Strona główna Odkrywaj Pomoc
Zaloguj się
mirrors
/
mailcow-dockerized
kopia lustrzana https://github.com/mailcow/mailcow-dockerized
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: 4a91fdf134
Gałęzie Tagi
mailcow-dockeri...
/
helper-scripts
/
_cold-standby.sh

_cold-standby.sh 7.9 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251 
  1. #!/usr/bin/env bash
    2. 

  2. 

  3. PATH=$PATH:/opt/bin
    4. 

  4. DATE=$(date +%Y-%m-%d_%H_%M_%S)
    5. 

  5. export LC_ALL=C
    6. 

  6. 

  7. echo
    8. 

  8. echo "If this script is run automatically by cron or a timer AND you are using block-level snapshots on your backup destination, make sure both do not run at the same time."
    9. 

  9. echo "The snapshots of your backup destination should run AFTER the cold standby script finished to ensure consistent snapshots."
    10. 

  10. echo
    11. 

  11. 

  12. function docker_garbage() {
    13. 

  13.   IMGS_TO_DELETE=()
    14. 

  14. 

  15.   for container in $(grep -oP "image: \Kmailcow.+" docker-compose.yml); do
    16. 

  16. 

  17.     REPOSITORY=${container/:*}
    18. 

  18.     TAG=${container/*:}
    19. 

  19.     V_MAIN=${container/*.}
    20. 

  20.     V_SUB=${container/*.}
    21. 

  21.     EXISTING_TAGS=$(docker images | grep ${REPOSITORY} | awk '{ print $2 }')
    22. 

  22. 

  23.     for existing_tag in ${EXISTING_TAGS[@]}; do
    24. 

  24. 

  25.       V_MAIN_EXISTING=${existing_tag/*.}
    26. 

  26.       V_SUB_EXISTING=${existing_tag/*.}
    27. 

  27. 

  28.       # Not an integer
    29. 

  29.       [[ ! $V_MAIN_EXISTING =~ ^[0-9]+$ ]] && continue
    30. 

  30.       [[ ! $V_SUB_EXISTING =~ ^[0-9]+$ ]] && continue
    31. 

  31. 

  32.       if [[ $V_MAIN_EXISTING == "latest" ]]; then
    33. 

  33.         echo "Found deprecated label \"latest\" for repository $REPOSITORY, it should be deleted."
    34. 

  34.         IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
    35. 

  35.       elif [[ $V_MAIN_EXISTING -lt $V_MAIN ]]; then
    36. 

  36.         echo "Found tag $existing_tag for $REPOSITORY, which is older than the current tag $TAG and should be deleted."
    37. 

  37.         IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
    38. 

  38.       elif [[ $V_SUB_EXISTING -lt $V_SUB ]]; then
    39. 

  39.         echo "Found tag $existing_tag for $REPOSITORY, which is older than the current tag $TAG and should be deleted."
    40. 

  40.         IMGS_TO_DELETE+=($REPOSITORY:$existing_tag)
    41. 

  41.       fi
    42. 

  42. 

  43.     done
    44. 

  44. 

  45.   done
    46. 

  46. 

  47.   if [[ ! -z ${IMGS_TO_DELETE[*]} ]]; then
    48. 

  48.     docker rmi ${IMGS_TO_DELETE[*]}
    49. 

  49.   fi
    50. 

  50. }
    51. 

  51. 

  52. function preflight_local_checks() {
    53. 

  53.   if [[ -z "${REMOTE_SSH_KEY}" ]]; then
    54. 

  54.     echo -e "\e[31mREMOTE_SSH_KEY is not set\e[0m"
    55. 

  55.     exit 1
    56. 

  56.   fi
    57. 

  57. 

  58.   if [[ ! -s "${REMOTE_SSH_KEY}" ]]; then
    59. 

  59.     echo -e "\e[31mKeyfile ${REMOTE_SSH_KEY} is empty\e[0m"
    60. 

  60.     exit 1
    61. 

  61.   fi
    62. 

