mirror of
https://github.com/fradelg/docker-mysql-cron-backup.git
synced 2025-01-19 00:32:34 +01:00
Merge pull request #87 from skimpax/master
Add ability to use secrets for all mysql access params
This commit is contained in:
commit
2de64e836a
3 changed files with 45 additions and 13 deletions
34
README.md
34
README.md
|
@ -15,12 +15,16 @@ docker container run -d \
|
||||||
|
|
||||||
## Variables
|
## Variables
|
||||||
|
|
||||||
|
|
||||||
- `MYSQL_HOST`: The host/ip of your mysql database.
|
- `MYSQL_HOST`: The host/ip of your mysql database.
|
||||||
|
- `MYSQL_HOST_FILE`: The file in container where to find the host of your mysql database (cf. docker secrets). You should use either MYSQL_HOST_FILE or MYSQL_HOST (see examples below).
|
||||||
- `MYSQL_PORT`: The port number of your mysql database.
|
- `MYSQL_PORT`: The port number of your mysql database.
|
||||||
- `MYSQL_USER`: The username of your mysql database.
|
- `MYSQL_USER`: The username of your mysql database.
|
||||||
|
- `MYSQL_USER_FILE`: The file in container where to find the user of your mysql database (cf. docker secrets). You should use either MYSQL_USER_FILE or MYSQL_USER (see examples below).
|
||||||
- `MYSQL_PASS`: The password of your mysql database.
|
- `MYSQL_PASS`: The password of your mysql database.
|
||||||
- `MYSQL_PASS_FILE`: The file in container where to find the password of your mysql database (cf. docker secrets). You should use either MYSQL_PASS_FILE or MYSQL_PASS (see examples below).
|
- `MYSQL_PASS_FILE`: The file in container where to find the password of your mysql database (cf. docker secrets). You should use either MYSQL_PASS_FILE or MYSQL_PASS (see examples below).
|
||||||
- `MYSQL_DATABASE`: The database name to dump. Default: `--all-databases`.
|
- `MYSQL_DATABASE`: The database name to dump. Default: `--all-databases`.
|
||||||
|
- `MYSQL_DATABASE_FILE`: The file in container where to find the database name(s) in your mysql database (cf. docker secrets). In that file, there can be several database names: one per line. You should use either MYSQL_DATABASE or MYSQL_DATABASE_FILE (see examples below).
|
||||||
- `MYSQLDUMP_OPTS`: Command line arguments to pass to mysqldump (see [mysqldump documentation](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html)).
|
- `MYSQLDUMP_OPTS`: Command line arguments to pass to mysqldump (see [mysqldump documentation](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html)).
|
||||||
- `MYSQL_SSL_OPTS`: Command line arguments to use [SSL](https://dev.mysql.com/doc/refman/5.6/en/using-encrypted-connections.html).
|
- `MYSQL_SSL_OPTS`: Command line arguments to use [SSL](https://dev.mysql.com/doc/refman/5.6/en/using-encrypted-connections.html).
|
||||||
- `CRON_TIME`: The interval of cron job to run mysqldump. `0 3 * * sun` by default, which is every Sunday at 03:00. It uses UTC timezone.
|
- `CRON_TIME`: The interval of cron job to run mysqldump. `0 3 * * sun` by default, which is every Sunday at 03:00. It uses UTC timezone.
|
||||||
|
@ -79,17 +83,23 @@ volumes:
|
||||||
|
|
||||||
The database root password passed to docker container by using [docker secrets](https://docs.docker.com/engine/swarm/).
|
The database root password passed to docker container by using [docker secrets](https://docs.docker.com/engine/swarm/).
|
||||||
|
|
||||||
In example below, docker is in classic 'docker engine mode' (iow. not swarm mode) and secret source is a local file on host filesystem.
|
In example below, docker is in classic 'docker engine mode' (iow. not swarm mode) and secret sources are local files on host filesystem.
|
||||||
|
|
||||||
Alternatively, secret can be stored in docker secrets engine (iow. not in host filesystem).
|
Alternatively, secrets can be stored in docker secrets engine (iow. not in host filesystem).
