From 4a81e73192649d7ad5cdfbdfec94f59e4e145a5b Mon Sep 17 00:00:00 2001 From: Rick Altherr Date: Mon, 9 Dec 2024 09:49:36 -0800 Subject: [PATCH] Minimal functioning container and compose example * Only run barman maintenance tasks on a schedule * Backups can be run manually with `barman backup` inside the container --- Dockerfile | 45 ++++++++++++++++++++++++++ entrypoint.sh | 21 ++++++++++++ example-compose/barman.d/db.conf | 8 +++++ example-compose/docker-compose.yml | 34 +++++++++++++++++++ example-compose/initdb/setup_barman.sh | 26 +++++++++++++++ 5 files changed, 134 insertions(+) create mode 100644 Dockerfile create mode 100755 entrypoint.sh create mode 100644 example-compose/barman.d/db.conf create mode 100644 example-compose/docker-compose.yml create mode 100755 example-compose/initdb/setup_barman.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..8d74101 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,45 @@ +FROM debian:bookworm + +# Install tools necessary to setup PDGD apt repo +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + && rm -rf /var/lib/apt/lists/* + +# Setup PDGD apt repo +RUN curl -o /etc/apt/trusted.gpg.d/apt.postgresql.org.asc --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc \ + && bash -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main" >> /etc/apt/sources.list.d/pgdg.list' + +# Create barman user +ENV BARMAN_UID=999 +ENV BARMAN_GID=999 + +RUN groupadd --system -g ${BARMAN_GID} barman && \ + useradd --system \ + -u ${BARMAN_UID} -g ${BARMAN_GID} \ + --shell /bin/bash \ + barman + +# Install barman +RUN apt-get update && apt-get install -y --no-install-recommends \ + barman \ + barman-cli \ + barman-cli-cloud \ + cron \ + postgresql-client-14 \ + tini \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /etc/crontab /etc/cron.*/* \ + && sed -i 's/\(.*pam_loginuid.so\)/#\1/' /etc/pam.d/cron + +ENV BARMAN_CONF_DIR=/etc/barman.d/ +ENV BARMAN_DATA_DIR=/var/lib/barman +ENV BARMAN_CRON_SCHEDULE="* * * * *" + +VOLUME ${BARMAN_DATA_DIR} +VOLUME ${BARMAN_CONF_DIR} + +COPY entrypoint.sh / +ENTRYPOINT ["tini", "--", "/entrypoint.sh"] +CMD ["cron", "-L", "3", "-f"] +WORKDIR ${BARMAN_DATA_DIR} \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..8921b59 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +set -euo pipefail + +find "${BARMAN_DATA_DIR}" \! -user barman -exec chown barman '{}' + +find "${BARMAN_DATA_DIR}" \! -group barman -exec chgrp barman '{}' + + +echo "Generating barman.conf" +sed -i -E \ + -e "s,barman_home[[:space:]]*=.*$,barman_home = ${BARMAN_DATA_DIR}," \ + -e "s,configuration_files_directory[[:space:]]*=.*$,configuration_files_directory = ${BARMAN_CONF_DIR}," \ + /etc/barman.conf + +echo "Generating cron schedules" +echo "${BARMAN_CRON_SCHEDULE} barman /usr/bin/barman cron" >> /etc/cron.d/barman-cron + +echo "Running barman maintenance tasks immediately" +barman cron + +echo "Starting cron" +exec "$@" \ No newline at end of file diff --git a/example-compose/barman.d/db.conf b/example-compose/barman.d/db.conf new file mode 100644 index 0000000..0bc527d --- /dev/null +++ b/example-compose/barman.d/db.conf @@ -0,0 +1,8 @@ +[db] +backup_method = postgres +archiver = off +streaming_archiver = on +conninfo = host=db user=barman dbname=postgres +streaming_conninfo = host=db user=streaming_barman dbname=postgres +slot_name = barman +create_slot = auto \ No newline at end of file diff --git a/example-compose/docker-compose.yml b/example-compose/docker-compose.yml new file mode 100644 index 0000000..c11af9f --- /dev/null +++ b/example-compose/docker-compose.yml @@ -0,0 +1,34 @@ +version: 3 + +services: + db: + restart: always + image: postgres:14.7-alpine + command: ['-c', 'wal_level=replica', '-c', 'synchronous_standby_names=barman_receive_wal'] + shm_size: 256mb + networks: + - internal_network + healthcheck: + test: ['CMD', 'pg_isready', '-U', 'postgres'] + volumes: + - ./pg-data:/var/lib/postgresql/data:z + - ./initdb:/docker-entrypoint-initdb.d:z + environment: + - 'POSTGRES_HOST_AUTH_METHOD=trust' + mem_limit: 2G + memswap_limit: 2G + + db-backup: + build: .. + networks: + - internal_network + configs: + - barman_d_db_conf + volumes: + - ./barman-data:/var/lib/barman:z + - ./barman.d:/etc/barman.d:z + +networks: + external_network: + internal_network: + internal: true \ No newline at end of file diff --git a/example-compose/initdb/setup_barman.sh b/example-compose/initdb/setup_barman.sh new file mode 100755 index 0000000..53e3769 --- /dev/null +++ b/example-compose/initdb/setup_barman.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +set -euo pipefail + +createuser --username "${POSTGRES_USER}" barman +psql -v ON_ERROR_STOP=1 --username "${POSTGRES_USER}" --dbname "${POSTGRES_DB}" <<-EOSQL + GRANT EXECUTE ON FUNCTION pg_start_backup(text, boolean, boolean) to barman; + GRANT EXECUTE ON FUNCTION pg_stop_backup() to barman; + GRANT EXECUTE ON FUNCTION pg_stop_backup(boolean, boolean) to barman; + GRANT EXECUTE ON FUNCTION pg_switch_wal() to barman; + GRANT EXECUTE ON FUNCTION pg_create_restore_point(text) to barman; + GRANT pg_read_all_settings TO barman; + GRANT pg_read_all_stats TO barman; +EOSQL + +createuser --username "${POSTGRES_USER}" --replication streaming_barman + +{ + echo "# allows barman access from all hosts" + echo "host all barman all trust" + echo "host replication streaming_barman all trust" +} >> "${PGDATA}/pg_hba.conf" + +psql -v ON_ERROR_STOP=1 --username "${POSTGRES_USER}" --dbname "${POSTGRES_DB}" <<-EOSQL + SELECT pg_reload_conf(); +EOSQL \ No newline at end of file