Add database backup cron every 30 minutes via Ansible

- backup.sh.j2: pg_dump via Docker, gzip, 7 days retention - deploy.yml: create backup dir, deploy script, configure cron - TASK_CHECKUP: mark backup as done Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 19:52:52 +01:00
parent b7b56ed35a
commit 30eceeccf9
3 changed files with 47 additions and 1 deletions
--- a/TASK_CHECKUP.md
+++ b/TASK_CHECKUP.md
@@ -55,5 +55,5 @@
 - [ ] Ajouter des tests pour le flow d'inscription via invitation

 ### Infrastructure
- [ ] Configurer les crons pour les backups automatiques de la base de données
+- [x] Configurer les crons pour les backups automatiques de la base de données (toutes les 30 min, rétention 7 jours)
 - [ ] Ajouter le monitoring des queues Messenger (failed messages)
--- a/ansible/backup.sh.j2
+++ b/ansible/backup.sh.j2
@@ -0,0 +1,23 @@
+#!/bin/bash
+# E-Ticket database backup script
+# Runs every 30 minutes via cron
+
+BACKUP_DIR="/var/backups/e-ticket"
+DATE=$(date +%Y%m%d_%H%M%S)
+FILENAME="e_ticket_${DATE}.sql.gz"
+KEEP_DAYS=7
+
+# Dump database via Docker
+docker compose -f /var/www/e-ticket/docker-compose-prod.yml exec -T database pg_dump -U {{ vault_postgres_user }} {{ vault_postgres_db }} | gzip > "${BACKUP_DIR}/${FILENAME}"
+
+# Check if backup was created
+if [ -f "${BACKUP_DIR}/${FILENAME}" ] && [ -s "${BACKUP_DIR}/${FILENAME}" ]; then
+    echo "[$(date)] Backup OK: ${FILENAME} ($(du -h "${BACKUP_DIR}/${FILENAME}" | cut -f1))"
+else
+    echo "[$(date)] ERROR: Backup failed"
+    exit 1
+fi
+
+# Remove backups older than KEEP_DAYS days
+find "${BACKUP_DIR}" -name "e_ticket_*.sql.gz" -mtime +${KEEP_DAYS} -delete
+echo "[$(date)] Cleaned backups older than ${KEEP_DAYS} days"
--- a/ansible/deploy.yml
+++ b/ansible/deploy.yml
@@ -166,6 +166,29 @@
        mode: "0644"
      notify: Reload Caddy

+    - name: Create backup directory
+      file:
+        path: /var/backups/e-ticket
+        state: directory
+        owner: bot
+        group: bot
+        mode: "0750"
+
+    - name: Deploy backup script
+      template:
+        src: backup.sh.j2
+        dest: /var/backups/e-ticket/backup.sh
+        owner: bot
+        group: bot
+        mode: "0750"
+
+    - name: Configure backup cron (every 30 minutes)
+      cron:
+        name: "e-ticket database backup"
+        minute: "*/30"
+        job: "/var/backups/e-ticket/backup.sh >> /var/log/e-ticket-backup.log 2>&1"
+        user: bot
+
  post_tasks:
    - name: Disable maintenance mode
      command: make maintenance_off