diff --git a/.metadata b/.metadata index 6825bd3..a3cad5f 100644 Binary files a/.metadata and b/.metadata differ diff --git a/.recipes/mediawiki_mariadb/README.md b/.recipes/mediawiki_mariadb/README.md new file mode 100644 index 0000000..e69de29 diff --git a/.recipes/mediawiki_mariadb/docker-compose.yml b/.recipes/mediawiki_mariadb/docker-compose.yml new file mode 100644 index 0000000..8b039e0 --- /dev/null +++ b/.recipes/mediawiki_mariadb/docker-compose.yml @@ -0,0 +1,49 @@ +# MediaWiki with MariaDB (optionally with extensions). +# +version: '3' +services: + # https://hub.docker.com/_/mediawiki + mediawiki: + # Activate only if there are extensions. + #build: ./docker/mediawiki + image: mediawiki:lts + restart: unless-stopped + # Take a look the possible public port collision. + ports: + - 8201:80 + links: + - database + volumes: + # Needs R/W UID:GID 33:33 (www-data:www-data). + - ./storage/volumes/mediawiki_images:/var/www/html/images + # After initial setup, download LocalSettings.php + # populate the following line and + # use compose to restart the mediawiki service. + # Needs read UID or GID 33 (www-data). + # - ./configs/LocalSettings.php:/var/www/html/LocalSettings.php:ro + extra_hosts: + - "host.docker.internal:host-gateway" + labels: + com.centurylinklabs.watchtower.enable: true + # https://hub.docker.com/_/mariadb + database: + image: mariadb:lts + restart: unless-stopped + volumes: + # Needs R/W UID:GID 999:999. + - ./storage/volumes/mysql:/var/lib/mysql + # Needs read UID 999. + - ./storage/volumes/mysql_conf_d:/etc/mysql/conf.d + - ./storage/volumes/mysql_init_d:/docker-entrypoint-initdb.d + environment: + MARIADB_AUTO_UPGRADE: "1" + MARIADB_INITDB_SKIP_TZINFO: "1" + MYSQL_DATABASE: mediawiki + MYSQL_USER: mediawiki + # https://passwordsgenerator.net/ + MYSQL_PASSWORD: secret-1 + MYSQL_ROOT_PASSWORD: secret-2 + extra_hosts: + - "host.docker.internal:host-gateway" + labels: + com.centurylinklabs.watchtower.enable: true diff --git a/.recipes/mediawiki_mariadb/docker/mediawiki/Dockerfile b/.recipes/mediawiki_mariadb/docker/mediawiki/Dockerfile new file mode 100644 index 0000000..10db9a2 --- /dev/null +++ b/.recipes/mediawiki_mariadb/docker/mediawiki/Dockerfile @@ -0,0 +1,8 @@ +# Adds the extensions. + +FROM mediawiki + +rm -Rf /var/www/html/extensions/EXTENSION_NAME && \ +git clone "https://gerrit.wikimedia.org/r/mediawiki/extensions/EXTENSION_NAME" \ + /var/www/html/extensions/EXTENSION_NAME && \ +chown -R www-data:www-data /var/www/html/extensions/EXTENSION_NAME diff --git a/.recipes/mediawiki_mariadb/storage/backups/dumps/.gitignore b/.recipes/mediawiki_mariadb/storage/backups/dumps/.gitignore new file mode 100644 index 0000000..d609aa1 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/backups/dumps/.gitignore @@ -0,0 +1,4 @@ +# Ignore everything in this directory except these files. +* +!.gitignore +!.rotate_folder.conf diff --git a/.recipes/mediawiki_mariadb/storage/backups/dumps/.rotate_folder.conf b/.recipes/mediawiki_mariadb/storage/backups/dumps/.rotate_folder.conf new file mode 100644 index 0000000..52d3802 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/backups/dumps/.rotate_folder.conf @@ -0,0 +1,9 @@ +# This is a shell script excerpt for configuration purposes only. +# Handle with care! Please don't put code here, only variables. + +CLASSES_PATTERN="^([^.]*)\..*\.$HOSTNAME\.(dmp|sql\.gz|tgz|log)$" +DOIT="yes" # if empty the script makes a dry run +# RETAIN_DAYS=7 # retains all files created within that many days +# RETAIN_WEEKS=4 # retains one file per week/month, +# RETAIN_MONTHS=12 # created within that many weeks/months + diff --git a/.recipes/mediawiki_mariadb/storage/backups/webcontent/.gitignore b/.recipes/mediawiki_mariadb/storage/backups/webcontent/.gitignore new file mode 100644 index 0000000..56e6b9b --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/backups/webcontent/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except these files. +* +!.gitignore diff --git a/.recipes/mediawiki_mariadb/storage/volumes/mediawiki_images/.gitignore b/.recipes/mediawiki_mariadb/storage/volumes/mediawiki_images/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/volumes/mediawiki_images/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/mediawiki_mariadb/storage/volumes/mysql/.gitignore b/.recipes/mediawiki_mariadb/storage/volumes/mysql/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/volumes/mysql/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/mediawiki_mariadb/storage/volumes/mysql_conf_d/.gitignore b/.recipes/mediawiki_mariadb/storage/volumes/mysql_conf_d/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/volumes/mysql_conf_d/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/mediawiki_mariadb/storage/volumes/mysql_init_d/.gitignore b/.recipes/mediawiki_mariadb/storage/volumes/mysql_init_d/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/mediawiki_mariadb/storage/volumes/mysql_init_d/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/mediawiki_mariadb/tools/backup.d/dumpdb_mysql.sh b/.recipes/mediawiki_mariadb/tools/backup.d/dumpdb_mysql.sh new file mode 100644 index 0000000..ee669d3 --- /dev/null +++ b/.recipes/mediawiki_mariadb/tools/backup.d/dumpdb_mysql.sh @@ -0,0 +1,174 @@ +#!