feat: add aws backups (#4898)

* feat: add aws backups * chore: update mongodb-tools in dockerfile * chore: add aws-cli to dockerfile
GaloyMoney · Nov 29, 2023 · ce9792c · ce9792c
1 parent b87ef72
commit ce9792c
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 4 deletions.
diff --git a/charts/galoy/templates/mongo-backup-configmap.yaml b/charts/galoy/templates/mongo-backup-configmap.yaml
@@ -15,7 +15,7 @@ data:
     echo "Backup script starts"
     set -e
     LOG_TIME=$(date +%s)
-    BACKUP_NAME="$NETWORK-$LOG_TIME.gz"    
+    BACKUP_NAME="$NETWORK-$LOG_TIME.gz"
     echo "Backing up mongodb"
     mongodump --host=$MONGODB_ADDRESS --port=$MONGODB_PORT --username=$MONGODB_USER --password=$MONGODB_PASSWORD --gzip --archive=$BACKUP_NAME -d=$MONGODB_DB --readPreference=secondary
 
@@ -24,12 +24,18 @@ data:
     curl -X POST https://content.dropboxapi.com/2/files/upload --http1.1 --header "Authorization: Bearer $DROPBOX_ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"/mongo/$BACKUP_NAME\"}" --header "Content-Type: application/octet-stream" --data-binary $BACKUP_NAME
     {{ end }}
 
+    {{ if .Values.galoy.trigger.backups.s3.enabled }}
+    export S3_BUCKET="{{ .Values.galoy.trigger.backups.s3.bucketName }}"
+    echo "Uploading backup $BACKUP_NAME to s3"
+    aws s3 cp $BACKUP_NAME s3://$S3_BUCKET/mongodb/$BACKUP_NAME
+    {{ end }}
+
     {{ if .Values.galoy.trigger.backups.gcs.enabled }}
-    export BUCKET_NAME="{{ .Values.galoy.trigger.backups.gcs.bucketName }}"
+    export GCS_BUCKET="{{ .Values.galoy.trigger.backups.gcs.bucketName }}"
     echo "Activating service account"
     gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS
     echo "Uploading backup $BACKUP_NAME to gcs"
-    gsutil cp $BACKUP_NAME gs://$BUCKET_NAME/mongodb/$BACKUP_NAME 2>&1
+    gsutil cp $BACKUP_NAME gs://$GCS_BUCKET/mongodb/$BACKUP_NAME 2>&1
     echo "Uploaded backup successfully"
     {{ end }}
 

diff --git a/charts/galoy/templates/trigger-deployment.yaml b/charts/galoy/templates/trigger-deployment.yaml
@@ -125,6 +125,21 @@ spec:
               key: {{ .Values.galoy.trigger.backups.dropbox.accessTokenExistingSecret.key | quote }}
         {{ end }}
 
+        {{ if .Values.galoy.trigger.backups.s3.enabled }}
+        - name: AWS_ACCESS_KEY_ID
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.galoy.trigger.backups.s3.accessKeyExistingSecret.name | quote }}
+              key: {{ .Values.galoy.trigger.backups.s3.accessKeyExistingSecret.key | quote }}
+        - name: AWS_SECRET_ACCESS_KEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.galoy.trigger.backups.s3.secretKeyExistingSecret.name | quote }}
+              key: {{ .Values.galoy.trigger.backups.s3.secretKeyExistingSecret.key | quote }}
+        - name: AWS_REGION
+          value: {{ .Values.galoy.trigger.backups.s3.region | quote }}
+        {{ end }}
+
         {{ if .Values.galoy.api.firebaseNotifications.enabled }}
         - name: GOOGLE_APPLICATION_CREDENTIALS
           value: "/tmp/service-account.json"

diff --git a/charts/galoy/values.yaml b/charts/galoy/values.yaml
@@ -238,6 +238,29 @@ galoy:
           name: dropbox-access-token
           # Secret Key
           key: token
+      ## Backup data to S3 bucket
+      ## To backup to S3 bucket, you would need an access key and secret key
+      ## to upload data to your S3 bucket
+      ##
+      s3:
+        # Enable/disable uploading backup to S3 bucket
+        enabled: false
+        # S3 bucket name to upload to (it should already be created)
+        bucketName: s3-bucket-name
+        # Aws region
+        region: us-east-1
+        # S3 access key to use to upload backup to above-mentioned bucket
+        accessKeyExistingSecret:
+          # Secret name
+          name: s3-creds
+          # Secret Key
+          key: access-key
+        # S3 secret key to use to upload backup to above-mentioned bucket
+        secretKeyExistingSecret:
+          # Secret name
+          name: s3-creds
+          # Secret Key
+          key: secret-key
   ## Configuration values for Galoy Admin components.
   ##
   admin:

diff --git a/images/mongo-backup/Dockerfile b/images/mongo-backup/Dockerfile
@@ -1,5 +1,5 @@
 FROM gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
 
-RUN apk add --update --no-cache mongodb-tools=4.2.14-r6 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community
+RUN apk add --update --no-cache mongodb-tools=100.8.0-r2 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community aws-cli
 
 ENTRYPOINT []