public_git
/
ansible-role-mariadb-debian
mirror of https://github.com/fauust/ansible-role-mariadb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Implement automated exports and backup

This commit is contained in:
Faustin Lammler 2025-03-20 14:28:45 +01:00
parent 2cf834ceb1
commit f13509d37f
No known key found for this signature in database
GPG Key ID: 390A2F27832A5C79
1 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
.github/workflows/backup.yml vendored Normal file
View File

@ -0,0 +1,56 @@
---
name: backup
on:
schedule:
- cron: "32 00 * * *"
jobs:
backup:
runs-on: ubuntu-latest
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
REPO: ${{ github.repository }}
RESTIC_PASSWORD: ${{ secrets.RESTIC_PASSWORD }}
RESTIC_REPOSITORY_URL: ${{ secrets.RESTIC_REPOSITORY }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
# - uses: actions/checkout@v4
- name: Install requirements
run: |
sudo apt-get update
sudo apt-get -y install restic
- name: Trigger backup export
run: |
ID=$(gh api --method POST /user/migrations \
--raw-field "repositories[]=$REPO" \
--field lock_repositories=false \
--field exclude_git_data=true --jq '.id')
# define some ENV vars needed below
echo "EXPORT_ID=$ID" >>$GITHUB_ENV
echo "REPO_NAME=${{ github.event.repository.name }}" >> $GITHUB_ENV
- name: Wait until backup is finished
run: |
while true; do
STATE=$(gh api --method GET "/user/migrations/$EXPORT_ID" --jq '.state')
[[ $STATE == "exported" ]] && break
sleep 10
done
- name: Download backup
run: |
ARCHIVE_URL=$(gh api --method GET "/user/migrations/$EXPORT_ID" --jq '.archive_url')
curl -L -H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $GH_TOKEN" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-o "archive.tgz" "$ARCHIVE_URL"
- name: Export backup
run: |
export RESTIC_REPOSITORY=$RESTIC_REPOSITORY_URL/$REPO_NAME
# init repository if necessary
if ! restic cat config >/dev/null 2>&1; then
restic init
fi
restic backup --host gh-runner --stdin --stdin-filename archive.tgz <./archive.tgz
restic forget --prune --keep-within 6m
restic check