Gerrit server backup
Goal: create a cronjob that sends a tar backup of Gerrit.
On linode01.ovirt.org
Create Gerrit backup user, saving the password in
/root/passwords:
useradd gerrit-backup
passwd gerrit-backup
Create SSH key structure:
touch /home/gerrit-backup/.ssh/authorized_keys
vi /home/gerrit-backup/.ssh/authorized_keys # add id_rsa.pub contents
chmod 644 /home/gerrit-backup/.ssh/authorized_keys
chmod 700 /home/gerrit-backup/.ssh/
Create backup directory and sub-dir tree:
mkdir -p /home/gerrit-backup/backup/src
On gerrit.ovirt.org
Backup git source directories
Switch to the Gerrit user:
su - gerrit2
Create an SSH key without a passphrase, then copy the public key for the
authorized_keys file on the remote host:
ssh-keygen # set no passphrase
cat .ssh/id_rsa.pub
Prepare backup script:
mkdir /home/gerrit2/bin
vi bin/gerrit-backup.sh
Bash script to remotely backup git repository directories using rsync over ssh:
#!/bin/bash
#
# Gerrit backup script - git source backup
#
# 0.1 Alpha - 20111207 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Set variables
RSYNC="/usr/bin/rsync"
RSYNCOPTS="-az -e"
SSH="/usr/bin/ssh"
GITSRC="/usr/local/src/git/"
REMOTEUSER="gerrit-backup"
REMOTEHOST="ovirt.org"
REMOTEDIR="gerrit.ovirt.org-src-backup/src/"
# Run backup - rsync local git source to remote backup directory
# Note: gerrit user has sshkeys with no passphrase
$RSYNC $RSYNCOPTS $SSH $GITSRC $REMOTEUSER@
$REMOTEHOST:
$REMOTEDIR
Make script executable:
chmod 700 bin/gerrit-backup.sh
Make cronjob run every day at 2200 EST
crontab -e
Contents of user's
crontab:
# mail all output to root
MAILTO=root
# Run at 2200 (10 pm) system time every day
0 22 * * * $HOME/bin/gerrit-backup.sh
# Run database backup at 2220 (10:20 pm) system time every day
20 22 * * * $HOME/bin/gerrit-database-backup.sh
# Run backup of /home/gerrit2 at 2240 (10:30 pm) system time every day
40 22 * * * $HOME/bin/gerrit-gerrit2-home-backup.sh
Backup Gerrit database
Add this backup script to the
gerrit2 user's crontab:
#!/bin/bash
#
# Gerrit backup script - database backup
#
# 0.1 Alpha - 20111207 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# set variables
SU="/bin/su"
SCP="/usr/bin/scp"
TAR="/bin/tar"
TAROPTS="-czf"
HOME="/home/gerrit2/"
PGDUMP="/usr/bin/pg_dump"
PGUSER="gerrit2"
PGHOST="localhost"
# PGPORT=""
# The -w directive stops a password request, the ~/.pgpass file provides the password
PGOPTS="-w"
DATE=`/bin/date +%Y%m%d
`
DBNAME="reviewdb"
BACKUPDIR="/home/gerrit2/backups/database"
BACKUPFILE="gerrit-pg-dump"
REMOTEHOST="ovirt.org"
REMOTEUSER="gerrit-backup"
REMOTEDIR="gerrit.ovirt.org-database-backup"
## Run backup
# Switch to the Gerrit user - useful if root runs the script
#$SU - $PGUSER
# The gerrit2 user should change to the home directory
cd $HOME
# Dump the database to a SQL script file with a dated filename
$PGDUMP $PGOPTS $DBNAME > $BACKUPDIR/
$BACKUPFILE-
$DATE.sql
# Compress the SQL script
$TAR $TAROPTS $BACKUPDIR/
$BACKUPFILE-
$DATE.tgz
$BACKUPDIR/
$BACKUPFILE-
$DATE.sql
# Securely copy the SQL script to a remote backup host
$SCP $BACKUPDIR/
$BACKUPFILE-
$DATE.tgz
$REMOTEUSER@
$REMOTEHOST:
$REMOTEDIR/
Backup gerrit2 user home directory
Add this backup script to the
gerrit2 user's crontab:
#!/bin/bash
#
# Gerrit backup script - gerrit2 user home backup
#
# 0.1 Alpha - 20111208 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# set variables
SCP="/usr/bin/scp"
TAR="/bin/tar"
TAROPTS="-czf"
# Follwing variable doesn't work, probably due to a bash expansion order
TAREXCLUDE="--exclude='/home/gerrit2/backups*'"
HOME="/home/gerrit2/"
DATE=`/bin/date +%Y%m%d
`
BACKUPDIR="/home/gerrit2/backups/gerrit2-home/"
BACKUPFILE="gerrit-gerrit2-home-backup"
BACKUPTARGET="/home/gerrit2"
REMOTEHOST="ovirt.org"
REMOTEUSER="gerrit-backup"
REMOTEDIR="gerrit.ovirt.org-gerrit2-home-backup/"
## Run backup
# Switch to the Gerrit user - useful if root runs the script
#$SU - $PGUSER
# The gerrit2 user should change to the home directory
cd $HOME
# Compress the home directory
$TAR $TAROPTS $BACKUPDIR/
$BACKUPFILE-
$DATE.tgz
$BACKUPTARGET --exclude='/home/gerrit2/backups*'
# Securely copy the compressed archive to a remote backup host
$SCP $BACKUPDIR/
$BACKUPFILE-
$DATE.tgz
$REMOTEUSER@
$REMOTEHOST:
$REMOTEDIR