Startsida Utforska Hjälp
Logga in
mirrors
/
mailcow-dockerized
spegling av https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Filer Ärenden 0 Wiki
Träd: 74baf20feb
Grenar Taggar
mailcow-dockeri...
/
helper-scripts
/
_cold-standby.sh

_cold-standby.sh 11 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317 
  1. #!/usr/bin/env bash
    2. 

  2. 

  3. PATH=${PATH}:/opt/bin
    4. 

  4. DATE=$(date +%Y-%m-%d_%H_%M_%S)
    5. 

  5. export LC_ALL=C
    6. 

  6. 

  7. echo
    8. 

  8. echo "If this script is run automatically by cron or a timer AND you are using block-level snapshots on your backup destination, make sure both do not run at the same time."
    9. 

  9. echo "The snapshots of your backup destination should run AFTER the cold standby script finished to ensure consistent snapshots."
    10. 

  10. echo
    11. 

  11. 

  12. function docker_garbage() {
    13. 

  13.   IMGS_TO_DELETE=()
    14. 

  14. 

  15.   for container in $(grep -oP "image: \Kmailcow.+" docker-compose.yml); do
    16. 

  16. 

  17.     REPOSITORY=${container/:*}
    18. 

  18.     TAG=${container/*:}
    19. 

  19.     V_MAIN=${container/*.}
    20. 

  20.     V_SUB=${container/*.}
    21. 

  21.     EXISTING_TAGS=$(docker images | grep ${REPOSITORY} | awk '{ print $2 }')
    22. 

  22. 

  23.     for existing_tag in ${EXISTING_TAGS[@]}; do
    24. 

  24. 

  25.       V_MAIN_EXISTING=${existing_tag/*.}
    26. 

  26.       V_SUB_EXISTING=${existing_tag/*.}
    27. 

  27. 

  28.       # Not an integer
    29. 

  29.       [[ ! ${V_MAIN_EXISTING} =~ ^[0-9]+$ ]] && continue
    30. 

  30.       [[ ! ${V_SUB_EXISTING} =~ ^[0-9]+$ ]] && continue
    31. 

  31. 

  32.       if [[ ${V_MAIN_EXISTING} == "latest" ]]; then
    33. 

  33.         echo "Found deprecated label \"latest\" for repository ${REPOSITORY}, it should be deleted."
    34. 

  34.         IMGS_TO_DELETE+=(${REPOSITORY}:${existing_tag})
    35. 

  35.       elif [[ ${V_MAIN_EXISTING} -lt ${V_MAIN} ]]; then
    36. 

  36.         echo "Found tag ${existing_tag} for ${REPOSITORY}, which is older than the current tag ${TAG} and should be deleted."
    37. 

  37.         IMGS_TO_DELETE+=(${REPOSITORY}:${existing_tag})
    38. 

  38.       elif [[ ${V_SUB_EXISTING} -lt ${V_SUB} ]]; then
    39. 

  39.         echo "Found tag ${existing_tag} for ${REPOSITORY}, which is older than the current tag ${TAG} and should be deleted."
    40. 

  40.         IMGS_TO_DELETE+=(${REPOSITORY}:${existing_tag})
    41. 

  41.       fi
    42. 

  42. 

  43.     done
    44. 

  44. 

  45.   done
    46. 

  46. 

  47.   if [[ ! -z ${IMGS_TO_DELETE[*]} ]]; then
    48. 

  48.     docker rmi ${IMGS_TO_DELETE[*]}
    49. 

  49.   fi
    50. 

  50. }
    51. 

  51. 

  52. function preflight_local_checks() {
    53. 

  53.   if [[ -z "${REMOTE_SSH_KEY}" ]]; then
    54. 

  54.     >&2 echo -e "\e[31mREMOTE_SSH_KEY is not set\e[0m"
    55. 

  55.     exit 1
    56. 

  56.   fi
    57. 

  57. 

  58.   if [[ ! -s "${REMOTE_SSH_KEY}" ]]; then
    59. 

  59.     >&2 echo -e "\e[31mKeyfile ${REMOTE_SSH_KEY} is empty\e[0m"
    60. 

  60.     exit 1
    61. 

  61.   fi
    62. 

  62. 

