From 3ff3cdb19c336e2df1181bc09cfbd42f414debf0 Mon Sep 17 00:00:00 2001 From: Dave Conroy Date: Wed, 1 Nov 2023 14:32:43 -0700 Subject: [PATCH] feat - Add TARGET_DB_DUMP_PERMISSION to set file and directory permissions --- README.md | 21 +++++++++++---------- install/assets/defaults/10-db-backup | 1 + install/assets/functions/10-db-backup | 4 ++++ 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index f736563..c705cd4 100644 --- a/README.md +++ b/README.md @@ -175,16 +175,17 @@ Your Organization will be mapped to `DB_USER` and your root token will need to b ### Scheduling Options -| Parameter | Description | Default | -| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `DB_DUMP_FREQ` | How often to do a dump, in minutes after the first backup. Defaults to 1440 minutes, or once per day. | `1440` | -| `DB_DUMP_BEGIN` | What time to do the first dump. Defaults to immediate. Must be in one of two formats | | -| | Absolute HHMM, e.g. `2330` or `0415` | | -| | Relative +MM, i.e. how many minutes after starting the container, e.g. `+0` (immediate), `+10` (in 10 minutes), or `+90` in an hour and a half | | -| `DB_DUMP_TARGET` | Directory where the database dumps are kept. | `${DB_DUMP_TARGET}/archive/` | -| `DB_DUMP_TARGET_ARCHIVE` | Optional Directory where the database dumps archives are kept. | | -| `DB_CLEANUP_TIME` | Value in minutes to delete old backups (only fired when dump frequency fires). 1440 would delete anything above 1 day old. You don't need to set this variable if you want to hold onto everything. | `FALSE` | -| `DB_ARCHIVE_TIME` | Value in minutes to move all files files older than (x) from `DB_DUMP_TARGET` to `DB_DUMP_TARGET_ARCHIVE` - which is useful when pairing against an external backup system. | | +| Parameter | Description | Default | +| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `DB_DUMP_FREQ` | How often to do a dump, in minutes after the first backup. Defaults to 1440 minutes, or once per day. | `1440` | +| `DB_DUMP_BEGIN` | What time to do the first dump. Defaults to immediate. Must be in one of two formats | | +| | Absolute HHMM, e.g. `2330` or `0415` | | +| | Relative +MM, i.e. how many minutes after starting the container, e.g. `+0` (immediate), `+10` (in 10 minutes), or `+90` in an hour and a half | | +| `DB_DUMP_TARGET` | Directory where the database dumps are kept. | `${DB_DUMP_TARGET}/archive/` | +| `DB_DUMP_TARGET_PERMISSION` | Directory and File permissions to apply to files. | `700` | +| `DB_DUMP_TARGET_ARCHIVE` | Optional Directory where the database dumps archives are kept. | | +| `DB_CLEANUP_TIME` | Value in minutes to delete old backups (only fired when dump frequency fires). 1440 would delete anything above 1 day old. You don't need to set this variable if you want to hold onto everything. | `FALSE` | +| `DB_ARCHIVE_TIME` | Value in minutes to move all files files older than (x) from `DB_DUMP_TARGET` to `DB_DUMP_TARGET_ARCHIVE` - which is useful when pairing against an external backup system. | | - You may need to wrap your `DB_DUMP_BEGIN` value in quotes for it to properly parse. There have been reports of backups that start with a `0` get converted into a different format which will not allow the timer to start at the correct time. diff --git a/install/assets/defaults/10-db-backup b/install/assets/defaults/10-db-backup index 60280d8..bc65ce4 100644 --- a/install/assets/defaults/10-db-backup +++ b/install/assets/defaults/10-db-backup @@ -30,3 +30,4 @@ SIZE_VALUE=${SIZE_VALUE:-"bytes"} SKIP_AVAILABILITY_CHECK=${SKIP_AVAILABILITY_CHECK:-"FALSE"} SPLIT_DB=${SPLIT_DB:-"TRUE"} TEMP_LOCATION=${TEMP_LOCATION:-"/tmp/backups"} +DB_DUMP_TARGET_PERMISSION=${DB_DUMP_TARGET_PERMISSION:-"700"} \ No newline at end of file diff --git a/install/assets/functions/10-db-backup b/install/assets/functions/10-db-backup index 8587977..b6ed680 100644 --- a/install/assets/functions/10-db-backup +++ b/install/assets/functions/10-db-backup @@ -5,9 +5,11 @@ bootstrap_filesystem() { mkdir -p "${DB_DUMP_TARGET}" fi if [ "$(stat -c %U "${DB_DUMP_TARGET}")" != "dbbackup" ] ; then chown -R dbbackup:dbbackup "${DB_DUMP_TARGET}" ; fi + if [ "$(stat -c %a "${DB_DUMP_TARGET}")" != "${DB_DUMP_TARGET_PERMISSION}" ] ; then chmod -R ${DB_DUMP_TARGET_PERMISSION} "${DB_DUMP_TARGET}" ; fi if [ -d "${DB_DUMP_TARGET_ARCHIVE}" ]; then if [ "$(stat -c %U "${DB_DUMP_TARGET_ARCHIVE}")" != "dbbackup" ] ; then chown -R dbbackup:dbbackup "${DB_DUMP_TARGET_ARCHIVE}" ; fi + if [ "$(stat -c %a "${DB_DUMP_TARGET_ARCHIVE}")" != "${DB_DUMP_TARGET_PERMISSION}" ] ; then chmod -R ${DB_DUMP_TARGET_PERMISSION} "${DB_DUMP_TARGET_ARCHIVE}" ; fi fi if [ ! -d "${TEMP_LOCATION}" ]; then @@ -690,6 +692,7 @@ generate_checksum() { print_notice "Generating ${checksum_extension^^} for '${target}'" cd "${TEMP_LOCATION}" run_as_user ${checksum_command} "${target}" | run_as_user tee "${target}"."${checksum_extension}" > /dev/null + chmod ${DB_DUMP_TARGET_PERMISSION} "${target}"."${checksum_extension}" ## TODO - We're doing this twice, why not just pull from the previously generated file checksum_value=$(run_as_user ${checksum_command} "${target}" | awk ' { print $1}') print_debug "${checksum_extension^^}: ${checksum_value} - ${target}" @@ -723,6 +726,7 @@ move_dbbackup() { print_notice "Backup of ${target} created with the size of ${filesize}" fi + chmod ${DB_DUMP_TARGET_PERMISSION} "${TEMP_LOCATION}"/"${target}" case "${BACKUP_LOCATION,,}" in "file" | "filesystem" ) print_debug "Moving backup to filesystem"