bot_ym
/
water-management-system
Следить 6
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
智慧水务管理系统 - 精河县供水工程综合管理平台
88 коммитов
90 веток
Дерево: 81ca9d6e74
веток Теги
${ item.name }
Создать ветку ${ searchTerm }
из '81ca9d6e74'
${ noResults }
water-management-system/deploy/production/backup/backup-db.sh

backup-db.sh 7.2KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248 
  1. #!/bin/bash

  2. # ============================================================

  3. # 数据库备份脚本

  4. # 

  5. # 功能:

  6. #   - PostgreSQL 全量备份 (pg_dump)

  7. #   - 备份保留策略: 每日(7天) + 每周(4周) + 每月(12月)

  8. #   - 压缩 + 可选加密

  9. #   - 上传到 MinIO/S3 或本地归档

  10. #   - 企业微信通知备份结果

  11. #

  12. # Cron 配置 (每天凌晨 2 点执行):

  13. #   0 2 * * * /opt/water-management/deploy/production/backup/backup-db.sh >> /var/log/wm-backup.log 2>&1

  14. # ============================================================

  15. set -euo pipefail

  16. 

  17. # ==================== 配置 ====================

  18. # 数据库配置

  19. DB_HOST="${DB_HOST:-localhost}"

  20. DB_PORT="${DB_PORT:-5432}"

  21. DB_NAME="${POSTGRES_DB:-water_management}"

  22. DB_USER="${POSTGRES_USER:-water}"

  23. DB_PASSWORD="${POSTGRES_PASSWORD:-}"

  24. PGPASSWORD="${DB_PASSWORD}"

  25. export PGPASSWORD

  26. 

  27. # 备份目录

  28. BACKUP_BASE="${BACKUP_DIR:-/opt/water-management/backups}"

  29. BACKUP_DAILY="${BACKUP_BASE}/daily"

  30. BACKUP_WEEKLY="${BACKUP_BASE}/weekly"

  31. BACKUP_MONTHLY="${BACKUP_BASE}/monthly"

  32. 

  33. # 保留策略

  34. DAILY_RETENTION=7

  35. WEEKLY_RETENTION=4

  36. MONTHLY_RETENTION=12

  37. 

  38. # MinIO/S3 配置(可选)

  39. S3_ENABLED="${S3_ENABLED:-false}"

  40. S3_BUCKET="${S3_BUCKET:-water-backups}"

  41. S3_ENDPOINT="${S3_ENDPOINT:-http://localhost:9000}"

  42. S3_ACCESS_KEY="${S3_ACCESS_KEY:-}"

  43. S3_SECRET_KEY="${S3_SECRET_KEY:-}"

  44. 

  45. # 加密配置(可选)

  46. ENCRYPT_ENABLED="${ENCRYPT_ENABLED:-false}"

  47. ENCRYPT_PASSPHRASE="${ENCRYPT_PASSPHRASE:-}"

  48. 

  49. # 企业微信 Webhook

  50. WECOM_WEBHOOK="${WECOM_WEBHOOK:-}"

  51. 

  52. # ==================== 初始化 ====================

  53. TIMESTAMP=$(date +%Y%m%d_%H%M%S)

  54. DATE=$(date +%Y-%m-%d)

  55. DAY_OF_WEEK=$(date +%u)  # 1=Monday, 7=Sunday

  56. DAY_OF_MONTH=$(date +%d)

  57. 

  58. log() {

  59.     echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1"

  60. }

  61. 

  62. # 创建备份目录

  63. mkdir -p "$BACKUP_DAILY" "$BACKUP_WEEKLY" "$BACKUP_MONTHLY"

  64. 

  65. # ==================== 备份函数 ====================

  66. 

  67. # 全量备份

  68. do_full_backup() {

  69.     local target_dir="$1"

  70.     local backup_name="wm_${DB_NAME}_${TIMESTAMP}.sql.gz"

  71.     local backup_path="${target_dir}/${backup_name}"

  72.     

