root/the_prg_server_configuration_old
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Force credential to be "alive", fixed a typo.

Browse source
This commit is contained in:
Root User 2026-02-08 00:49:45 +01:00
parent 0d903689a3
commit 5e794336d8
Signed by: root
GPG key ID: 087F0A95E5766D72
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nix-system-configs/modules/system_scripts/gcloud_backup.nix
View file

@ -69,6 +69,7 @@
export GOOGLE_APPLICATION_CREDENTIALS="${config.sops.secrets.gcloud_bucket.path}" export GOOGLE_APPLICATION_CREDENTIALS="${config.sops.secrets.gcloud_bucket.path}"
export PATH="${lib.makeBinPath [pkgs.postgresql pkgs.gzip pkgs.google-cloud-sdk pkgs.gnupg pkgs.coreutils pkgs.gnugrep]}:$PATH" export PATH="${lib.makeBinPath [pkgs.postgresql pkgs.gzip pkgs.google-cloud-sdk pkgs.gnupg pkgs.coreutils pkgs.gnugrep]}:$PATH"
gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
TIMESTAMP=$(date +%Y%m%d%H%M%S) TIMESTAMP=$(date +%Y%m%d%H%M%S)
BACKUP_DIR=$(mktemp -d) BACKUP_DIR=$(mktemp -d)
@ -97,6 +98,7 @@
export GOOGLE_APPLICATION_CREDENTIALS="${config.sops.secrets.gcloud_bucket.path}" export GOOGLE_APPLICATION_CREDENTIALS="${config.sops.secrets.gcloud_bucket.path}"
export PATH="${lib.makeBinPath [pkgs.mariadb pkgs.gzip pkgs.google-cloud-sdk pkgs.gnupg pkgs.coreutils pkgs.gnugrep]}:$PATH" export PATH="${lib.makeBinPath [pkgs.mariadb pkgs.gzip pkgs.google-cloud-sdk pkgs.gnupg pkgs.coreutils pkgs.gnugrep]}:$PATH"
gcloud auth activate-service-account --key-file="$GOOGLE_APPLICATION_CREDENTIALS"
TIMESTAMP=$(date +%Y%m%d%H%M%S) TIMESTAMP=$(date +%Y%m%d%H%M%S)
BACKUP_DIR=$(mktemp -d) BACKUP_DIR=$(mktemp -d)
@ -110,7 +112,7 @@
echo "Backing up MariaDB database: $DB" echo "Backing up MariaDB database: $DB"
FILENAME="mariadb_''${DB}_''${TIMESTAMP}.sql.gz.gpg" FILENAME="mariadb_''${DB}_''${TIMESTAMP}.sql.gz.gpg"
if mariadb-dump -u root "$DB" | gzip | gpg --batch --trust-model always --encrypt --recipient "${gpgRecipient}" > "$BACKUP_DIR/$FILENAME"; then if mariadb-dump -u root "$DB" | gzip | gpg --batch --trust-model always --encrypt --recipient "${gpgRecipient}" > "$BACKUP_DIR/$FILENAME"; then
gcloud storage cp "$BACKUP_DIR/$FILENAME" "gs://${gcsBucket}/postgresql/$FILENAME" gcloud storage cp "$BACKUP_DIR/$FILENAME" "gs://${gcsBucket}/mariadb/$FILENAME"
echo "Successfully uploaded encrypted $FILENAME" echo "Successfully uploaded encrypted $FILENAME"
else else
echo "Failed to backup $DB" >&2 echo "Failed to backup $DB" >&2