  63.   if [[ $(stat -c "%a" "${REMOTE_SSH_KEY}") -ne 600 ]]; then
    64. 

  64.     >&2 echo -e "\e[31mKeyfile ${REMOTE_SSH_KEY} has insecure permissions\e[0m"
    65. 

  65.     exit 1
    66. 

  66.   fi
    67. 

  67. 

  68.   if [[ ! -z "${REMOTE_SSH_PORT}" ]]; then
    69. 

  69.     if [[ ${REMOTE_SSH_PORT} != ?(-)+([0-9]) ]] || [[ ${REMOTE_SSH_PORT} -gt 65535 ]]; then
    70. 

  70.       >&2 echo -e "\e[31mREMOTE_SSH_PORT is set but not an integer < 65535\e[0m"
    71. 

  71.       exit 1
    72. 

  72.     fi
    73. 

  73.   fi
    74. 

  74. 

  75.   if [[ -z "${REMOTE_SSH_HOST}" ]]; then
    76. 

  76.     >&2 echo -e "\e[31mREMOTE_SSH_HOST cannot be empty\e[0m"
    77. 

  77.     exit 1
    78. 

  78.   fi
    79. 

  79. 

  80.   for bin in rsync docker grep cut; do
    81. 

  81.     if [[ -z $(which ${bin}) ]]; then
    82. 

  82.       >&2 echo -e "\e[31mCannot find ${bin} in local PATH, exiting...\e[0m"
    83. 

  83.       exit 1
    84. 

  84.     fi
    85. 

  85.   done
    86. 

  86. 

  87. 

  88.   echo "checking docker compose version...";
    89. 

  89.   if docker compose >/dev/null 2>&1; then
    90. 

  90.     echo -e "\e[32mFound Compose v2 on local machine!\e[0m"
    91. 

  91.   elif docker-compose version --short | grep -m1 "^1" > /dev/null 2>&1; then
    92. 

  92.     echo -e "\e[33mWARN: Your machine is using Docker-Compose v1!\e[0m"
    93. 

  93.     echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
    94. 

  94.     echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2.\e[0m"
    95. 

  95.     echo
    96. 

  96.     echo
    97. 

  97.     echo -e "\e[33mContinuing...\e[0m"
    98. 

  98.     sleep 3
    99. 

  99.   else
    100. 

  100.     echo -e "\e[31mCannot find Docker-Compose v1 or v2 on your System. Please install Docker-Compose v2 and re-run the Script.\e[0m"
    101. 

  101.     exit 1
    102. 

  102.   fi
    103. 

  103. 

  104.   if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then
    105. 

  105.     echo -e "\e[31mBusyBox grep detected on local system, please install GNU grep\e[0m"
    106. 

  106.     exit 1
    107. 

  107.   fi
    108. 

  108. }
    109. 

  109. 

  110. function preflight_remote_checks() {
    111. 

  111. 

  112.   if ! ssh -o StrictHostKeyChecking=no \
    113. 

  113.     -i "${REMOTE_SSH_KEY}" \
    114. 

  114.     ${REMOTE_SSH_HOST} \
    115. 

  115.     -p ${REMOTE_SSH_PORT} \
    116. 

  116.     rsync --version > /dev/null ; then
    117. 

  117.       >&2 echo -e "\e[31mCould not verify connection to ${REMOTE_SSH_HOST}\e[0m"
    118. 

  118.       >&2 echo -e "\e[31mPlease check the output above (is rsync >= 3.1.0 installed on the remote system?)\e[0m"
    119. 

  119.       exit 1
    120. 

  120.   fi
    121. 

  121. 

  122.   if ssh -o StrictHostKeyChecking=no \
    123. 

  123.     -i "${REMOTE_SSH_KEY}" \
    124. 

  124.     ${REMOTE_SSH_HOST} \
    125. 

  125.     -p ${REMOTE_SSH_PORT} \
    126. 

  126.     grep --help 2>&1 | head -n 1 | grep -q -i "busybox" ; then
    127. 

  127.       >&2 echo -e "\e[31mBusyBox grep detected on remote system ${REMOTE_SSH_HOST}, please install GNU grep\e[0m"
    128. 

  128.       exit 1
    129. 

  129.   fi
    130. 

  130. 

  131.   for bin in rsync docker; do
    132. 