/bin/bash +# +# A service script to backup the docker-composed Mediawiki instance. +# Dumps the MySQL/MariaDB database to the $BASE_DIR/storage/backups/dumps +# folder (by default). An optional parameter may change the target folder. +# +# This script gets the database credentials from MW's LocalSettings.php +# and calls the mysql_dumpdb worker script which should be installed in +# the same folder or somewhere in the path. +# +# Call as a Docker manager user (member of the docker Linux group) via cron. +# Uses the mysql_dumpdb utility which must be available on path. +# +# Author: Kovács Zoltán +# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html +# 2024-08-24 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# 2021-08-27 v0.1 Initial version. + +# Accepted environment variables and their defaults. +# +PAR_BASEDIR=${PAR_BASEDIR:-""} # Service's base folder +PAR_DUMPDIR=${PAR_DUMPDIR:-""} # Folder to dump within + +# Messages (maybe overridden by configuration). +# +MSG_DOCKERGRPNEED="You must be a member of the docker group." +MSG_DOESNOTRUN="This service doesn't run." +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGCONF="Fatal: missing config file" +MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file" +MSG_NONWRITE="The target directory isn't writable" +MSG_NOLOCATE="Cannot locate the database container." +MSG_NOPARAM="Missing PHP parameter" + +# Other initialisations. +# +CONFFILE="configs/LocalSettings.php" # MW's configuration file +DUMPDIR="storage/backups/dumps" # Folder to dump within +USER=${USER:-LOGNAME} # Fix for cron enviroment only +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in basename cat cut date dirname docker \ + find grep hostname id pwd tail xargs +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. +# +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Need to be root or a Docker manager user. +# +[[ "$USER" != 'root' ]] \ +&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \ +&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #" + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +BASE_DIR="$PAR_BASEDIR" +TEST_DIR="$SCRPATH" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# On failure gives it up here. +if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +CONFFILE="$BASE_DIR/$CONFFILE" +DUMPDIR="${PAR_DUMPDIR:-$BASE_DIR/$DUMPDIR}" + +# The dump target folder must be writable. +# +[[ ! -w "$DUMPDIR" ]] \ +&& echo "$MSG_NONWRITE: $DUMPDIR" >&2 && exit 1 + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Searches and parses the MW's LocalSettings.php file. +# +if [ ! -r "$CONFFILE" ]; then + echo "$MSG_MISSINGCONF $CONFFILE" >&2; exit 1 +fi +# +function parse { [[ -z "$1" ]] && return + # Gets the live lines containing the parameter. + value=$("$CAT" "$CONFFILE" | "$GREP" -ve '^#' | \ + "$GREP" -e "^$1" | "$TR" -d '\r') + # If multiple the last one to consider. + value=$(echo -e "$value" | "$TAIL" -n1) + # Right side of the equal sign W/O leading and trailing spaces and quotes. + value=$(echo -ne "$value" | "$CUT" -d'=' -f2 | "$XARGS") + # Removes the trailing semicolon (if any). + value=${value%;*} + echo -e "$value"; return +} +# Gives up here silently if the type of the database isn't MySQL. +[[ "$(parse "\$wgDBtype")" != 'mysql' ]] && exit 1 +# All parameters are mandatories. +MYCONTAINER="$(parse "\$wgDBserver")" +if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOPARAM \$wgDBserver" >&2; exit 1; fi +MYDATABASE="$(parse "\$wgDBname")" +if [ -z "$MYDATABASE" ]; then echo "$MSG_NOPARAM \$wgDBname" >&2; exit 1; fi +MYUSER="$(parse "\$wgDBuser")" +if [ -z "$MYUSER" ]; then echo "$MSG_NOPARAM \$wgDBuser" >&2; exit 1; fi +MYPASSWORD="$(parse "\$wgDBpassword")" +if [ -z "$MYPASSWORD" ]; then echo "$MSG_NOPARAM \$wgDBpassword" >&2; exit 1; fi +# We've the configuration parsed. + +# Converts the database service name to an actual running container's name. +# +MYCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandtring ps -q "$MYCONTAINER") | "$CUT" -c2-)" +# Gives up here if failed. +if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi + +# Locates the worker script (in PATH or in this script's folder). +# +MYSQL_DUMPDB=$(which mysql_dumpdb) +if [ -z "$MYSQL_DUMPDB" -a -x "$("$DIRNAME" "$0")/mysql_dumpdb" ]; then + MYSQL_DUMPDB="$SCRPATH/mysql_dumpdb" +fi +if [ -z "$MYSQL_DUMPDB" ]; then echo "$MSG_MISSINGDEP mysql_dumpdb."; exit 1 ; fi + +# Tries the DB backup. +# +if [ -n "$MYSQL_DUMPDB" -a -w "$DUMPDIR" ]; then + BACKUP_NAME=$MYDATABASE.