#!/usr/bin/env bash # tools/cmd/railiance-restore-s2 — S2 Kubernetes Runtime restore guide # Lists available backups and prints restore instructions. # Actual restore of etcd requires cluster downtime — see instructions below. set -euo pipefail BACKUP_DIR="/opt/backup/railiance/cluster" AGE_KEY="${HOME}/.config/sops/age/keys.txt" echo "" echo "railiance-cluster (S2) — Available Backups" echo "============================================" echo "" if [[ ! -d "${BACKUP_DIR}" ]]; then echo " No backup directory found at ${BACKUP_DIR}" echo " Run: sudo make backup" exit 1 fi LAST="" [[ -f "${BACKUP_DIR}/.last-backup" ]] && LAST="$(cat "${BACKUP_DIR}/.last-backup")" [[ -n "${LAST}" ]] && echo " Last backup: ${LAST}" || echo " Last backup: unknown" echo "" list_type() { local label="$1" pattern="$2" echo " ${label}:" local files files="$(find "${BACKUP_DIR}" -name "${pattern}" 2>/dev/null | sort -r)" if [[ -z "${files}" ]]; then echo " (none)" else echo "${files}" | while read -r f; do echo " $(basename "${f}") [$(du -sh "${f}" | cut -f1)]" done fi echo "" } list_type "k3s state (SQLite)" "k3s-state-*.db.age" list_type "Helm values" "helm-values-*.tar.gz.age" list_type "kubeconfig" "kubeconfig-*.yaml.age" echo "============================================" echo "" echo "Decrypt any file:" echo " age -d -i ${AGE_KEY} " echo "" echo "Restore kubeconfig:" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/kubeconfig-.yaml.age > ~/.kube/config-hosteurope" echo "" echo "Restore k3s state (SQLite) — WARNING: destroys current cluster state:" echo " # 1. Decrypt the state db" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/k3s-state-.db.age > /tmp/k3s-restore.db" echo " # 2. Stop k3s" echo " sudo systemctl stop k3s" echo " # 3. Replace the state db" echo " sudo cp /var/lib/rancher/k3s/server/db/state.db /var/lib/rancher/k3s/server/db/state.db.bak" echo " sudo cp /tmp/k3s-restore.db /var/lib/rancher/k3s/server/db/state.db" echo " sudo rm -f /var/lib/rancher/k3s/server/db/state.db-shm /var/lib/rancher/k3s/server/db/state.db-wal" echo " # 4. Start k3s" echo " sudo systemctl start k3s" echo "" echo "Restore Helm values (for re-running helm upgrade after cluster restore):" echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/helm-values-.tar.gz.age | tar -xz -C /tmp/helm-restore/" echo ""