  73.     log "📦 开始全量备份: ${DB_NAME}"

  74.     

  75.     # pg_dump 全量备份 + gzip 压缩

  76.     pg_dump \

  77.         -h "$DB_HOST" \

  78.         -p "$DB_PORT" \

  79.         -U "$DB_USER" \

  80.         -d "$DB_NAME" \

  81.         --format=plain \

  82.         --verbose \

  83.         --no-owner \

  84.         --no-privileges \

  85.         --clean \

  86.         --if-exists \

  87.         2>/dev/null | gzip -9 > "$backup_path"

  88.     

  89.     local size

  90.     size=$(du -sh "$backup_path" | cut -f1)

  91.     log "✅ 备份完成: ${backup_name} (${size})"

  92.     

  93.     # 可选加密

  94.     if [ "$ENCRYPT_ENABLED" = "true" ] && [ -n "$ENCRYPT_PASSPHRASE" ]; then

  95.         log "🔐 加密备份文件..."

  96.         openssl enc -aes-256-cbc -salt -pbkdf2 \

  97.             -in "$backup_path" \

  98.             -out "${backup_path}.enc" \

  99.             -pass "pass:${ENCRYPT_PASSPHRASE}"

  100.         rm "$backup_path"

  101.         backup_path="${backup_path}.enc"

  102.         log "✅ 加密完成"

  103.     fi

  104.     

  105.     # 上传到 S3/MinIO

  106.     if [ "$S3_ENABLED" = "true" ]; then

  107.         upload_to_s3 "$backup_path"

  108.     fi

  109.     

  110.     echo "$backup_path"

  111. }

  112. 

  113. # 上传到 S3/MinIO

  114. upload_to_s3() {

  115.     local file="$1"

  116.     local filename

  117.     filename=$(basename "$file")

  118.     local s3_path="s3://${S3_BUCKET}/db/${DATE}/${filename}"

  119.     

  120.     log "☁️ 上传到 S3: ${s3_path}"

  121.     

  122.     # 使用 mc (MinIO Client) 或 aws cli

  123.     if command -v mc &>/dev/null; then

  124.         mc alias set wm-s3 "$S3_ENDPOINT" "$S3_ACCESS_KEY" "$S3_SECRET_KEY" 2>/dev/null

  125.         mc cp "$file" "wm-s3/${S3_BUCKET}/db/${DATE}/${filename}" 2>/dev/null

  126.     elif command -v aws &>/dev/null; then

  127.         aws --endpoint-url "$S3_ENDPOINT" s3 cp "$file" "$s3_path" 2>/dev/null

  128.     else

  129.         log "⚠️ 未找到 mc 或 aws 命令,跳过 S3 上传"

  130.         return 0

  131.     fi

  132.     

  133.     log "✅ S3 上传完成"

  134. }

  135. 

  136. # ==================== 保留策略 ====================

  137. 

  138. # 清理过期备份

  139. cleanup_old_backups() {

  140.     log "🧹 执行备份保留策略..."

  141.     

  142.     # 每日备份:保留最近 N 天

  143.     local daily_count

  144.     daily_count=$(ls -1 "$BACKUP_DAILY"/*.sql.gz 2>/dev/null | wc -l || echo 0)

  145.     if [ "$daily_count" -gt "$DAILY_RETENTION" ]; then

  146.         local to_delete=$((daily_count - DAILY_RETENTION))

  147.         log "  清理每日备份: 删除最旧的 ${to_delete} 个文件"

  148.         ls -1t "$BACKUP_DAILY"/*.sql.gz 2>/dev/null | tail -n "$to_delete" | xargs rm -f

  149.     fi

  150.     

