dc08375ad0
- teardown_all.sh: replace `yes |` pipeline with `< <(yes)` process
substitution to avoid SIGPIPE (exit 141) false failures under pipefail
- phase6_teardown.sh: extract push mirror `.id` instead of `.remote_name`
to match the DELETE /push_mirrors/{id} API contract
- phase5_migrate_pipelines.sh: expand sed regex from `[a-z_]*` to
`[a-z_.]*` to handle nested GitHub contexts like
`github.event.pull_request.number`
- lib/common.sh: render_template now requires explicit variable list to
prevent envsubst from eating Nginx variables ($host, $proxy_add_...)
- backup scripts: remove MacBook relay, use direct Unraid↔Fedora SCP;
fix dump path to write to /data/ (mounted volume) instead of /tmp/
(container-only); add unzip -t integrity verification
- preflight.sh: add --skip-port-checks flag for resuming with
--start-from (ports already bound by earlier phases)
- run_all.sh: update run_step to pass extra args; use --skip-port-checks
when --start-from > 1
- post-checks (phase4/7/9): wrap API calls in helper functions with
>/dev/null redirection instead of passing -o /dev/null as API data
- phase8: replace GitHub archiving with [MIRROR] description marking
and disable wiki/projects/Pages (archived repos reject push mirrors)
- restore_to_primary.sh: add require_vars for Fedora SSH variables
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
105 lines
4.8 KiB
Bash
Executable File
105 lines
4.8 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# =============================================================================
|
|
# backup/backup_primary.sh — Create a full Gitea backup (dump) and store on Fedora
|
|
# Depends on: Phase 1 complete (Gitea running on Unraid)
|
|
#
|
|
# What's in the dump:
|
|
# - SQLite database (users, tokens, SSH keys, OAuth, webhooks, org/team, issues)
|
|
# - All git repositories
|
|
# - app.ini config
|
|
#
|
|
# Steps:
|
|
# 1. Run `gitea dump` inside the container to create a zip archive
|
|
# 2. SCP the dump directly from Unraid to Fedora (no MacBook relay)
|
|
# 3. Verify archive integrity on Fedora
|
|
# 4. Clean up the dump from Unraid /tmp
|
|
# 5. Prune old backups beyond retention count
|
|
# 6. Print backup summary
|
|
# =============================================================================
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
|
|
source "${SCRIPT_DIR}/lib/common.sh"
|
|
|
|
load_env
|
|
require_vars UNRAID_IP UNRAID_SSH_USER UNRAID_GITEA_DATA_PATH \
|
|
FEDORA_IP FEDORA_SSH_USER \
|
|
BACKUP_STORAGE_PATH BACKUP_RETENTION_COUNT
|
|
|
|
log_info "=== Gitea Primary Backup ==="
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 1: Run gitea dump inside the container
|
|
# The -u git flag is important — gitea dump must run as the git user who
|
|
# owns the repository files. The dump is written to /data/ inside the
|
|
# container, which is mounted from ${DATA_PATH}/data on the host.
|
|
# Writing to /data/ (mounted volume) instead of /tmp/ (container-only
|
|
# filesystem) ensures the dump is accessible from the host for SCP.
|
|
# ---------------------------------------------------------------------------
|
|
DATA_PATH="$UNRAID_GITEA_DATA_PATH"
|
|
TIMESTAMP=$(date +%Y%m%d-%H%M%S)
|
|
DUMP_FILENAME="gitea-dump-${TIMESTAMP}.zip"
|
|
DUMP_CONTAINER_PATH="/data/${DUMP_FILENAME}"
|
|
DUMP_HOST_PATH="${DATA_PATH}/data/${DUMP_FILENAME}"
|
|
|
|
log_info "Creating Gitea dump on Unraid..."
|
|
ssh_exec UNRAID "docker exec -u git gitea gitea dump \
|
|
-c /data/gitea/conf/app.ini \
|
|
-f '${DUMP_CONTAINER_PATH}'"
|
|
log_success "Dump created: ${DUMP_FILENAME}"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 2: Transfer dump directly from Unraid to Fedora
|
|
# Uses SSH from Unraid to SCP the file to Fedora. This avoids relaying
|
|
# through the MacBook, which would be slow for large dumps and requires
|
|
# the MacBook to be online.
|
|
# ---------------------------------------------------------------------------
|
|
log_info "Transferring dump to Fedora backup storage..."
|
|
ssh_exec FEDORA "mkdir -p '${BACKUP_STORAGE_PATH}'"
|
|
|
|
FEDORA_PORT="${FEDORA_SSH_PORT:-22}"
|
|
ssh_exec UNRAID "scp -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new \
|
|
-o BatchMode=yes -P '${FEDORA_PORT}' \
|
|
'${DUMP_HOST_PATH}' '${FEDORA_SSH_USER}@${FEDORA_IP}:${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'"
|
|
log_success "Dump transferred to Fedora: ${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 3: Verify archive integrity on Fedora
|
|
# CRC-checks every file in the zip. If corrupt, set -e aborts before
|
|
# pruning old (known-good) backups.
|
|
# ---------------------------------------------------------------------------
|
|
log_info "Verifying archive integrity..."
|
|
ssh_exec FEDORA "unzip -t '${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'" >/dev/null
|
|
log_success "Archive integrity verified"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 4: Clean up dump from Unraid /tmp
|
|
# No reason to keep the dump on Unraid — it's on Fedora now.
|
|
# ---------------------------------------------------------------------------
|
|
ssh_exec UNRAID "rm -f '${DUMP_HOST_PATH}'"
|
|
log_info "Cleaned up dump from Unraid"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 5: Prune old backups beyond retention count
|
|
# Lists all gitea-dump-*.zip files sorted by time (newest first), then
|
|
# removes everything beyond BACKUP_RETENTION_COUNT.
|
|
# ---------------------------------------------------------------------------
|
|
log_info "Pruning old backups (keeping ${BACKUP_RETENTION_COUNT})..."
|
|
ssh_exec FEDORA "cd '${BACKUP_STORAGE_PATH}' && ls -t gitea-dump-*.zip 2>/dev/null | tail -n +\$((${BACKUP_RETENTION_COUNT}+1)) | xargs -r rm -f"
|
|
|
|
REMAINING=$(ssh_exec FEDORA "ls -1 '${BACKUP_STORAGE_PATH}'/gitea-dump-*.zip 2>/dev/null | wc -l" | xargs)
|
|
log_info "Backups remaining: ${REMAINING}"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Step 6: Summary
|
|
# ---------------------------------------------------------------------------
|
|
DUMP_SIZE=$(ssh_exec FEDORA "du -h '${BACKUP_STORAGE_PATH}/${DUMP_FILENAME}'" | awk '{print $1}')
|
|
|
|
printf '\n'
|
|
log_success "Backup complete"
|
|
log_info " File: ${DUMP_FILENAME}"
|
|
log_info " Size: ${DUMP_SIZE}"
|
|
log_info " Path: ${BACKUP_STORAGE_PATH}/${DUMP_FILENAME} (on Fedora)"
|
|
log_info " Total backups: ${REMAINING}"
|