coulomb/railiance-cluster
2
0
Fork 0
Code Issues Pull Requests Actions 1 Projects Releases Wiki Activity
Files
6431bfab79bc2d7fed88116a5f8407792111d0a0
railiance-cluster/tools/cmd/railiance-restore-s2
tegwick 7e28399f69
Some checks failed
railiance-tests / smoke (push) Has been cancelled
Details
feat(backup): implement S2 integrated backup — WP-0004 T01-T04 
tools/cmd/railiance-backup-s2:
  - k3s etcd snapshot (age-encrypted)
  - Helm release values for all namespaces (age-encrypted)
  - kubeconfig /etc/rancher/k3s/k3s.yaml (age-encrypted)
  - output: /opt/backup/railiance/cluster/, keep last 7, .last-backup stamp
  - requires root, no network dependency

tools/cmd/railiance-restore-s2:
  - lists available backups with sizes
  - prints step-by-step restore instructions for each artifact type

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-10 21:17:54 +01:00

66 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# tools/cmd/railiance-restore-s2 — S2 Kubernetes Runtime restore guide
# Lists available backups and prints restore instructions.
# Actual restore of etcd requires cluster downtime — see instructions below.
set -euo pipefail
BACKUP_DIR="/opt/backup/railiance/cluster"
AGE_KEY="${HOME}/.config/sops/age/keys.txt"
echo ""
echo "railiance-cluster (S2) — Available Backups"
echo "============================================"
echo ""
if [[ ! -d "${BACKUP_DIR}" ]]; then
echo " No backup directory found at ${BACKUP_DIR}"
echo " Run: sudo make backup"
exit 1
fi
LAST=""
[[ -f "${BACKUP_DIR}/.last-backup" ]] && LAST="$(cat "${BACKUP_DIR}/.last-backup")"
[[ -n "${LAST}" ]] && echo " Last backup: ${LAST}" || echo " Last backup: unknown"
echo ""
list_type() {
local label="$1" pattern="$2"
echo " ${label}:"
local files
files="$(find "${BACKUP_DIR}" -name "${pattern}" 2>/dev/null | sort -r)"
if [[ -z "${files}" ]]; then
echo " (none)"
else
echo "${files}" | while read -r f; do
echo " $(basename "${f}") [$(du -sh "${f}" | cut -f1)]"
done
fi
echo ""
}
list_type "etcd snapshots" "etcd-*.snap.age"
list_type "Helm values" "helm-values-*.tar.gz.age"
list_type "kubeconfig" "kubeconfig-*.yaml.age"
echo "============================================"
echo ""
echo "Decrypt any file:"
echo " age -d -i ${AGE_KEY} <file>"
echo ""
echo "Restore kubeconfig:"
echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/kubeconfig-<ts>.yaml.age > ~/.kube/config-hosteurope"
echo ""
echo "Restore etcd snapshot (WARNING: destroys current cluster state):"
echo " # 1. Decrypt the snapshot"
echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/etcd-<ts>.snap.age > /tmp/etcd-restore.snap"
echo " # 2. Copy to k3s snapshot directory"
echo " sudo cp /tmp/etcd-restore.snap /var/lib/rancher/k3s/server/db/snapshots/"
echo " # 3. Stop k3s and restore"
echo " sudo systemctl stop k3s"
echo " sudo k3s server --cluster-reset --cluster-reset-restore-path=/var/lib/rancher/k3s/server/db/snapshots/etcd-restore.snap"
echo " sudo systemctl start k3s"
echo ""
echo "Restore Helm values (for re-running helm upgrade after cluster restore):"
echo " age -d -i ${AGE_KEY} ${BACKUP_DIR}/helm-values-<ts>.tar.gz.age | tar -xz -C /tmp/helm-restore/"
echo ""
Reference in New Issue View Git Blame Copy Permalink