  151.     # 每周备份:保留最近 N 周

  152.     local weekly_count

  153.     weekly_count=$(ls -1 "$BACKUP_WEEKLY"/*.sql.gz 2>/dev/null | wc -l || echo 0)

  154.     if [ "$weekly_count" -gt "$WEEKLY_RETENTION" ]; then

  155.         local to_delete=$((weekly_count - WEEKLY_RETENTION))

  156.         log "  清理每周备份: 删除最旧的 ${to_delete} 个文件"

  157.         ls -1t "$BACKUP_WEEKLY"/*.sql.gz 2>/dev/null | tail -n "$to_delete" | xargs rm -f

  158.     fi

  159.     

  160.     # 每月备份:保留最近 N 个月

  161.     local monthly_count

  162.     monthly_count=$(ls -1 "$BACKUP_MONTHLY"/*.sql.gz 2>/dev/null | wc -l || echo 0)

  163.     if [ "$monthly_count" -gt "$MONTHLY_RETENTION" ]; then

  164.         local to_delete=$((monthly_count - MONTHLY_RETENTION))

  165.         log "  清理每月备份: 删除最旧的 ${to_delete} 个文件"

  166.         ls -1t "$BACKUP_MONTHLY"/*.sql.gz 2>/dev/null | tail -n "$to_delete" | xargs rm -f

  167.     fi

  168.     

  169.     log "✅ 保留策略执行完毕"

  170. }

  171. 

  172. # ==================== 通知 ====================

  173. 

  174. send_notification() {

  175.     local status="$1"

  176.     local message="$2"

  177.     local backup_path="$3"

  178.     

  179.     if [ -z "$WECOM_WEBHOOK" ]; then

  180.         log "⚠️ 未配置企业微信 Webhook,跳过通知"

  181.         return 0

  182.     fi

  183.     

  184.     local emoji="✅"

  185.     local color="info"

  186.     if [ "$status" = "failure" ]; then

  187.         emoji="❌"

  188.         color="warning"

  189.     fi

  190.     

  191.     local backup_size="N/A"

  192.     if [ -f "$backup_path" ]; then

  193.         backup_size=$(du -sh "$backup_path" | cut -f1)

  194.     fi

  195.     

  196.     local payload

  197.     payload=$(cat <<EOF

  198. {

  199.     "msgtype": "markdown",

  200.     "markdown": {

  201.         "content": "## ${emoji} 数据库备份通知\n\n**数据库:** ${DB_NAME}\n**状态:** <font color=\"${color}\">${status}</font>\n**大小:** ${backup_size}\n**时间:** $(date '+%Y-%m-%d %H:%M:%S')\n\n${message}"

  202.     }

  203. }

  204. EOF

  205. )

  206.     

  207.     curl -s -X POST "$WECOM_WEBHOOK" \

  208.         -H "Content-Type: application/json" \

  209.         -d "$payload" > /dev/null 2>&1 || true

  210.     

  211.     log "📤 通知已发送"

  212. }

  213. 

  214. # ==================== 主逻辑 ====================

  215. 

  216. log "========================================="

  217. log "数据库备份开始 - ${DB_NAME}"

  218. log "========================================="

  219. 

  220. BACKUP_PATH=""

  221. STATUS="success"

  222. MESSAGE=""

  223. 

  224. # 执行每日备份

  225. log "📅 执行每日备份..."

  226. BACKUP_PATH=$(do_full_backup "$BACKUP_DAILY")

  227. 

  228. # 周日执行每周备份

  229. if [ "$DAY_OF_WEEK" = "7" ]; then

  230.     log "📅 今天是周日,执行每周备份..."

  231.     do_full_backup "$BACKUP_WEEKLY" > /dev/null

  232. fi

  233. 

  234. # 每月1号执行每月备份

  235. if [ "$DAY_OF_MONTH" = "01" ]; then

  236.     log "📅 今天是月初,执行每月备份..."

  237.     do_full_backup "$BACKUP_MONTHLY" > /dev/null

  238. fi

  239. 

  240. # 清理过期备份

  241. cleanup_old_backups

  242. 

  243. # 发送通知

  244. send_notification "$STATUS" "每日全量备份完成" "$BACKUP_PATH"

  245. 

  246. log "========================================="

  247. log "备份全部完成"

  248. log "========================================="