  132.     if ! ssh -o StrictHostKeyChecking=no \
    133. 

  133.       -i "${REMOTE_SSH_KEY}" \
    134. 

  134.       ${REMOTE_SSH_HOST} \
    135. 

  135.       -p ${REMOTE_SSH_PORT} \
    136. 

  136.       which ${bin} > /dev/null ; then
    137. 

  137.         >&2 echo -e "\e[31mCannot find ${bin} in remote PATH, exiting...\e[0m"
    138. 

  138.         exit 1
    139. 

  139.     fi
    140. 

  140.   done
    141. 

  141. 

  142.   echo "checking docker compose version on remote...";
    143. 

  143.   if ssh -q -o StrictHostKeyChecking=no \
    144. 

  144.       -i "${REMOTE_SSH_KEY}" \
    145. 

  145.       ${REMOTE_SSH_HOST} \
    146. 

  146.       -p ${REMOTE_SSH_PORT} \
    147. 

  147.      -t 'docker compose' >/dev/null 2>&1; then
    148. 

  148.     echo -e "\e[32mFound Compose v2 on remote!\e[0m"
    149. 

  149.     COMPOSE_COMMAND="docker compose"
    150. 

  150.   elif ssh -q -o StrictHostKeyChecking=no \
    151. 

  151.       -i "${REMOTE_SSH_KEY}" \
    152. 

  152.       ${REMOTE_SSH_HOST} \
    153. 

  153.       -p ${REMOTE_SSH_PORT} \
    154. 

  154.       -t 'docker-compose version --short' | grep -m1 "^1" > /dev/null 2>&1; then
    155. 

  155.     echo -e "\e[33mWARN: The remote is using Docker-Compose v1!\e[0m"
    156. 

  156.     echo -e "\e[33mmailcow will drop the Docker-Compose v1 Support in December 2022\e[0m"
    157. 

  157.     echo -e "\e[33mPlease consider a upgrade to Docker-Compose v2 on remote.\e[0m"
    158. 

  158.     echo
    159. 

  159.     echo
    160. 

  160.     echo -e "\e[33mContinuing...\e[0m"
    161. 

  161.     sleep 3
    162. 

  162.     COMPOSE_COMMAND="docker-compose"
    163. 

  163.   else
    164. 

  164.     echo -e "\e[31mCannot find Docker-Compose v1 or v2 on the Remote Machine! Please install Docker-Compose v2 on that and re-run the script.\e[0m"
    165. 

  165.     exit 1
    166. 

  166.   fi
    167. 

  167. }
    168. 

  168. 

  169. preflight_local_checks
    170. 

  170. preflight_remote_checks
    171. 

  171. 

  172. SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
    173. 

  173. COMPOSE_FILE="${SCRIPT_DIR}/../docker-compose.yml"
    174. 

  174. source "${SCRIPT_DIR}/../mailcow.conf"
    175. 

  175. CMPS_PRJ=$(echo ${COMPOSE_PROJECT_NAME} | tr -cd 'A-Za-z-_')
    176. 

  176. SQLIMAGE=$(grep -iEo '(mysql|mariadb)\:.+' "${COMPOSE_FILE}")
    177. 

  177. 

  178. echo
    179. 

  179. echo -e "\033[1mFound compose project name ${CMPS_PRJ} for ${MAILCOW_HOSTNAME}\033[0m"
    180. 

  180. echo -e "\033[1mFound SQL ${SQLIMAGE}\033[0m"
    181. 

  181. echo
    182. 

  182. 

  183. # Make sure destination exists, rsync can fail under some circumstances
    184. 

  184. echo -e "\033[1mPreparing remote...\033[0m"
    185. 

  185. if ! ssh -o StrictHostKeyChecking=no \
    186. 

  186.   -i "${REMOTE_SSH_KEY}" \
    187. 

  187.   ${REMOTE_SSH_HOST} \
    188. 

  188.   -p ${REMOTE_SSH_PORT} \
    189. 

  189.   mkdir -p "${SCRIPT_DIR}/../" ; then
    190. 

  190.     >&2 echo -e "\e[31m[ERR]\e[0m - Could not prepare remote for mailcow base directory transfer"
    191. 

  191.     exit 1
    192. 

