Backup PostgresSQL to S3 (supports periodic backups)
$ docker run -e S3_ACCESS_KEY_ID=key -e S3_SECRET_ACCESS_KEY=secret -e S3_BUCKET=my-bucket -e S3_PREFIX=backup -e POSTGRES_DATABASE=dbname -e POSTGRES_USER=user -e POSTGRES_PASSWORD=password -e POSTGRES_HOST=localhost registry.gitlab.com/svenkroll/postgresql-backup-s3:mastersee Helm chart in ./chart
| Variable | Default | Required | Description |
|---|---|---|---|
| POSTGRES_DATABASE | Y | Database you want to backup or 'all' to backup everything | |
| POSTGRES_HOST | Y | The PostgreSQL host | |
| POSTGRES_PORT | 5432 | The PostgreSQL port | |
| POSTGRES_USER | Y | The PostgreSQL user | |
| POSTGRES_PASSWORD | Y | The PostgreSQL password | |
| POSTGRES_EXTRA_OPTS | Extra postgresql options | ||
| S3_ACCESS_KEY_ID | Y | Your AWS access key | |
| S3_SECRET_ACCESS_KEY | Y | Your AWS secret key | |
| S3_BUCKET | Y | Your AWS S3 bucket path | |
| S3_PREFIX | backup | Path prefix in your bucket | |
| S3_REGION | us-west-1 | The AWS S3 bucket region | |
| S3_ENDPOINT | The AWS Endpoint URL, for S3 Compliant APIs such as minio | ||
| S3_S3V4 | no | Set to yes to enable AWS Signature Version 4, required for minio servers |
|
| ENCRYPTION_PASSWORD | Password to encrypt the backup. Can be decrypted using openssl aes-256-cbc -d -in backup.sql.gz.enc -out backup.sql.gz |
||
| DELETE_OLDER_THAN | Delete old backups, see explanation and warning below |
The helm chart in ./chart deploys an cronjob to your kubernetes cluster, just set the "schedule" value
You can additionally set the DELETE_OLDER_THAN environment variable like -e DELETE_OLDER_THAN="30 days ago" to delete old backups.
WARNING: this will delete all files in the S3_PREFIX path, not just those created by this script.
You can additionally set the ENCRYPTION_PASSWORD environment variable like -e ENCRYPTION_PASSWORD="superstrongpassword" to encrypt the backup. It can be decrypted using openssl aes-256-cbc -d -in backup.sql.gz.enc -out backup.sql.gz.