Skip to content

th0th/postgres-backup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
.woodpecker
.woodpecker
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-entrypoint.sh
docker-entrypoint.sh
 
 

Repository files navigation

postgres-backup is a Postgres backup helper that:

  • Takes the dump of the Postgres database
  • Uploads it to either AWS S3 or SFTP server
  • Reports to WebGazer (optional)

Usage

Environment variables

Variable Required Default value Description
DESTINATION_KIND Destination type: s3 or sftp
DESTINATION_PATH Destination path (e.g. "postgres-backup" for S3 bucket path or "/backups" for SFTP directory)
POSTGRES_DB Postgres server database
POSTGRES_HOST postgres Postgres server host
POSTGRES_PASSWORD Postgres server password
POSTGRES_PORT 5432 Postgres server port
POSTGRES_USER postgres Postgres server user
POSTGRES_VERSION 17 Postgres server version (15, 16 or 17)
WEBGAZER_HEARTBEAT_URL WebGazer Heartbeat Monitor URL

S3-specific variables (required when DESTINATION_KIND=s3)

Variable Required Default value Description
S3_ACCESS_KEY_ID Access key id for the S3-compatible storage
S3_REGION Region for the S3 bucket
S3_SECRET_ACCESS_KEY Secret access key for the S3-compatible storage
S3_PROVIDER AWS S3 provider (AWS, MinIO, etc.)
S3_STORAGE_CLASS STANDARD_IA S3 storage class (see https://aws.amazon.com/s3/storage-classes/ and https://rclone.org/s3/#s3-storage-class for options)

SFTP-specific variables (required when DESTINATION_KIND=sftp)

Variable Required Default value Description
SFTP_HOST SFTP server hostname
SFTP_USER SFTP server username
SFTP_PORT 22 SFTP server port
SFTP_PASSWORD ⚠️ SFTP server password (either this OR SFTP_PRIVATE_KEY must be set)
SFTP_PRIVATE_KEY ⚠️ SFTP private key content (base64 encoded, either this OR SFTP_PASSWORD must be set)

Note: For SFTP authentication, you must provide either SFTP_PASSWORD or SFTP_PRIVATE_KEY, but not both. The private key will be temporarily stored in the container and automatically cleaned up after use. The SFTP_PRIVATE_KEY should be base64 encoded to avoid issues with special characters and newlines in environment variables. Passwords are automatically obscured using rclone's built-in obscure command for compatibility with rclone's SFTP backend.

Running

S3 Backup Example

$ docker run \
  -e DESTINATION_KIND=s3 \
  -e DESTINATION_PATH=postgres-backup \
  -e S3_ACCESS_KEY_ID=<s3_access_key_id> \
  -e S3_REGION=<s3_region> \
  -e S3_SECRET_ACCESS_KEY=<s3_secret_access_key> \
  -e S3_STORAGE_CLASS=<s3_storage_class[STANDARD_IA]> \
  -e POSTGRES_DB=<database> \
  -e POSTGRES_HOST=<postgres_hostname[postgres]> \
  -e POSTGRES_PASSWORD=<postgres_password> \
  -e POSTGRES_PORT=<postgres_port[5432]> \
  -e POSTGRES_USER=<postgres_user[postgres]> \
  -e POSTGRES_VERSION=<postgres_version[17]> \
  -e WEBGAZER_HEARTBEAT_URL=<webgazer_heartbeat_url> \
  code.unius.sh/unius/postgres-backup

SFTP Backup Example

Using password authentication:

$ docker run \
  -e DESTINATION_KIND=sftp \
  -e DESTINATION_PATH=/backups \
  -e SFTP_HOST=<sftp_host> \
  -e SFTP_PASSWORD=<sftp_password> \
  -e SFTP_USER=<sftp_user> \
  -e SFTP_PORT=<sftp_port[22]> \
  -e POSTGRES_DB=<database> \
  -e POSTGRES_HOST=<postgres_hostname[postgres]> \
  -e POSTGRES_PASSWORD=<postgres_password> \
  -e POSTGRES_PORT=<postgres_port[5432]> \
  -e POSTGRES_USER=<postgres_user[postgres]> \
  -e POSTGRES_VERSION=<postgres_version[17]> \
  -e WEBGAZER_HEARTBEAT_URL=<webgazer_heartbeat_url> \
  code.unius.sh/unius/postgres-backup

Using private key authentication:

$ docker run \
  -e DESTINATION_KIND=sftp \
  -e DESTINATION_PATH=/backups \
  -e SFTP_HOST=<sftp_host> \
  -e SFTP_PRIVATE_KEY="$(cat ~/.ssh/id_rsa | base64)" \
  -e SFTP_USER=<sftp_user> \
  -e SFTP_PORT=<sftp_port[22]> \
  -e POSTGRES_DB=<database> \
  -e POSTGRES_HOST=<postgres_hostname[postgres]> \
  -e POSTGRES_PASSWORD=<postgres_password> \
  -e POSTGRES_PORT=<postgres_port[5432]> \
  -e POSTGRES_USER=<postgres_user[postgres]> \
  -e POSTGRES_VERSION=<postgres_version[17]> \
  -e WEBGAZER_HEARTBEAT_URL=<webgazer_heartbeat_url> \
  code.unius.sh/unius/postgres-backup

Shameless plug

I am an indie hacker, and I am running two services that might be useful for your business. Check them out :)

WebGazer

WebGazer

WebGazer is a monitoring service that checks your website, cron jobs, or scheduled tasks on a regular basis. It notifies you with instant alerts in case of a problem. That way, you have peace of mind about the status of your service without manually checking it.

PoeticMetric

PoeticMetric

PoeticMetric is a privacy-first, regulation-compliant, blazingly fast analytics tool.

No cookies or personal data collection. So you don't have to worry about cookie banners or GDPR, CCPA, and PECR compliance.

License

Copyright © 2025, Gokhan Sari. Released under the GPL License.

About

A docker utility to backup PostgreSQL databases.

Topics

backup postgresql

Resources

Readme

License

GPL-3.0 license
Activity

Stars

5 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 3

v0.3.0 Latest
Nov 25, 2024
+ 2 releases

Packages

 
 
 

Languages