  192. fi
    193. 

  193. 

  194. # Syncing the mailcow base directory
    195. 

  195. echo -e "\033[1mSynchronizing mailcow base directory...\033[0m"
    196. 

  196. rsync --delete -aH -e "ssh -o StrictHostKeyChecking=no \
    197. 

  197.   -i \"${REMOTE_SSH_KEY}\" \
    198. 

  198.   -p ${REMOTE_SSH_PORT}" \
    199. 

  199.   "${SCRIPT_DIR}/../" root@${REMOTE_SSH_HOST}:"${SCRIPT_DIR}/../"
    200. 

  200. ec=$?
    201. 

  201. if [ ${ec} -ne 0 ] && [ ${ec} -ne 24 ]; then
    202. 

  202.   >&2 echo -e "\e[31m[ERR]\e[0m - Could not transfer mailcow base directory to remote"
    203. 

  203.   exit 1
    204. 

  204. fi
    205. 

  205. 

  206. # Trigger a Redis save for a consistent Redis copy
    207. 

  207. echo -ne "\033[1mRunning redis-cli save... \033[0m"
    208. 

  208. docker exec $(docker ps -qf name=redis-mailcow) redis-cli save
    209. 

  209. 

  210. # Syncing volumes related to compose project
    211. 

  211. # Same here: make sure destination exists
    212. 

  212. for vol in $(docker volume ls -qf name="${CMPS_PRJ}"); do
    213. 

  213. 

  214.   mountpoint="$(docker inspect ${vol} | grep Mountpoint | cut -d '"' -f4)"
    215. 

  215. 

  216.   echo -e "\033[1mCreating remote mountpoint ${mountpoint} for ${vol}...\033[0m"
    217. 

  217. 

  218.   ssh -o StrictHostKeyChecking=no \
    219. 

  219.     -i "${REMOTE_SSH_KEY}" \
    220. 

  220.     ${REMOTE_SSH_HOST} \
    221. 

  221.     -p ${REMOTE_SSH_PORT} \
    222. 

  222.     mkdir -p "${mountpoint}"
    223. 

  223. 

  224.   if [[ "${vol}" =~ "mysql-vol-1" ]]; then
    225. 

  225. 

  226.     # Make sure a previous backup does not exist
    227. 

  227.     rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    228. 

  228. 

  229.     echo -e "\033[1mCreating consistent backup of MariaDB volume...\033[0m"
    230. 

  230.     if ! docker run --rm \
    231. 

  231.       --network $(docker network ls -qf name=${CMPS_PRJ}_) \
    232. 

  232.       -v $(docker volume ls -qf name=${CMPS_PRJ}_mysql-vol-1):/var/lib/mysql/:ro \
    233. 

  233.       --entrypoint= \
    234. 

  234.       -v "${SCRIPT_DIR}/../_tmp_mariabackup":/backup \
    235. 

  235.       ${SQLIMAGE} mariabackup --host mysql --user root --password ${DBROOT} --backup --target-dir=/backup 2>/dev/null ; then
    236. 

  236.         >&2 echo -e "\e[31m[ERR]\e[0m - Could not create MariaDB backup on source"
    237. 

  237.         rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    238. 

  238.         exit 1
    239. 

  239.     fi
    240. 

  240. 

  241.     if ! docker run --rm \
    242. 

  242.       --network $(docker network ls -qf name=${CMPS_PRJ}_) \
    243. 

  243.       --entrypoint= \
    244. 

  244.       -v "${SCRIPT_DIR}/../_tmp_mariabackup":/backup \
    245. 

  245.       ${SQLIMAGE} mariabackup --prepare --target-dir=/backup 2> /dev/null ; then
    246. 

  246.         >&2 echo -e "\e[31m[ERR]\e[0m - Could not transfer MariaDB backup to remote"
    247. 

  247.         rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    248. 

  248.         exit 1
    249. 

  249.     fi
    250. 

  250. 

  251.     chown -R 999:999 "${SCRIPT_DIR}/../_tmp_mariabackup"
    252. 

  252. 

  253.     echo -e "\033[1mSynchronizing MariaDB backup...\033[0m"
    254. 

  254.     rsync --delete --info=progress2 -aH -e "ssh -o StrictHostKeyChecking=no \
    255. 

