From 191d0534a0a4bcfd83a19c5975fed4dcd7d86e7c Mon Sep 17 00:00:00 2001
From: Fabian Emilius <fabian.emilius@tum.de>
Date: Fri, 22 Nov 2024 01:36:30 +0100
Subject: [PATCH] Add backup script

---
 .github/workflows/deploy_docker.yml | 13 ++++++++
 docs/PRODUCTION.md                  | 11 ++++---
 thesis-track-backup.sh              | 51 +++++++++++++++++++++++++++++
 3 files changed, 70 insertions(+), 5 deletions(-)
 create mode 100644 thesis-track-backup.sh

diff --git a/.github/workflows/deploy_docker.yml b/.github/workflows/deploy_docker.yml
index 136a534..f8029cb 100644
--- a/.github/workflows/deploy_docker.yml
+++ b/.github/workflows/deploy_docker.yml
@@ -67,6 +67,19 @@ jobs:
           source: "master.cf"
           target: /home/${{ vars.VM_USERNAME }}/postfix-config/
 
+      - name: Copy thesis-track-backup.sh to VM Host
+        uses: appleboy/scp-action@v0.1.7
+        with:
+          host: ${{ vars.VM_HOST }}
+          username: ${{ vars.VM_USERNAME }}
+          key: ${{ secrets.VM_SSH_PRIVATE_KEY }}
+          proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+          proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+          proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+          proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+          source: "thesis-track-backup.sh"
+          target: /home/${{ vars.VM_USERNAME }}
+
       - name: SSH to VM and create .env.prod
         uses: appleboy/ssh-action@v1.0.3
         with:
diff --git a/docs/PRODUCTION.md b/docs/PRODUCTION.md
index 61acaf2..0bb5777 100644
--- a/docs/PRODUCTION.md
+++ b/docs/PRODUCTION.md
@@ -74,16 +74,15 @@ environment:
 
 ## Reverse Proxy
 ```yaml
-image: traefik:v2.10
+image: traefik:v3.2
 command:
   - "--providers.docker=true"
-  - "--providers.docker.exposedbydefault=false"
+  - "--providers.docker.exposedByDefault=false"
   - "--providers.docker.network=thesis-track-network"
   - "--entrypoints.web.address=:80"
   - "--entrypoints.websecure.address=:443"
-  - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
-  - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
-  - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
+  - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+  - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
   - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
   - "--certificatesresolvers.letsencrypt.acme.email=admin@tum.de"
   - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
@@ -103,6 +102,8 @@ There are 2 places that require backups:
   - Example import command: `psql -U thesistrack -d thesistrack -f backup_thesistrack.sql`
 - The files stored at `/uploads`. In the docker example, these files are mounted to `./thesis_uploads` and backup system should collect the files from the mounted folder
 
+There is an example script [thesis-track-backup.sh](../thesis-track-backup.sh) that you can call in a cronjob to create regular backups.
+
 ## Further Configuration
 
 All further environment variables can be found [here](CONFIGURATION.md) 
diff --git a/thesis-track-backup.sh b/thesis-track-backup.sh
new file mode 100644
index 0000000..64a4bf6
--- /dev/null
+++ b/thesis-track-backup.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+# Configuration
+BACKUP_DIR="./backups"  # Directory to store backups
+DB_CONTAINER="thesis-track-db"  # PostgreSQL container name
+UPLOADS_DIR="./thesis_uploads"  # Path to thesis_uploads folder
+DB_USER=$(grep SPRING_DATASOURCE_USERNAME .env.prod | cut -d '=' -f 2)  # Extract DB user from .env.prod
+DB_NAME=$(grep SPRING_DATASOURCE_DATABASE .env.prod | cut -d '=' -f 2)  # Extract DB name from .env.prod
+DB_PASSWORD=$(grep SPRING_DATASOURCE_PASSWORD .env.prod | cut -d '=' -f 2)  # Extract DB password from .env.prod
+DATE=$(date +"%Y%m%d_%H%M%S")  # Timestamp for the backup file
+BACKUP_FILE="backup_$DATE.zip"  # Name of the backup file
+
+# Ensure backup directory exists
+mkdir -p $BACKUP_DIR
+
+# Remove backups older than 7 days
+find $BACKUP_DIR -type f -mtime +7 -name "*.zip" -exec rm -f {} \;
+
+echo "Starting backup..."
+
+# Dump PostgreSQL database
+echo "Backing up PostgreSQL database..."
+docker exec -e PGPASSWORD=$DB_PASSWORD $DB_CONTAINER pg_dump -U $DB_USER $DB_NAME > "$BACKUP_DIR/db_backup_$DATE.sql"
+if [ $? -ne 0 ]; then
+  echo "Error: Database backup failed!"
+  exit 1
+fi
+
+# Copy thesis_uploads folder
+echo "Backing up thesis_uploads folder..."
+UPLOADS_BACKUP_DIR="$BACKUP_DIR/uploads_$DATE"
+cp -r $UPLOADS_DIR $UPLOADS_BACKUP_DIR
+if [ $? -ne 0 ]; then
+  echo "Error: thesis_uploads folder backup failed!"
+  exit 1
+fi
+
+# Create a compressed zip file
+echo "Compressing backups into $BACKUP_FILE..."
+zip -r "$BACKUP_DIR/$BACKUP_FILE" "$BACKUP_DIR/db_backup_$DATE.sql" "$UPLOADS_BACKUP_DIR"
+if [ $? -ne 0 ]; then
+  echo "Error: Compression failed!"
+  exit 1
+fi
+
+# Clean up intermediate files
+echo "Cleaning up temporary files..."
+rm -f "$BACKUP_DIR/db_backup_$DATE.sql"
+rm -rf "$UPLOADS_BACKUP_DIR"
+
+echo "Backup completed successfully. File stored at $BACKUP_DIR/$BACKUP_FILE."