#!/usr/bin/env bash set -euo pipefail # ============================================================================= # backup/backup_primary.sh — Create a full Gitea backup (dump) and store on Fedora # Depends on: Phase 1 complete (Gitea running on Unraid) # # What's in the dump: # - SQLite database (users, tokens, SSH keys, OAuth, webhooks, org/team, issues) # - All git repositories # - app.ini config # # Steps: # 1. Run `gitea dump` inside the container to create a zip archive # 2. SCP the dump directly from Unraid to Fedora (no MacBook relay) # 3. Verify archive integrity on Fedora # 4. Clean up the dump from Unraid /tmp # 5. Prune old backups beyond retention count # 6. Print backup summary # ============================================================================= SCRIPT_DIR="$(cd "$(dirname "$0")/.." && pwd)" source "${SCRIPT_DIR}/lib/common.sh" load_env require_vars UNRAID_IP UNRAID_SSH_USER UNRAID_GITEA_DATA_PATH \ FEDORA_IP FEDORA_SSH_USER \ BACKUP_STORAGE_PATH BACKUP_RETENTION_COUNT log_info "=== Gitea Primary Backup ===" # --------------------------------------------------------------------------- # Step 1: Run gitea dump inside the container # The -u git flag is important — gitea dump must run as the git user who # owns the repository files. The dump is written to /data/ inside the # container, which is mounted from ${DATA_PATH}/data on the host. # Writing to /data/ (mounted volume) instead of /tmp/ (container-only # filesystem) ensures the dump is accessible from the host for SCP. # --------------------------------------------------------------------------- DATA_PATH="$UNRAID_GITEA_DATA_PATH" TIMESTAMP=$(date +%Y%m%d-%H%M%S) DUMP_FILENAME="gitea-dump-${TIMESTAMP}.zip" DUMP_CONTAINER_PATH="/data/${DUMP_FILENAME}" DUMP_HOST_PATH="${DATA_PATH}/data/${DUMP_FILENAME}" log_info "Creating Gitea dump on Unraid..." ssh_exec UNRAID "docker exec -u git gitea gitea dump \ -c /data/gitea/conf/app.ini \ -f '${DUMP_CONTAINER_PATH}'" log_success "Dump created: ${DUMP_FILENAME}" # --------------------------------------------------------------------------- # Step 2: Transfer dump directly from Unraid to Fedora # Uses SSH from Unraid to SCP the file to Fedora. This avoids relaying # through the MacBook, which would be slow for large dumps and requires # the MacBook to be online. # --------------------------------------------------------------------------- log_info "Transferring dump to Fedora backup storage..." ssh_exec FEDORA "mkdir -p '${BACKUP_STORAGE_PATH}'" FEDORA_PORT="${FEDORA_SSH_PORT:-22}" ssh_exec UNRAID "scp -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new \ -o BatchMode=yes -P '${FEDORA_PORT}' \ '${DUMP_HOST_PATH}' '${FEDORA_SSH_USER}@${FEDORA_IP}:${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'" log_success "Dump transferred to Fedora: ${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}" # --------------------------------------------------------------------------- # Step 3: Verify archive integrity on Fedora # CRC-checks every file in the zip. If corrupt, set -e aborts before # pruning old (known-good) backups. # --------------------------------------------------------------------------- log_info "Verifying archive integrity..." ssh_exec FEDORA "unzip -t '${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'" >/dev/null log_success "Archive integrity verified" # --------------------------------------------------------------------------- # Step 4: Clean up dump from Unraid /tmp # No reason to keep the dump on Unraid — it's on Fedora now. # --------------------------------------------------------------------------- ssh_exec UNRAID "rm -f '${DUMP_HOST_PATH}'" log_info "Cleaned up dump from Unraid" # --------------------------------------------------------------------------- # Step 5: Prune old backups beyond retention count # Lists all gitea-dump-*.zip files sorted by time (newest first), then # removes everything beyond BACKUP_RETENTION_COUNT. # --------------------------------------------------------------------------- log_info "Pruning old backups (keeping ${BACKUP_RETENTION_COUNT})..." ssh_exec FEDORA "cd '${BACKUP_STORAGE_PATH}' && ls -t gitea-dump-*.zip 2>/dev/null | tail -n +\$((${BACKUP_RETENTION_COUNT}+1)) | xargs -r rm -f" REMAINING=$(ssh_exec FEDORA "ls -1 '${BACKUP_STORAGE_PATH}'/gitea-dump-*.zip 2>/dev/null | wc -l" | xargs) log_info "Backups remaining: ${REMAINING}" # --------------------------------------------------------------------------- # Step 6: Summary # --------------------------------------------------------------------------- DUMP_SIZE=$(ssh_exec FEDORA "du -h '${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'" | awk '{print $1}') printf '\n' log_success "Backup complete" log_info " File: ${DUMP_FILENAME}" log_info " Size: ${DUMP_SIZE}" log_info " Path: ${BACKUP_STORAGE_PATH}/${DUMP_FILENAME} (on Fedora)" log_info " Total backups: ${REMAINING}"