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME") + ( cd "$DUMPDIR" + export MYCONTAINER MYUSER MYPASSWORD + "$MYSQL_DUMPDB" --compress "$MYDATABASE" "$DUMPDIR/$BACKUP_NAME.sql" \ + 2>>"$DUMPDIR/$BACKUP_NAME.log" + ) +fi + +# That's all, Folks! :) diff --git a/.recipes/mediawiki_mariadb/tools/backup.d/storage_backup.sh b/.recipes/mediawiki_mariadb/tools/backup.d/storage_backup.sh new file mode 100644 index 0000000..9ac4703 --- /dev/null +++ b/.recipes/mediawiki_mariadb/tools/backup.d/storage_backup.sh @@ -0,0 +1,125 @@ +#!/bin/bash +# +# A service script to backup the relevant storage (config, images) +# of a docker-composed Mediawiki instance. Creates a tarball in +# $BASE_DIR/storage/backups/tarballs folder (by default). An optional +# parameter may change the target folder. +# +# Call as a Docker manager user (member of the docker Linux group) via cron. +# +# Author: Kovács Zoltán +# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html +# 2024-08-24 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# 2021-09-01 v0.1 Initial version. + +# Accepted environment variables and their defaults. +# +PAR_BASEDIR=${PAR_BASEDIR:-""} # Service's base folder +PAR_BACKUPDIR=${PAR_BACKUPDIR:-""} # Folder to dump within + +# Messages (maybe overridden by configuration). +# +MSG_DOCKERGRPNEED="You must be a member of the docker group." +MSG_DOESNOTRUN="This service doesn't run." +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file" +MSG_NONWRITE="The target directory isn't writable" +MSG_NOLOCATE="Cannot locate the Mediawiki container." + +# Other initialisations. +# +BACKUPDIR="storage/backups/tarballs" # Folder to dump within +SERVICENAME="mediawiki" # The composed MediaWiki service +USER=${USER:-LOGNAME} # Fix for cron enviroment only +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in basename cat cut date dirname docker \ + find grep hostname id pwd tail xargs +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. +# +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Need to be root or a Docker manager user. +# +[[ "$USER" != 'root' ]] \ +&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \ +&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #" + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +BASE_DIR="$PAR_BASEDIR" +TEST_DIR="$SCRPATH" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# On failure gives it up here. +if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +BACKUPDIR="${PAR_BACKUPDIR:-$BASE_DIR/$BACKUPDIR}" + +# The dump target folder must be writable. +# +[[ ! -w "$BACKUPDIR" ]] \ +&& echo "$MSG_NONWRITE: $BACKUPDIR" >&2 && exit 1 + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Converts the Mediawiki service name to an actual running container's name. +# +MWCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps -q "$SERVICENAME") | "$CUT" -c2-)" +# Gives up here if failed. +if [ -z "$MWCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi + +# Tries the FS backup. +if [ -w "$BACKUPDIR" ]; then + BACKUP_NAME=$MWCONTAINER.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME") + "$DOCKER" exec $MWCONTAINER sh \ + -c "cd /var/www/html; tar cz LocalSettings.php images" \ + > "$BACKUPDIR/$BACKUP_NAME.tgz" 2>>"$BACKUPDIR/$BACKUP_NAME.log" +fi + +# That's all, Folks! :) diff --git a/.recipes/mediawiki_mariadb/tools/backup.d/storage_gitbackup.sh b/.recipes/mediawiki_mariadb/tools/backup.d/storage_gitbackup.sh new file mode 100644 index 0000000..1023b87 --- /dev/null +++ b/.recipes/mediawiki_mariadb/tools/backup.d/storage_gitbackup.sh @@ -0,0 +1,162 @@ +#!