  255.       -i \"${REMOTE_SSH_KEY}\" \
    256. 

  256.       -p ${REMOTE_SSH_PORT}" \
    257. 

  257.       "${SCRIPT_DIR}/../_tmp_mariabackup/" root@${REMOTE_SSH_HOST}:"${mountpoint}"
    258. 

  258.     ec=$?
    259. 

  259.     if [ ${ec} -ne 0 ] && [ ${ec} -ne 24 ]; then
    260. 

  260.       >&2 echo -e "\e[31m[ERR]\e[0m - Could not transfer MariaDB backup to remote"
    261. 

  261.       exit 1
    262. 

  262.     fi
    263. 

  263. 

  264.     # Cleanup
    265. 

  265.     rm -rf "${SCRIPT_DIR}/../_tmp_mariabackup/"
    266. 

  266. 

  267.   else
    268. 

  268. 

  269.     echo -e "\033[1mSynchronizing ${vol} from local ${mountpoint}...\033[0m"
    270. 

  270.     rsync --delete --info=progress2 -aH -e "ssh -o StrictHostKeyChecking=no \
    271. 

  271.       -i \"${REMOTE_SSH_KEY}\" \
    272. 

  272.       -p ${REMOTE_SSH_PORT}" \
    273. 

  273.       "${mountpoint}/" root@${REMOTE_SSH_HOST}:"${mountpoint}"
    274. 

  274.     ec=$?
    275. 

  275.     if [ ${ec} -ne 0 ] && [ ${ec} -ne 24 ]; then
    276. 

  276.       >&2 echo -e "\e[31m[ERR]\e[0m - Could not transfer ${vol} from local ${mountpoint} to remote"
    277. 

  277.       exit 1
    278. 

  278.     fi
    279. 

  279.   fi
    280. 

  280. 

  281.   echo -e "\e[32mCompleted\e[0m"
    282. 

  282. 

  283. done
    284. 

  284. 

  285. # Restart Dockerd on destination
    286. 

  286. echo -ne "\033[1mRestarting Docker daemon on remote to detect new volumes... \033[0m"
    287. 

  287. if ! ssh -o StrictHostKeyChecking=no \
    288. 

  288.   -i "${REMOTE_SSH_KEY}" \
    289. 

  289.   ${REMOTE_SSH_HOST} \
    290. 

  290.   -p ${REMOTE_SSH_PORT} \
    291. 

  291.   systemctl restart docker ; then
    292. 

  292.     >&2 echo -e "\e[31m[ERR]\e[0m - Could not restart Docker daemon on remote"
    293. 

  293.     exit 1
    294. 

  294. fi
    295. 

  295. echo "OK"
    296. 

  296. 

  297.   echo -e "\e[33mPulling images on remote...\e[0m"
    298. 

  298.   echo -e "\e[33mProcess is NOT stuck! Please wait...\e[0m"
    299. 

  299. 

  300.   if ! ssh -o StrictHostKeyChecking=no \
    301. 

  301.     -i "${REMOTE_SSH_KEY}" \
    302. 

  302.     ${REMOTE_SSH_HOST} \
    303. 

  303.     -p ${REMOTE_SSH_PORT} \
    304. 

  304.     $COMPOSE_COMMAND -f "${SCRIPT_DIR}/../docker-compose.yml" pull --no-parallel --quiet 2>&1 ; then
    305. 

  305.       >&2 echo -e "\e[31m[ERR]\e[0m - Could not pull images on remote"
    306. 

  306.   fi
    307. 

  307. 

  308. echo -e "\033[1mExecuting update script and forcing garbage cleanup on remote...\033[0m"
    309. 

  309. if ! ssh -o StrictHostKeyChecking=no \
    310. 

  310.   -i "${REMOTE_SSH_KEY}" \
    311. 

  311.   ${REMOTE_SSH_HOST} \
    312. 

  312.   -p ${REMOTE_SSH_PORT} \
    313. 

  313.   ${SCRIPT_DIR}/../update.sh -f --gc ; then
    314. 

  314.     >&2 echo -e "\e[31m[ERR]\e[0m - Could not cleanup old images on remote"
    315. 

  315. fi
    316. 

  316. 

  317. echo -e "\e[32mDone\e[0m"
    318.