  62. 

  63.   if [[ $(stat -c "%a" "${REMOTE_SSH_KEY}") -ne 600 ]]; then
    64. 

  64.     echo -e "\e[31mKeyfile ${REMOTE_SSH_KEY} has insecure permissions\e[0m"
    65. 

  65.     exit 1
    66. 

  66.   fi
    67. 

  67. 

  68.   if [[ ! -z "${REMOTE_SSH_PORT}" ]]; then
    69. 

  69.     if [[ ${REMOTE_SSH_PORT} != ?(-)+([0-9]) ]] || [[ ${REMOTE_SSH_PORT} -gt 65535 ]]; then
    70. 

  70.       echo -e "\e[31mREMOTE_SSH_PORT is set but not an integer < 65535\e[0m"
    71. 

  71.       exit 1
    72. 

  72.     fi
    73. 

  73.   fi
    74. 

  74. 

  75.   if [[ -z "${REMOTE_SSH_HOST}" ]]; then
    76. 

  76.     echo -e "\e[31mREMOTE_SSH_HOST cannot be empty\e[0m"
    77. 

  77.     exit 1
    78. 

  78.   fi
    79. 

  79. 

  80.   for bin in rsync docker-compose docker grep cut; do
    81. 

  81.     if [[ -z $(which ${bin}) ]]; then
    82. 

  82.       echo -e "\e[31mCannot find ${bin} in local PATH, exiting...\e[0m"
    83. 

  83.       exit 1
    84. 

  84.     fi
    85. 

  85.   done
    86. 

  86. 

  87.   if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then
    88. 

  88.     echo -e "\e[31mBusyBox grep detected on local system, please install GNU grep\e[0m"
    89. 

  89.     exit 1
    90. 

  90.   fi
    91. 

  91. }
    92. 

  92. 

  93. function preflight_remote_checks() {
    94. 

  94. 

  95.   ssh -o StrictHostKeyChecking=no \
    96. 

  96.     -i "${REMOTE_SSH_KEY}" \
    97. 

  97.     ${REMOTE_SSH_HOST} \
    98. 

  98.     -p ${REMOTE_SSH_PORT} \
    99. 

  99.     rsync -V > /dev/null
    100. 

  100. 

  101.   if [ $? -ne 0 ]; then
    102. 

  102.     echo -e "\e[31mCould not verify connection to ${REMOTE_SSH_HOST}\e[0m"
    103. 

  103.     echo -e "\e[31mPlease check the output above (is rsync >= 3.1.0 installed on the remote system?)\e[0m"
    104. 

  104.     exit 1
    105. 

  105.   fi
    106. 

  106. 

  107.   if ssh -o StrictHostKeyChecking=no \
    108. 

  108.     -i "${REMOTE_SSH_KEY}" \
    109. 

  109.     ${REMOTE_SSH_HOST} \
    110. 

  110.     -p ${REMOTE_SSH_PORT} \
    111. 

  111.     grep --help 2>&1 | head -n 1 | grep -q -i "busybox" ; then
    112. 

  112.       echo -e "\e[31mBusyBox grep detected on remote system ${REMOTE_SSH_HOST}, please install GNU grep\e[0m"
    113. 

  113.       exit 1
    114. 

  114.   fi
    115. 

  115. 

  116.   for bin in rsync docker-compose docker; do
    117. 

  117.     if ! ssh -o StrictHostKeyChecking=no \
    118. 

  118.       -i "${REMOTE_SSH_KEY}" \
    119. 

  119.       ${REMOTE_SSH_HOST} \
    120. 

  120.       -p ${REMOTE_SSH_PORT} \
    121. 

  121.       which ${bin} > /dev/null ; then
    122. 

  122.         echo -e "\e[31mCannot find ${bin} in remote PATH, exiting...\e[0m"
    123. 

  123.         exit 1
    124. 

  124.     fi
    125. 

  125.   done
    126. 

  126. 

  127. }
    128. 

  128. 

  129. preflight_local_checks
    130. 