/bin/bash +# +# Humble tool to commit the content of a docker-composed MediaWiki service's +# upload files into a git repository to make a daily backup of documents. +# Also makes the repository with a metastore file if doesn't exist yet. +# +# This script called usually by the cron (but indirectly). +# Depends loosely on metastore package, which isn't absolutely necessary, +# but strongly recommended to backup file time attributes and permissions, +# which the git tool doesn't do. +# +# Author: Kovács Zoltán +# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html) +# 2024-08-25 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# mod: Doesn't do backup if the service is down. +# 2021-11-21 v0.1 Initial release + +# Accepted environment variables and their defaults. +# +BOTEMAIL=${BOTEMAIL:-"backupbot@example.com"} # Git repo owner's email (fake) +BOTNAME=${BOTNAME:-"Backup Bot"} # Git repo owner's name (fake) +SERVICE_BASE=${PAR_BASEDIR:-""} # Corresponding service's base +GITDIR=${PAR_GITDIR:-""} # Folder containing .git +SOURCEDIR=${PAR_BACKUPDIR:-""} # Folder to backup into git + +# Basic environment settings. +# +LANG=C +LC_ALL=C +# We need also the sbin directories. +if ! [[ "$PATH" =~ '/sbin:' ]]; then +PATH="$PATH:/usr/local/sbin:/usr/sbin:/sbin"; fi + +# Messages. +# +MSG_GITCOMMIT="Automated backup" +MSG_MISSINGBASE="Fatal: missing SERVICE_BASE" +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGGIT="Fatal: unable to find the backup (git) folder" +MSG_MISSINGSOURCE="Fatal: unable to find the source folder" +MSG_WRONGGIT="Fatal: unusable backup (git) folder" + +# Other initialisations. +# +GITPATH="storage/backups/webcontent" +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in cut date dirname docker git readlink +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +# +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +TEST_DIR="$SCRPATH" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# On failure gives it up here. +if [ -z "$SERVICE_BASE" -o ! -r "$SERVICE_BASE/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +BACKUPDIR="${PAR_BACKUPDIR:-$SERVICE_BASE/$BACKUPDIR}" + +# Locates the source folder. +# +# Maybe given as a command line parameter. +[[ -n "$1" ]] && SOURCEDIR="$1" && shift +[[ -z "$SOURCEDIR" ]] && SOURCEDIR="$SERVICE_BASE/storage/volumes/wordpress_html" +# Gives up here if doesn't found. +if [ -z "$SOURCEDIR" -o ! -d "$("$READLINK" -e "$SOURCEDIR")" ]; then + echo "$MSG_MISSINGSOURCE $SOURCEDIR"; exit 1 +fi + +# Locates the backup (git) folder. +# +# Maybe given as a command line parameter. +[[ -n "$1" ]] && GITDIR="$1" && shift +[[ -z "$GITDIR" ]] && GITDIR="$SERVICE_BASE/$GITPATH" +# Gives up here if doesn't found. +if [ -z "$GITDIR" -o ! -d "$("$READLINK" -e "$GITDIR")" ]; then + echo "$MSG_MISSINGGIT $GITDIR"; exit 1 +fi +# Does it writable? +( cd "$GITDIR" 2>/dev/null + if [ ! "$PWD" = "$GITDIR" -o ! -w "$PWD" ]; then + echo "$MSG_WRONGGIT $GITDIR"; exit 1 + fi +) || exit 1 +# We've the folders localized. + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Attempts the backup commit. +# +# Initializes the git backup if it doesn't exist yet. +if [ ! -d "$GITDIR/.git" ]; then + # Initializes the repo itself. + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" init --quiet + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.name "$BOTNAME" + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.email "$BOTEMAIL" +fi +# Stages all the files and non-empty folders. +"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add . >/dev/null +# Stores the file system metadata as well, if the tool has been installed. +if [ ! -z "$(which metastore)" -a -x "$(which metastore)" ]; then + # This commamd silently creates the metastore file if it doesnt' exist yet. + ( cd "$SOURCEDIR" + "$(which metastore)" -smqq --file ".metadata" + ) + # Stages it as well. + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add ".metadata" >/dev/null +fi +# Makes the commit. +"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" commit --quiet -m "'$MSG_GITCOMMIT $("$DATE" '+%Y%m%d-%H%M%S')'" +# Git done. + +# That's all, Folks! :) diff --git a/.recipes/wordpress_mariadb/README.md b/.recipes/wordpress_mariadb/README.md new file mode 100644 index 0000000..e69de29 diff --git a/.recipes/wordpress_mariadb/docker-compose.yml b/.recipes/wordpress_mariadb/docker-compose.yml new file mode 100644 index 0000000..1de45b8 --- /dev/null +++ b/.recipes/wordpress_mariadb/docker-compose.yml @@ -0,0 +1,62 @@ +# Wordpress with MariaDB +# +version: '3' +services: + # https://hub.docker.com/_/wordpress + # https://github.com/docker-library/docs/tree/master/wordpress + wordpress: + image: wordpress:latest + restart: unless-stopped + # Take a look the possible public port collision. + ports: + - 8201:80 + links: + - database + volumes: + # Needs R/W UID:GID 33:33 (www-data:www-data). + - ./storage/volumes/wordpress_html:/var/www/html + environment: + # These variables matter only for a new instance. + # In the case of migration take care the wp-config.php. + WORDPRESS_DB_HOST: database + WORDPRESS_DB_NAME: wordpress + WORDPRESS_DB_USER: wordpress + WORDPRESS_DB_PASSWORD: secret-1 + # https://api.wordpress.org/secret-key/1.1/salt/ or + # https://passwordsgenerator.net/ + WORDPRESS_AUTH_KEY: fill_in + WORDPRESS_SECURE_AUTH_KEY: fill_in + WORDPRESS_LOGGED_IN_KEY: fill_in + WORDPRESS_NONCE_KEY: fill_in + WORDPRESS_AUTH_SALT: fill_in + WORDPRESS_SECURE_AUTH_SALT: fill_in + WORDPRESS_LOGGED_IN_SALT: fill_in + WORDPRESS_NONCE_SALT: fill_in + extra_hosts: + - "host.docker.internal:host-gateway" + labels: + com.centurylinklabs.watchtower.enable: true + # https://hub.docker.com/_/mariadb + database: + image: mariadb:lts + restart: unless-stopped + # ports: + # - 3306:3306 + volumes: + # Needs R/W UID:GID 999:999. + - ./storage/volumes/mysql:/var/lib/mysql + # Needs read UID 999. + - ./storage/volumes/mysql_conf_d:/etc/mysql/conf.d + - ./storage/volumes/mysql_init_d:/docker-entrypoint-initdb.d + environment: + MARIADB_AUTO_UPGRADE: "1" + MARIADB_INITDB_SKIP_TZINFO: "1" + MYSQL_DATABASE: wordpress + MYSQL_USER: wordpress + # https://passwordsgenerator.net/ + MYSQL_PASSWORD: secret-1 + MYSQL_ROOT_PASSWORD: secret-2 + extra_hosts: + - "host.docker.internal:host-gateway" + labels: + com.centurylinklabs.watchtower.enable: true diff --git a/.recipes/wordpress_mariadb/storage/backups/dumps/.gitignore b/.recipes/wordpress_mariadb/storage/backups/dumps/.gitignore new file mode 100644 index 0000000..d609aa1 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/backups/dumps/.gitignore @@ -0,0 +1,4 @@ +# Ignore everything in this directory except these files. +* +!.gitignore +!.rotate_folder.conf diff --git a/.recipes/wordpress_mariadb/storage/backups/dumps/.rotate_folder.conf b/.recipes/wordpress_mariadb/storage/backups/dumps/.rotate_folder.conf new file mode 100644 index 0000000..52d3802 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/backups/dumps/.rotate_folder.conf @@ -0,0 +1,9 @@ +# This is a shell script excerpt for configuration purposes only. +# Handle with care! Please don't put code here, only variables. + +CLASSES_PATTERN="^([^.]*)\..*\.$HOSTNAME\.(dmp|sql\.gz|tgz|log)$" +DOIT="yes" # if empty the script makes a dry run +# RETAIN_DAYS=7 # retains all files created within that many days +# RETAIN_WEEKS=4 # retains one file per week/month, +# RETAIN_MONTHS=12 # created within that many weeks/months + diff --git a/.recipes/wordpress_mariadb/storage/backups/webcontent/.gitignore b/.recipes/wordpress_mariadb/storage/backups/webcontent/.gitignore new file mode 100644 index 0000000..56e6b9b --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/backups/webcontent/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except these files. +* +!.gitignore diff --git a/.recipes/wordpress_mariadb/storage/volumes/.gitignore b/.recipes/wordpress_mariadb/storage/volumes/.gitignore new file mode 100644 index 0000000..cb55aa2 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/volumes/.gitignore @@ -0,0 +1,7 @@ +# Ignore everything in this directory except this folders. +* +!.gitignore +!wordpress_html +!mysql +!mysql_conf_d +!mysql_init_d diff --git a/.recipes/wordpress_mariadb/storage/volumes/mysql/.gitignore b/.recipes/wordpress_mariadb/storage/volumes/mysql/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/volumes/mysql/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/wordpress_mariadb/storage/volumes/mysql_conf_d/.gitignore b/.recipes/wordpress_mariadb/storage/volumes/mysql_conf_d/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/volumes/mysql_conf_d/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/wordpress_mariadb/storage/volumes/mysql_init_d/.gitignore b/.recipes/wordpress_mariadb/storage/volumes/mysql_init_d/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/volumes/mysql_init_d/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/wordpress_mariadb/storage/volumes/wordpress_html/.gitignore b/.recipes/wordpress_mariadb/storage/volumes/wordpress_html/.gitignore new file mode 100644 index 0000000..73943c9 --- /dev/null +++ b/.recipes/wordpress_mariadb/storage/volumes/wordpress_html/.gitignore @@ -0,0 +1,3 @@ +# Ignore everything in this directory except this file. +* +!.gitignore diff --git a/.recipes/wordpress_mariadb/tools/backup.d/dumpdb_mysql.sh b/.recipes/wordpress_mariadb/tools/backup.d/dumpdb_mysql.sh new file mode 100644 index 0000000..02f3f61 --- /dev/null +++ b/.recipes/wordpress_mariadb/tools/backup.d/dumpdb_mysql.sh @@ -0,0 +1,171 @@ +#!