.
Environment Variables
The script requires several environment variables to run properly. These can be set in your docker run
command or in a .env
file.
Required Environment Variables:
-
POSTGRES_VERSION
: The version of PostgreSQL (16
or17
). -
POSTGRES_HOST
: The hostname or IP address of the PostgreSQL server. -
POSTGRES_USERNAME
: The username to connect to the PostgreSQL database. -
POSTGRES_PASSWORD
: The password for the PostgreSQL user. -
POSTGRES_DATABASE
: The name of the database to back up. -
ENCRYPTION_PASSWORD
: The password used for AES-256 encryption. -
TARGET_FOLDER
: The target location for the backup (local
ors3
).
TARGET_FOLDER
is set to s3
):
Optional S3-related Environment Variables (if -
S3_ENDPOINT
: The S3 endpoint (e.g.,https://s3.amazonaws.com
). -
S3_BUCKET
: The name of the S3 bucket. -
S3_ACCESS_KEY
: The access key for S3. -
S3_ACCESS_SECRET
: The secret key for S3. -
S3_PATH
: The path inside the S3 bucket where the backup will be stored (e.g.,backups/postgres
). -
S3_REGION
: The region of the S3 bucket (e.g.,us-west-2
). Defaults tous-east-1
. -
S3_USE_PATH_STYLE
: Set totrue
to use path-style access with S3-compatible services. Defaults tofalse
.
Example Usage
Running the Container with Local Backup
docker run --rm \
-e POSTGRES_VERSION=17 \
-e POSTGRES_HOST="your-postgres-host" \
-e POSTGRES_USERNAME="your-postgres-username" \
-e POSTGRES_PASSWORD="your-postgres-password" \
-e POSTGRES_DATABASE="your-database-name" \
-e ENCRYPTION_PASSWORD="your-encryption-password" \
-e TARGET_FOLDER="local" \
-v /path/to/local/backups:/backups \
jonasled.dev/infra/images/postgres-backup:latest
Running the Container with S3 Backup
docker run --rm
-e POSTGRES_VERSION=17
-e POSTGRES_HOST="your-postgres-host"
-e POSTGRES_USERNAME="your-postgres-username"
-e POSTGRES_PASSWORD="your-postgres-password"
-e POSTGRES_DATABASE="your-database-name"
-e ENCRYPTION_PASSWORD="your-encryption-password"
-e TARGET_FOLDER="s3"
-e S3_ENDPOINT="https://s3.amazonaws.com"
-e S3_BUCKET="your-s3-bucket-name"
-e S3_ACCESS_KEY="your-s3-access-key"
-e S3_ACCESS_SECRET="your-s3-access-secret"
-e S3_PATH="backups/postgres"
-e S3_REGION="us-west-2"
-e S3_USE_PATH_STYLE="true"
jonasled.dev/infra/images/postgres-backup:latest