  130. preflight_remote_checks
    131. 

  131. 

  132. SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
    133. 

  133. COMPOSE_FILE="${SCRIPT_DIR}/../docker-compose.yml"
    134. 

  134. source "${SCRIPT_DIR}/../mailcow.conf"
    135. 

  135. CMPS_PRJ=$(echo $COMPOSE_PROJECT_NAME | tr -cd "[A-Za-z-_]")
    136. 

  136. SQLIMAGE=$(grep -iEo '(mysql|mariadb)\:.+' "${COMPOSE_FILE}")
    137. 

  137. 

  138. echo
    139. 

  139. echo -e "\033[1mFound compose project name ${CMPS_PRJ} for ${MAILCOW_HOSTNAME}\033[0m"
    140. 

  140. echo -e "\033[1mFound SQL ${SQLIMAGE}\033[0m"
    141. 

  141. echo
    142. 

  142. 

  143. # Make sure destination exists, rsync can fail under some circumstances
    144. 

  144. echo -e "\033[1mPreparing remote...\033[0m"
    145. 

  145. ssh -o StrictHostKeyChecking=no \
    146. 

  146.   -i "${REMOTE_SSH_KEY}" \
    147. 

  147.   ${REMOTE_SSH_HOST} \
    148. 

  148.   -p ${REMOTE_SSH_PORT} \
    149. 

  149.   mkdir -p "${SCRIPT_DIR}/../"
    150. 

  150. 

  151. # Syncing the mailcow base directory
    152. 

  152. echo -e "\033[1mSynchronizing mailcow base directory...\033[0m"
    153. 

  153. rsync --delete -aH -e "ssh -o StrictHostKeyChecking=no \
    154. 

  154.   -i \"${REMOTE_SSH_KEY}\" \
    155. 

  155.   -p ${REMOTE_SSH_PORT}" \
    156. 

  156.   "${SCRIPT_DIR}/../" root@${REMOTE_SSH_HOST}:"${SCRIPT_DIR}/../"
    157. 

  157. 

  158. # Trigger a Redis save for a consistent Redis copy
    159. 

  159. echo -ne "\033[1mRunning redis-cli save... \033[0m"
    160. 

  160. docker exec $(docker ps -qf name=redis-mailcow) redis-cli save
    161. 

  161. 

  162. # Syncing volumes related to compose project
    163. 

  163. # Same here: make sure destination exists
    164. 

  164. for vol in $(docker volume ls -qf name="${CMPS_PRJ}"); do
    165. 

  165. 

  166.   mountpoint="$(docker inspect $vol | grep Mountpoint | cut -d '"' -f4)"
    167. 

  167. 

  168.   echo -e "\033[1mCreating remote mountpoint ${mountpoint} for ${vol}...\033[0m"
    169. 

  169. 

  170.   ssh -o StrictHostKeyChecking=no \
    171. 

  171.     -i "${REMOTE_SSH_KEY}" \
    172. 

  172.     ${REMOTE_SSH_HOST} \
    173. 

  173.     -p ${REMOTE_SSH_PORT} \
    174. 

  174.     mkdir -p "${mountpoint}"
    175. 

  175. 

  176.   if [[ "${vol}" =~ "mysql-vol-1" ]]; then
    177. 

  177. 

  178.     # Make sure a previous backup does not exist
    179. 

  179.     rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    180. 

  180. 

  181.     echo -e "\033[1mCreating consistent backup for MariaDB volume...\033[0m"
    182. 

  182.     if ! docker run --rm \
    183. 

  183.       --network $(docker network ls -qf name=${CMPS_PRJ}_) \
    184. 

  184.       -v $(docker volume ls -qf name=${CMPS_PRJ}_mysql-vol-1):/var/lib/mysql/:ro \
    185. 

  185.       --entrypoint= \
    186. 

  186.       -v "${SCRIPT_DIR}/../_tmp_mariabackup":/backup \
    187. 