/bin/bash +# +# A service script to backup the docker-composed WordPress instance. +# Dumps the MySQL/MariaDB database to the $BASE_DIR/storage/backups/dumps +# folder (by default). An optional parameter may change the target folder. +# +# This script gets the database credentials from the docker-compose.yml file +# and calls the mysql_dumpdb worker script which should be installed in +# the same folder or somewhere in the path. +# +# Call as a Docker manager user (member of the docker Linux group) via cron. +# +# Author: Kovács Zoltán +# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html +# 2024-08-25 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# 2021-10-19 v0.1 Initial version. + +# Accepted environment variables and their defaults. +# +PAR_BASEDIR=${PAR_BASEDIR:-""} # Service's base folder +PAR_DUMPDIR=${PAR_DUMPDIR:-""} # Folder to dump within + +# Messages (maybe overridden by configuration). +# +MSG_DOCKERGRPNEED="You must be a member of the docker group." +MSG_DOESNOTRUN="This service doesn't run." +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGCONF="Fatal: missing config file" +MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file" +MSG_NONWRITE="The target directory isn't writable" +MSG_NOLOCATE="Cannot locate the database container." +MSG_NOPARAM="Missing environment parameter" + +# Other initialisations. +# +CONFFILE="docker-compose.yml" # Configuration file +DUMPDIR="storage/backups/dumps" # Folder to dump within +USER=${USER:-LOGNAME} # Fix for cron enviroment only +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in basename cat cut date dirname docker \ + find grep hostname id pwd tail xargs +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. +# +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Need to be root or a Docker manager user. +# +[[ "$USER" != 'root' ]] \ +&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \ +&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #" + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +BASE_DIR="$PAR_BASEDIR" +TEST_DIR="$SCRPATH" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# On failure gives it up here. +if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +CONFFILE="$BASE_DIR/$CONFFILE" +DUMPDIR="${PAR_DUMPDIR:-$BASE_DIR/$DUMPDIR}" + +# The dump target folder must be writable. +# +[[ ! -w "$DUMPDIR" ]] \ +&& echo "$MSG_NONWRITE: $DUMPDIR" >&2 && exit 1 + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Searches and parses the config file. +# +if [ ! -r "$CONFFILE" ]; then + echo "$MSG_MISSINGCONF $CONFFILE" >&2; exit 1 +fi +# +function parse { [[ -z "$1" ]] && return + # Gets the live lines containing the parameter. + value=$("$CAT" "$CONFFILE" | "$GREP" -ve '^#' | \ + "$GREP" -e "$1" | "$TR" -d '\r') + # If multiple the last one to consider. + value=$(echo -e "$value" | "$TAIL" -n1) + # Right side of the colon W/O leading and trailing spaces and quotes. + value=$(echo -ne "$value" | "$CUT" -d':' -f2 | "$XARGS") + # Removes the trailing semicolon (if any). + value=${value%;*} + echo -e "$value"; return +} +# All parameters are mandatories. +MYCONTAINER="$(parse "WORDPRESS_DB_HOST")" +if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOPARAM WORDPRESS_DB_HOST" >&2; exit 1; fi +MYDATABASE="$(parse "WORDPRESS_DB_NAME")" +if [ -z "$MYDATABASE" ]; then echo "$MSG_NOPARAM WORDPRESS_DB_NAME" >&2; exit 1; fi +MYUSER="$(parse "WORDPRESS_DB_USER")" +if [ -z "$MYUSER" ]; then echo "$MSG_NOPARAM WORDPRESS_DB_USER" >&2; exit 1; fi +MYPASSWORD="$(parse "WORDPRESS_DB_PASSWORD")" +if [ -z "$MYPASSWORD" ]; then echo "$MSG_NOPARAM WORDPRESS_DB_PASSWORD" >&2; exit 1; fi +# We've the configuration parsed. + +# Converts the database service name to an actual running container's name. +# +MYCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps -q "$MYCONTAINER") | "$CUT" -c2-)" +# Gives up here if failed. +if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi + +# Locates the worker script (in PATH or in this script's folder). +# +MYSQL_DUMPDB=$(which mysql_dumpdb) +if [ -z "$MYSQL_DUMPDB" -a -x "$("$DIRNAME" "$0")/mysql_dumpdb" ]; then + MYSQL_DUMPDB="$SCRPATH/mysql_dumpdb" +fi +if [ -z "$MYSQL_DUMPDB" ]; then echo "$MSG_MISSINGDEP mysql_dumpdb."; exit 1 ; fi + +# Tries the DB backup. +# +if [ -n "$MYSQL_DUMPDB" -a -w "$DUMPDIR" ]; then + BACKUP_NAME=$MYDATABASE.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME") + ( cd "$DUMPDIR" + export MYCONTAINER MYUSER MYPASSWORD + "$MYSQL_DUMPDB" --compress "$MYDATABASE" "$DUMPDIR/$BACKUP_NAME.sql" \ + 2>>"$DUMPDIR/$BACKUP_NAME.log" + ) +fi + +# That's all, Folks! :) diff --git a/.recipes/wordpress_mariadb/tools/backup.d/storage_backup.sh b/.recipes/wordpress_mariadb/tools/backup.d/storage_backup.sh new file mode 100644 index 0000000..5e685e2 --- /dev/null +++ b/.recipes/wordpress_mariadb/tools/backup.d/storage_backup.sh @@ -0,0 +1,125 @@ +#!