#!/usr/bin/env bash # # One-command backup of a Provenance deployment: the Postgres database and the # MinIO object store, into a single timestamped bundle under ./backups/. # # ./backup.sh # write backups/provenance-backup-.tar # BACKUP_RETAIN_DAYS=30 ./backup.sh # also prune bundles older than 30 days # # Run it from the host where `docker compose` manages the stack (i.e. this # deploy/ directory). Restore steps are in BACKUP.md. set -euo pipefail cd "$(dirname "$0")" # the deploy/ directory (where docker-compose.yml lives) # Config comes from the compose .env (same file the stack uses); fall back to # the compose defaults so a vanilla stack still backs up. if [ -f .env ]; then set -a; . ./.env; set +a; fi PGUSER="${POSTGRES_USER:-provenance}" PGDB="${POSTGRES_DB:-provenance}" dc() { docker compose "$@"; } ts="$(date -u +%Y%m%dT%H%M%SZ)" work="backups/.work-$ts" mkdir -p "$work" backups cleanup() { rm -rf "$work"; } trap cleanup EXIT echo "→ Dumping Postgres database '$PGDB'…" dc exec -T postgres pg_dump -U "$PGUSER" -d "$PGDB" --no-owner --clean --if-exists \ | gzip > "$work/db.sql.gz" echo "→ Archiving MinIO object store…" # Tar MinIO's data directory straight from the container (objects + bucket # metadata). Restored by extracting back into the miniodata volume. dc exec -T minio tar czf - -C /data . > "$work/minio-data.tar.gz" cat > "$work/MANIFEST.txt" <