  187.       ${SQLIMAGE} mariabackup --host mysql --user root --password ${DBROOT} --backup --target-dir=/backup 2>/dev/null ; then
    188. 

  188.         echo -e "\e[31mFATAL: mariabackup failed, exiting\e[0m"
    189. 

  189.         rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    190. 

  190.         exit 1
    191. 

  191.     fi
    192. 

  192. 

  193.     if ! docker run --rm \
    194. 

  194.       --network $(docker network ls -qf name=${CMPS_PRJ}_) \
    195. 

  195.       --entrypoint= \
    196. 

  196.       -v "${SCRIPT_DIR}/../_tmp_mariabackup":/backup \
    197. 

  197.       ${SQLIMAGE} mariabackup --prepare --target-dir=/backup 2> /dev/null ; then
    198. 

  198.         echo -e "\e[31mFATAL: mariabackup failed, exiting\e[0m"
    199. 

  199.         rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    200. 

  200.         exit 1
    201. 

  201.     fi
    202. 

  202. 

  203.     chown -R 999:999 "${SCRIPT_DIR}/../_tmp_mariabackup"
    204. 

  204. 

  205.     echo -e "\033[1mSynchronizing MariaDB backup...\033[0m"
    206. 

  206.     rsync --delete --info=progress2 -aH -e "ssh -o StrictHostKeyChecking=no \
    207. 

  207.       -i \"${REMOTE_SSH_KEY}\" \
    208. 

  208.       -p ${REMOTE_SSH_PORT}" \
    209. 

  209.       "${SCRIPT_DIR}/../_tmp_mariabackup/" root@${REMOTE_SSH_HOST}:"${mountpoint}"
    210. 

  210. 

  211.     # Cleanup
    212. 

  212.     rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    213. 

  213. 

  214.   else
    215. 

  215. 

  216.     echo -e "\033[1mSynchronizing ${vol} from local ${mountpoint}...\033[0m"
    217. 

  217.     rsync --delete --info=progress2 -aH -e "ssh -o StrictHostKeyChecking=no \
    218. 

  218.       -i \"${REMOTE_SSH_KEY}\" \
    219. 

  219.       -p ${REMOTE_SSH_PORT}" \
    220. 

  220.       "${mountpoint}/" root@${REMOTE_SSH_HOST}:"${mountpoint}"
    221. 

  221. 

  222.   fi
    223. 

  223. 

  224.   echo -e "\e[32mCompleted\e[0m"
    225. 

  225. 

  226. done
    227. 

  227. 

  228. # Restart Dockerd on destination
    229. 

  229. echo -ne "\033[1mRestarting Docker daemon on remote to detect new volumes... \033[0m"
    230. 

  230. ssh -o StrictHostKeyChecking=no \
    231. 

  231.   -i "${REMOTE_SSH_KEY}" \
    232. 

  232.   ${REMOTE_SSH_HOST} \
    233. 

  233.   -p ${REMOTE_SSH_PORT} \
    234. 

  234.   systemctl restart docker
    235. 

  235. echo "OK"
    236. 

  236. 

  237. echo -e "\033[1mPulling images on remote...\033[0m"
    238. 

  238. ssh -o StrictHostKeyChecking=no \
    239. 

  239.   -i "${REMOTE_SSH_KEY}" \
    240. 

  240.   ${REMOTE_SSH_HOST} \
    241. 

  241.   -p ${REMOTE_SSH_PORT} \
    242. 

  242.   docker-compose -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel
    243. 

  243. 

  244. echo -e "\033[1mForcing garbage cleanup on remote...\033[0m"
    245. 

  245. ssh -o StrictHostKeyChecking=no \
    246. 

  246.   -i "${REMOTE_SSH_KEY}" \
    247. 

  247.   ${REMOTE_SSH_HOST} \
    248. 

  248.   -p ${REMOTE_SSH_PORT} \
    249. 

  249.   ${SCRIPT_DIR}/../update.sh -f --gc
    250. 

  250. 

  251. echo -e "\e[32mDone\e[0m"
    252.