/bin/bash +# +# A service script to backup the relevant storage (config, images) +# of a docker-composed Wordpress instance. Creates a tarball in +# $BASE_DIR/storage/backups/tarballs folder (by default). An optional +# parameter may change the target folder. +# +# Call as a Docker manager user (member of the docker Linux group) via cron. +# +# Author: Kovács Zoltán +# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html +# 2024-08-25 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# 2021-10-19 v0.1 Initial version. + +# Accepted environment variables and their defaults. +# +PAR_BASEDIR=${PAR_BASEDIR:-""} # Service's base folder +PAR_BACKUPDIR=${PAR_BACKUPDIR:-""} # Folder to dump within + +# Messages (maybe overridden by configuration). +# +MSG_DOCKERGRPNEED="You must be a member of the docker group." +MSG_DOESNOTRUN="This service doesn't run." +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file" +MSG_NONWRITE="The target directory isn't writable" +MSG_NOLOCATE="Cannot locate the Mediawiki container." + +# Other initialisations. +# +BACKUPDIR="storage/backups/tarballs" # Folder to dump within +SERVICENAME="wordpress" # The composed WordPress service +USER=${USER:-LOGNAME} # Fix for cron enviroment only +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in basename cat cut date dirname docker \ + find grep hostname id pwd tail xargs +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. +# +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Need to be root or a Docker manager user. +# +[[ "$USER" != 'root' ]] \ +&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \ +&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #" + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +BASE_DIR="$PAR_BASEDIR" +TEST_DIR="$SCRPATH" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR" +# On failure gives it up here. +if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +BACKUPDIR="${PAR_BACKUPDIR:-$BASE_DIR/$BACKUPDIR}" + +# The dump target folder must be writable. +# +[[ ! -w "$BACKUPDIR" ]] \ +&& echo "$MSG_NONWRITE: $BACKUPDIR" >&2 && exit 1 + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Converts the WordPress service name to an actual running container's name. +# +WPCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandline ps -q "$SERVICENAME") | "$CUT" -c2-)" +# Gives up here if failed. +if [ -z "$WPCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi + +# Tries the FS backup. +if [ -w "$BACKUPDIR" ]; then + BACKUP_NAME=$WPCONTAINER.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME") + "$DOCKER" exec $WPCONTAINER sh \ + -c "cd /var/www/html; tar cz ." \ + > "$BACKUPDIR/$BACKUP_NAME.tgz" 2>>"$BACKUPDIR/$BACKUP_NAME.log" +fi + +# That's all, Folks! :) diff --git a/.recipes/wordpress_mariadb/tools/backup.d/storage_gitbackup.sh b/.recipes/wordpress_mariadb/tools/backup.d/storage_gitbackup.sh new file mode 100644 index 0000000..e767256 --- /dev/null +++ b/.recipes/wordpress_mariadb/tools/backup.d/storage_gitbackup.sh @@ -0,0 +1,162 @@ +#!/bin/bash +# +# Humble tool to commit the content of a docker-composed WordPress service's +# web files into a git repository to make a daily backup of documents. +# Also makes the repository with a metastore file if doesn't exist yet. +# +# This script called usually by the cron (but indirectly). +# Depends loosely on metastore package, which isn't absolutely necessary, +# but strongly recommended to backup file time attributes and permissions, +# which the git tool doesn't do. +# +# Author: Kovács Zoltán +# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html) +# 2024-08-25 v0.2 +# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS. +# mod: Doesn't do backup if the service is down. +# 2021-11-21 v0.1 Initial release + +# Accepted environment variables and their defaults. +# +BOTEMAIL=${BOTEMAIL:-"backupbot@example.com"} # Git repo owner's email (fake) +BOTNAME=${BOTNAME:-"Backup Bot"} # Git repo owner's name (fake) +SERVICE_BASE=${PAR_BASEDIR:-""} # Corresponding service's base +GITDIR=${PAR_GITDIR:-""} # Folder containing .git +SOURCEDIR=${PAR_BACKUPDIR:-""} # Folder to backup into git + +# Basic environment settings. +# +LANG=C +LC_ALL=C +# We need also the sbin directories. +if ! [[ "$PATH" =~ '/sbin:' ]]; then +PATH="$PATH:/usr/local/sbin:/usr/sbin:/sbin"; fi + +# Messages. +# +MSG_GITCOMMIT="Automated backup" +MSG_MISSINGBASE="Fatal: missing SERVICE_BASE" +MSG_MISSINGDEP="Fatal: missing dependency" +MSG_MISSINGGIT="Fatal: unable to find the backup (git) folder" +MSG_MISSINGSOURCE="Fatal: unable to find the source folder" +MSG_WRONGGIT="Fatal: unusable backup (git) folder" + +# Other initialisations. +# +GITPATH="storage/backups/webcontent" +YMLFILE="docker-compose.yml" + +# Checks the dependencies. +# +TR=$(which tr 2>/dev/null) +if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi +for item in cut date dirname git readlink +do + if [ -n "$(which $item)" ] + then export $(echo $item | "$TR" '[:lower:]' '[:upper:]')=$(which $item) + else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi +done +# All dependencies are available via "$THECOMMAND" (upper case) call. + +# Where I'm? +# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782 +# +SOURCE="$0" +while [ -h "$SOURCE" ]; do + # resolve $SOURCE until the file is no longer a symlink + SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + SOURCE="$("$READLINK" "$SOURCE")" + # if $SOURCE was a relative symlink, we need to resolve it + # relative to the path where the symlink file was located + [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE" +done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #" + +# Let's find which version of docker-compose is installed. +if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then + # We'll use v2 if it is available. + DOCKER_COMPOSE="$DOCKER" + commandstring="compose" +else + # Otherwise falling back to v1. + DOCKER_COMPOSE="$(which docker-compose)" + commandstring="" +fi +# One of the two is mandatory. +if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi +# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence. + +# Searches the base folder, containing a docker-compose.yml file. +# +# Called from the base folder (./)? +TEST_DIR="$SCRPATH" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# Called from ./tools? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# Called from ./tools/*.d? +TEST_DIR="$("$DIRNAME" "$TEST_DIR")" +[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR" +# On failure gives it up here. +if [ -z "$SERVICE_BASE" -o ! -r "$SERVICE_BASE/$YMLFILE" ]; then + echo "$MSG_MISSINGYML" >&2; exit 1 +fi +# Sets the absolute paths. +BACKUPDIR="${PAR_BACKUPDIR:-$SERVICE_BASE/$BACKUPDIR}" + +# Locates the source folder. +# +# Maybe given as a command line parameter. +[[ -n "$1" ]] && SOURCEDIR="$1" && shift +[[ -z "$SOURCEDIR" ]] && SOURCEDIR="$SERVICE_BASE/storage/volumes/wordpress_html" +# Gives up here if doesn't found. +if [ -z "$SOURCEDIR" -o ! -d "$("$READLINK" -e "$SOURCEDIR")" ]; then + echo "$MSG_MISSINGSOURCE $SOURCEDIR"; exit 1 +fi + +# Locates the backup (git) folder. +# +# Maybe given as a command line parameter. +[[ -n "$1" ]] && GITDIR="$1" && shift +[[ -z "$GITDIR" ]] && GITDIR="$SERVICE_BASE/$GITPATH" +# Gives up here if doesn't found. +if [ -z "$GITDIR" -o ! -d "$("$READLINK" -e "$GITDIR")" ]; then + echo "$MSG_MISSINGGIT $GITDIR"; exit 1 +fi +# Does it writable? +( cd "$GITDIR" 2>/dev/null + if [ ! "$PWD" = "$GITDIR" -o ! -w "$PWD" ]; then + echo "$MSG_WRONGGIT $GITDIR"; exit 1 + fi +) || exit 1 +# We've the folders localized. + +# The service must be running - silently gives up here if not. +# +[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \ +&& exit 1 + +# Attempts the backup commit. +# +# Initializes the git backup if it doesn't exist yet. +if [ ! -d "$GITDIR/.git" ]; then + # Initializes the repo itself. + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" init --quiet + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.name "$BOTNAME" + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.email "$BOTEMAIL" +fi +# Stages all the files and non-empty folders. +"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add . >/dev/null +# Stores the file system metadata as well, if the tool has been installed. +if [ ! -z "$(which metastore)" -a -x "$(which metastore)" ]; then + # This commamd silently creates the metastore file if it doesnt' exist yet. + ( cd "$SOURCEDIR" + "$(which metastore)" -smqq --file ".metadata" + ) + # Stages it as well. + "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add ".metadata" >/dev/null +fi +# Makes the commit. +"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" commit --quiet -m "'$MSG_GITCOMMIT $("$DATE" '+%Y%m%d-%H%M%S')'" +# Git done. + +# That's all, Folks! :) diff --git a/setpermissions.sh b/setpermissions.sh index 6bb4017..6872ea0 100644 --- a/setpermissions.sh +++ b/setpermissions.sh @@ -42,8 +42,8 @@ fi # with a valid pathname inside. # if [ -n "$(which awk)" -a -n "$(which cut)" -a -n "$(which find)" -a -n "$(which ln)" ]; then - # Files containing maximum 1 line. - IFS=$'\n' read -r -d '' -a SUSPECTS < <( (find "$SCRPATH" -type f -exec awk 'END { if (NR < 2) print FILENAME }' {} \;) && printf '\0' ) + # Files containing maximum 1 line - the .metadata store is a special exception. + IFS=$'\n' read -r -d '' -a SUSPECTS < <( (find "$SCRPATH" ! -name '.metadata' -type f -exec awk 'END { if (NR < 2) print FILENAME }' {} \;) && printf '\0' ) # Enumerates these files. for suspect in "${SUSPECTS[@]}" do