Jump to: navigation, search

Gerrit server backup

Goal: create a cronjob that sends a tar backup of Gerrit.

Contents

On linode01.ovirt.org

  • Create Gerrit backup user, saving the password in /root/passwords:
useradd gerrit-backup
passwd gerrit-backup
  • Create SSH key structure:
touch /home/gerrit-backup/.ssh/authorized_keys
vi /home/gerrit-backup/.ssh/authorized_keys # add id_rsa.pub contents
chmod 644 /home/gerrit-backup/.ssh/authorized_keys 
chmod 700 /home/gerrit-backup/.ssh/
  • Create backup directory and sub-dir tree:
mkdir -p /home/gerrit-backup/backup/src

On gerrit.ovirt.org

Backup git source directories

  • Switch to the Gerrit user:
su - gerrit2
  • Create an SSH key without a passphrase, then copy the public key for the authorized_keys file on the remote host:
ssh-keygen # set no passphrase
cat .ssh/id_rsa.pub
  • Prepare backup script:
mkdir /home/gerrit2/bin
vi bin/gerrit-backup.sh
  • Bash script to remotely backup git repository directories using rsync over ssh:
#!/bin/bash
#
# Gerrit backup script - git source backup
#
# 0.1 Alpha - 20111207 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
#

# Set variables
RSYNC="/usr/bin/rsync"
RSYNCOPTS="-az -e"
SSH="/usr/bin/ssh"
GITSRC="/usr/local/src/git/"
REMOTEUSER="gerrit-backup"
REMOTEHOST="ovirt.org"
REMOTEDIR="gerrit.ovirt.org-src-backup/src/"

# Run backup - rsync local git source to remote backup directory
# Note: gerrit user has sshkeys with no passphrase
$RSYNC $RSYNCOPTS $SSH $GITSRC $REMOTEUSER@$REMOTEHOST:$REMOTEDIR
  • Make script executable:
chmod 700 bin/gerrit-backup.sh
  • Make cronjob run every day at 2200 EST
crontab -e
    • Contents of user's crontab:
# mail all output to root
MAILTO=root
# Run at 2200 (10 pm) system time every day
0 22 * * *     $HOME/bin/gerrit-backup.sh
# Run database backup at 2220 (10:20 pm) system time every day
20 22 * * *    $HOME/bin/gerrit-database-backup.sh
# Run backup of /home/gerrit2 at 2240 (10:30 pm) system time every day
40 22 * * *    $HOME/bin/gerrit-gerrit2-home-backup.sh

Backup Gerrit database

  • Add this backup script to the gerrit2 user's crontab:
#!/bin/bash
#
# Gerrit backup script - database backup
#
# 0.1 Alpha - 20111207 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
# 
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
#

# set variables
SU="/bin/su"
SCP="/usr/bin/scp"
TAR="/bin/tar"
TAROPTS="-czf"
HOME="/home/gerrit2/"
PGDUMP="/usr/bin/pg_dump"
PGUSER="gerrit2"
PGHOST="localhost"
# PGPORT=""
# The -w directive stops a password request, the ~/.pgpass file provides the password
PGOPTS="-w"
DATE=`/bin/date +%Y%m%d`
DBNAME="reviewdb"
BACKUPDIR="/home/gerrit2/backups/database"
BACKUPFILE="gerrit-pg-dump"
REMOTEHOST="ovirt.org"
REMOTEUSER="gerrit-backup"
REMOTEDIR="gerrit.ovirt.org-database-backup"

## Run backup
# Switch to the Gerrit user - useful if root runs the script
#$SU - $PGUSER
# The gerrit2 user should change to the home directory
cd $HOME
# Dump the database to a SQL script file with a dated filename
$PGDUMP $PGOPTS $DBNAME > $BACKUPDIR/$BACKUPFILE-$DATE.sql
# Compress the SQL script
$TAR $TAROPTS $BACKUPDIR/$BACKUPFILE-$DATE.tgz $BACKUPDIR/$BACKUPFILE-$DATE.sql
# Securely copy the SQL script to a remote backup host
$SCP $BACKUPDIR/$BACKUPFILE-$DATE.tgz $REMOTEUSER@$REMOTEHOST:$REMOTEDIR/

Backup gerrit2 user home directory

  • Add this backup script to the gerrit2 user's crontab:
#!/bin/bash
#
# Gerrit backup script - gerrit2 user home backup
#
# 0.1 Alpha - 20111208 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
# 
#
# Copyright 2011 Karsten Wade <kwade@redhat.com> <quaid@iquaid.org>
#
#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
#

# set variables
SCP="/usr/bin/scp"
TAR="/bin/tar"
TAROPTS="-czf"
# Follwing variable doesn't work, probably due to a bash expansion order
TAREXCLUDE="--exclude='/home/gerrit2/backups*'"
HOME="/home/gerrit2/"
DATE=`/bin/date +%Y%m%d`
BACKUPDIR="/home/gerrit2/backups/gerrit2-home/"
BACKUPFILE="gerrit-gerrit2-home-backup"
BACKUPTARGET="/home/gerrit2"
REMOTEHOST="ovirt.org"
REMOTEUSER="gerrit-backup"
REMOTEDIR="gerrit.ovirt.org-gerrit2-home-backup/"

## Run backup
# Switch to the Gerrit user - useful if root runs the script
#$SU - $PGUSER
# The gerrit2 user should change to the home directory
cd $HOME
# Compress the home directory
$TAR $TAROPTS $BACKUPDIR/$BACKUPFILE-$DATE.tgz $BACKUPTARGET --exclude='/home/gerrit2/backups*'
# Securely copy the compressed archive to a remote backup host
$SCP $BACKUPDIR/$BACKUPFILE-$DATE.tgz $REMOTEUSER@$REMOTEHOST:$REMOTEDIR

Resources