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
version: "3.7"
|
version: "3.7"
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
mysql_root_password:
|
|
||||||
# Place your secret file somewhere on your host filesystem, with your password inside
|
# Place your secret file somewhere on your host filesystem, with your password inside
|
||||||
|
mysql_root_password:
|
||||||
file: ./secrets/mysql_root_password
|
file: ./secrets/mysql_root_password
|
||||||
|
mysql_user:
|
||||||
|
file: ./secrets/mysql_user
|
||||||
|
mysql_password:
|
||||||
|
file: ./secrets/mysql_password
|
||||||
|
mysql_database:
|
||||||
|
file: ./secrets/mysql_database
|
||||||
|
|
||||||
services:
|
services:
|
||||||
mariadb:
|
mariadb:
|
||||||
|
@ -101,10 +111,15 @@ services:
|
||||||
- data:/var/lib/mysql
|
- data:/var/lib/mysql
|
||||||
- ${VOLUME_PATH}/backup:/backup
|
- ${VOLUME_PATH}/backup:/backup
|
||||||
environment:
|
environment:
|
||||||
- MYSQL_DATABASE=${DATABASE_NAME}
|
|
||||||
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
|
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
|
||||||
|
- MYSQL_USER_FILE=/run/secrets/mysql_user
|
||||||
|
- MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
|
||||||
|
- MYSQL_DATABASE_FILE=/run/secrets/mysql_database
|
||||||
secrets:
|
secrets:
|
||||||
- mysql_root_password
|
- mysql_root_password
|
||||||
|
- mysql_user
|
||||||
|
- mysql_password
|
||||||
|
- mysql_database
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
backup:
|
backup:
|
||||||
|
@ -116,13 +131,18 @@ services:
|
||||||
- ${VOLUME_PATH}/backup:/backup
|
- ${VOLUME_PATH}/backup:/backup
|
||||||
environment:
|
environment:
|
||||||
- MYSQL_HOST=my_mariadb
|
- MYSQL_HOST=my_mariadb
|
||||||
- MYSQL_USER=root
|
# Alternatively to MYSQL_USER_FILE, we can use MYSQL_USER=root to use root user instead
|
||||||
- MYSQL_PASS_FILE=/run/secrets/mysql_root_password
|
- MYSQL_USER_FILE=/run/secrets/mysql_user
|
||||||
|
# Alternatively, we can use /run/secrets/mysql_root_password when using root user
|
||||||
|
- MYSQL_PASS_FILE=/run/secrets/mysql_password
|
||||||
|
- MYSQL_DATABASE_FILE=/run/secrets/mysql_database
|
||||||
- MAX_BACKUPS=10
|
- MAX_BACKUPS=10
|
||||||
- INIT_BACKUP=1
|
- INIT_BACKUP=1
|
||||||
- CRON_TIME=0 0 * * *
|
- CRON_TIME=0 0 * * *
|
||||||
secrets:
|
secrets:
|
||||||
- mysql_root_password
|
- mysql_user
|
||||||
|
- mysql_password
|
||||||
|
- mysql_database
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
|
|
12
backup.sh
12
backup.sh
|
@ -1,10 +1,18 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Get hostname: try read from file, else get from env
|
||||||
|
[ -z "${MYSQL_HOST_FILE}" ] || { MYSQL_HOST=$(head -1 "${MYSQL_HOST_FILE}"); }
|
||||||
|
