Revision of Useful Minio Console and Restic commands

4 files changed, 71 insertions

1_minio-console-commands.sh(file created)

		@@ -0,0 +1,9 @@
1	+	# Add new S3 user to Minio
2	+	mc admin user add thasystems "s3-username" "s3-password"
3	+
4	+	# Create and attach S3 policy to user in Minio
5	+	mc admin policy create thasystems restic_sample_policy /tmp/restic_policy.json
6	+	mc admin policy attach thasystems "restic_sample_policy" --user "s3-username"
7	+
8	+	# Create new bucket 'resticsample' and ignore if it already exists
9	+	mc mb --ignore-existing thasystems/resticsample

restic-backup-and-restore.sh(file created)

		@@ -0,0 +1,20 @@
1	+	# (environment) variables you need
2	+	export AWS_ACCESS_KEY_ID="s3-username"
3	+	export AWS_SECRET_ACCESS_KEY="s3-password"
4	+	export RESTIC_PASSWORD="password"
5	+
6	+	# initialize Minio Backup Repository
7	+	restic -r s3:https://s3.domain.tld/resticsample init
8	+
9	+	# Export PostGreSQL Dump of Zammad database
10	+	sudo -u postgres pg_dump --dbname zammad --no-privileges --no-owner >> /tmp/zammad.psql
11	+
12	+	# Backup complete Zammad directory with database dump
13	+	restic -r s3:https://s3.domain.tld/resticsample migrate
14	+	restic --no-scan --read-concurrency=25 --pack-size=128 --compression off -r s3:https://s3.domain.tld/resticsample backup --exclude "/opt/zammad/tmp/*" /opt/zammad/ /tmp/zammad.psql
15	+
16	+	# Restore a PostGreSQL Dump from Repo
17	+	restic -r s3:https://s3.domain.tld/resticsample dump latest '/tmp/zammad.psql' \| sudo -u postgres psql zammad
18	+
19	+	# Restore Zammad filesystem
20	+	restic -r s3:https://s3.domain.tld/resticsample restore latest --include /opt/zammad/ --target /

restic-repository-management.sh(file created)

		@@ -0,0 +1,32 @@
1	+	# List all snapshots of the backup repository
2	+	restic -r s3:https://s3.domain.tld/resticsample
3	+
4	+	# List files in your backup
5	+	restic -r s3:https://s3.domain.tld/resticsample ls --long latest /opt/zammad/config/
6	+
7	+	# Mount your backup for easier search of files all over all snapshots
8	+	# (technically works for restore too, but slower)
9	+	restic -r s3:https://s3.domain.tld/resticsample mount /mnt/
10	+
11	+	# Apply snapshot hold policy and remove snapshots older than defined rules
12	+	restic -r s3:https://s3.domain.tld/resticsample forget --group-by '' --keep-hourly 1 --keep-daily 14 --prune
13	+
14	+	# Read 25% of your backup to verify its integrity
15	+	restic -r s3:https://s3.domain.tld/resticsample check --read-data-subset=25%
16	+	# Do it on 100% of your backup
17	+	restic -r s3:https://s3.domain.tld/resticsample check
18	+
19	+	# Change the current password of a repository key
20	+	restic -r s3:https://s3.domain.tld/resticsample key passwd
21	+
22	+	# Add further keys to your repository
23	+	restic -r s3:https://s3.domain.tld/resticsample key add
24	+
25	+	# List all configured keys
26	+	restic -r s3:https://s3.domain.tld/resticsample key list
27	+
28	+	# Remove a certain key ID (from previous list)
29	+	restic -r s3:https://s3.domain.tld/resticsample key remove <id>
30	+
31	+	# Unlock a locked backup repository
32	+	restic -r s3:https://s3.domain.tld/resticsample unlock

restic_policy.json(file created)

		@@ -0,0 +1,10 @@
1	+	{
2	+	"Version": "2012-10-17",
3	+	"Statement": [
4	+	{
5	+	"Effect": "Allow",
6	+	"Action": ["s3:*"],
7	+	"Resource": ["arn:aws:s3:::resticsample/*"]
8	+	}
9	+	]
10	+	}

Newer Older