#!/usr/bin/env bash # tools/cmd/railiance-restore-s2 — S2 Kubernetes Runtime restore guide # Lists available backups and prints restore instructions. # Actual restore of etcd requires cluster downtime — see instructions below. set -euo pipefail BACKUP_DIR="/opt/backup/railiance/cluster" AGE_KEY="${HOME}/.config/sops/age/keys.txt" echo "" echo "railiance-cluster (S2) — Available Backups" echo "============================================" echo "" if [[ ! -d "${BACKUP_DIR}" ]]; then echo " No backup directory found at ${BACKUP_DIR}" echo " Run: sudo make backup" exit 1 fi LAST="" [[ -f "${BACKUP_DIR}/.last-backup" ]] && LAST="$(cat "${BACKUP_DIR}/.last-backup")" [[ -n "${LAST}" ]] && echo " Last backup: ${LAST}" || echo " Last backup: unknown" echo "" list_type() { local label="$1" pattern="$2" echo " ${label}:" local files files="$(find "${BACKUP_DIR}" -name "${pattern}" 2>/dev/null | sort -r)" if [[ -z "${files}" ]]; then echo " (none)" else echo "${files}" | while read -r f; do echo " $(basename "${f}") [$(du -sh "${f}" | cut -f1)]" done fi echo "" } list_type "etcd snapshots" "etcd-*.snap.age" list_type "Helm values" "helm-values-*.tar.gz.age" list_type "kubeconfig" "kubeconfig-*.yaml.age" echo "============================================" echo "" echo "Decrypt any file:" echo " age -d -i ${AGE_KEY} " echo "" echo "Restore kubeconfig:" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/kubeconfig-.yaml.age > ~/.kube/config-hosteurope" echo "" echo "Restore etcd snapshot (WARNING: destroys current cluster state):" echo " # 1. Decrypt the snapshot" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/etcd-.snap.age > /tmp/etcd-restore.snap" echo " # 2. Copy to k3s snapshot directory" echo " sudo cp /tmp/etcd-restore.snap /var/lib/rancher/k3s/server/db/snapshots/" echo " # 3. Stop k3s and restore" echo " sudo systemctl stop k3s" echo " sudo k3s server --cluster-reset --cluster-reset-restore-path=/var/lib/rancher/k3s/server/db/snapshots/etcd-restore.snap" echo " sudo systemctl start k3s" echo "" echo "Restore Helm values (for re-running helm upgrade after cluster restore):" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/helm-values-.tar.gz.age | tar -xz -C /tmp/helm-restore/" echo ""