[ -z "${MYSQL_HOST}" ] && { echo "=> MYSQL_HOST cannot be empty" && exit 1; }
|
||||||
|
# Get username: try read from file, else get from env
|
||||||
|
[ -z "${MYSQL_USER_FILE}" ] || { MYSQL_USER=$(head -1 "${MYSQL_USER_FILE}"); }
|
||||||
[ -z "${MYSQL_USER}" ] && { echo "=> MYSQL_USER cannot be empty" && exit 1; }
|
[ -z "${MYSQL_USER}" ] && { echo "=> MYSQL_USER cannot be empty" && exit 1; }
|
||||||
# If provided, take password from file
|
# Get password: try read from file, else get from env, else get from MYSQL_PASSWORD env
|
||||||
[ -z "${MYSQL_PASS_FILE}" ] || { MYSQL_PASS=$(head -1 "${MYSQL_PASS_FILE}"); }
|
[ -z "${MYSQL_PASS_FILE}" ] || { MYSQL_PASS=$(head -1 "${MYSQL_PASS_FILE}"); }
|
||||||
# Alternatively, take it from env var
|
|
||||||
[ -z "${MYSQL_PASS:=$MYSQL_PASSWORD}" ] && { echo "=> MYSQL_PASS cannot be empty" && exit 1; }
|
[ -z "${MYSQL_PASS:=$MYSQL_PASSWORD}" ] && { echo "=> MYSQL_PASS cannot be empty" && exit 1; }
|
||||||
|
# Get database name(s): try read from file, else get from env
|
||||||
|
# Note: when from file, there can be one database name per line in that file
|
||||||
|
[ -z "${MYSQL_DATABASE_FILE}" ] || { MYSQL_DATABASE=$(cat "${MYSQL_DATABASE_FILE}"); }
|
||||||
|
# Get level from env, else use 6
|
||||||
[ -z "${GZIP_LEVEL}" ] && { GZIP_LEVEL=6; }
|
[ -z "${GZIP_LEVEL}" ] && { GZIP_LEVEL=6; }
|
||||||
|
|
||||||
DATE=$(date +%Y%m%d%H%M)
|
DATE=$(date +%Y%m%d%H%M)
|
||||||
|
|
10
restore.sh
10
restore.sh
|
@ -1,10 +1,14 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Get hostname: try read from file, else get from env
|
||||||
|
[ -z "${MYSQL_HOST_FILE}" ] || { MYSQL_HOST=$(head -1 "${MYSQL_HOST_FILE}"); }
|
||||||
|
[ -z "${MYSQL_HOST}" ] && { echo "=> MYSQL_HOST cannot be empty" && exit 1; }
|
||||||
|
# Get username: try read from file, else get from env
|
||||||
|
[ -z "${MYSQL_USER_FILE}" ] || { MYSQL_USER=$(head -1 "${MYSQL_USER_FILE}"); }
|
||||||
[ -z "${MYSQL_USER}" ] && { echo "=> MYSQL_USER cannot be empty" && exit 1; }
|
[ -z "${MYSQL_USER}" ] && { echo "=> MYSQL_USER cannot be empty" && exit 1; }
|
||||||
# If provided, take password from file
|
# Get password: try read from file, else get from env, else get from MYSQL_PASSWORD env
|
||||||
[ -z "${MYSQL_PASS_FILE}" ] || { MYSQL_PASS=$(head -1 "${MYSQL_PASS_FILE}"); }
|
[ -z "${MYSQL_PASS_FILE}" ] || { MYSQL_PASS=$(head -1 "${MYSQL_PASS_FILE}"); }
|
||||||
# Alternatively, take it from env var
|
[ -z "${MYSQL_PASS:=$MYSQL_PASSWORD}" ] && { echo "=> MYSQL_PASS cannot be empty" && exit 1; }
|
||||||
[ -z "${MYSQL_PASS}" ] && { echo "=> MYSQL_PASS cannot be empty" && exit 1; }
|
|
||||||
|
|
||||||
if [ "$#" -ne 1 ]
|
if [ "$#" -ne 1 ]
|
||||||
then
|
then
|
||||||
|
|
Loading…
Reference in a new issue