From 3360921bae9546ba08802d9474873ab2d70c9ca3 Mon Sep 17 00:00:00 2001 From: "Dejan R." Date: Mon, 24 Nov 2025 18:23:00 +0000 Subject: [PATCH] added scipt for restore and create backup --- scripts/backup-netbird.sh | 49 ++++++++ scripts/readme.md | 252 +++++++++++++++++++++++++++++++++++++ scripts/restore-netbird.sh | 134 ++++++++++++++++++++ 3 files changed, 435 insertions(+) create mode 100644 scripts/backup-netbird.sh create mode 100644 scripts/readme.md create mode 100644 scripts/restore-netbird.sh diff --git a/scripts/backup-netbird.sh b/scripts/backup-netbird.sh new file mode 100644 index 0000000..c014767 --- /dev/null +++ b/scripts/backup-netbird.sh @@ -0,0 +1,49 @@ +#!/bin/bash +set -e + +BACKUP_DIR="/home/Dejan/Docker/Netbird-compose/backup" +TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S") +BACKUP_FILE="${BACKUP_DIR}/netbird_backup_${TIMESTAMP}.tar.gz" + +echo "[*] Creating backup directory..." +mkdir -p "$BACKUP_DIR" + +echo "[*] Stopping NetBird stack..." +docker compose down + +echo "[*] Backing up Docker volumes..." +VOLUMES=( + "netbird_zdb_data" + "netbird_management" + "netbird_zitadel_certs" +) + +TEMP_DIR="/tmp/netbird_backup_${TIMESTAMP}" +mkdir -p "$TEMP_DIR" + +for VOL in "${VOLUMES[@]}"; do + echo "[*] Exporting volume: $VOL" + docker run --rm -v ${VOL}:/volume -v $TEMP_DIR:/backup \ + alpine tar -czf /backup/${VOL}.tar.gz -C /volume . +done + +echo "[*] Backing up configuration files..." +tar -czf "$BACKUP_FILE" \ + docker-compose.yml \ + *.env \ + management.json \ + turnserver.conf \ + machinekey \ + traefik-stack \ + backup-netbird.sh \ + $TEMP_DIR/*.tar.gz + +echo "[*] Cleaning temporary files..." +rm -rf "$TEMP_DIR" + +echo "[*] Starting NetBird stack again..." +docker compose up -d + +echo "======================================================" +echo "Backup created: $BACKUP_FILE" +echo "======================================================" diff --git a/scripts/readme.md b/scripts/readme.md new file mode 100644 index 0000000..9c1d7e4 --- /dev/null +++ b/scripts/readme.md @@ -0,0 +1,252 @@ +# NetBird Backup & Restore Scripts + +Comprehensive backup and restore solution for NetBird Docker deployments with Zitadel integration. + +## Overview + +These scripts provide automated backup and restore functionality for your NetBird installation, including: +- Docker volumes (database, management data, certificates) +- Configuration files (docker-compose, environment variables) +- Traefik reverse proxy configuration +- Zitadel authentication data + +## Prerequisites + +- Docker and Docker Compose installed +- NetBird deployed via Docker Compose +- Sufficient disk space for backups +- Root or sudo access for Docker operations + +## Files + +### 1. `backup-netbird.sh` +Creates timestamped backups of your complete NetBird installation. + +### 2. `restore-netbird.sh` +Restores NetBird from a backup archive. + +## Installation + +1. Place both scripts in your NetBird installation directory: + ```bash + /home/Dejan/Docker/Netbird-compose/ + ``` + +2. Make scripts executable: + ```bash + chmod +x backup-netbird.sh restore-netbird.sh + ``` + +3. Ensure the backup directory exists: + ```bash + mkdir -p /home/Dejan/Docker/Netbird-compose/backup + ``` + +## Usage + +### Creating a Backup + +Run the backup script from your NetBird directory: + +```bash +cd /home/Dejan/Docker/Netbird-compose +./backup-netbird.sh +``` + +**What happens during backup:** +1. Creates backup directory if it doesn't exist +2. Stops the NetBird Docker stack +3. Exports all Docker volumes to compressed archives +4. Archives configuration files +5. Restarts the NetBird stack +6. Creates a timestamped backup file: `netbird_backup_YYYY-MM-DD_HH-MM-SS.tar.gz` + +**Backup includes:** +- Docker volumes: `netbird_zdb_data`, `netbird_management`, `netbird_zitadel_certs` +- Configuration: `docker-compose.yml`, `*.env` files +- NetBird config: `management.json`, `turnserver.conf` +- Authentication: `machinekey` directory +- Reverse proxy: `traefik-stack` directory +- The backup script itself + +### Restoring from Backup + +#### Option 1: Restore latest backup (automatic) +```bash +cd /home/Dejan/Docker/Netbird-compose +./restore-netbird.sh +``` + +#### Option 2: Restore specific backup +```bash +./restore-netbird.sh netbird_backup_2024-11-24_14-30-00.tar.gz +``` + +Or with full path: +```bash +./restore-netbird.sh /home/Dejan/Docker/Netbird-compose/backup/netbird_backup_2024-11-24_14-30-00.tar.gz +``` + +**What happens during restore:** +1. Validates backup file exists +2. Extracts backup to temporary directory +3. Stops current NetBird stack +4. Restores all Docker volumes +5. Restores configuration files +6. Cleans up temporary files +7. Starts NetBird stack with restored data + +## Backup Schedule + +### Manual Backups +Run before major changes: +- System updates +- Configuration modifications +- Docker Compose upgrades + +### Automated Backups (Recommended) + +Add to crontab for automatic daily backups: + +```bash +crontab -e +``` + +Add this line for daily backup at 2 AM: +```cron +0 2 * * * /home/Dejan/Docker/Netbird-compose/backup-netbird.sh >> /var/log/netbird-backup.log 2>&1 +``` + +For weekly backups (Sunday at 3 AM): +```cron +0 3 * * 0 /home/Dejan/Docker/Netbird-compose/backup-netbird.sh >> /var/log/netbird-backup.log 2>&1 +``` + +## Backup Management + +### View Available Backups +```bash +ls -lh /home/Dejan/Docker/Netbird-compose/backup/ +``` + +### Delete Old Backups +Keep only last 7 backups: +```bash +cd /home/Dejan/Docker/Netbird-compose/backup +ls -1t netbird_backup_*.tar.gz | tail -n +8 | xargs rm -f +``` + +### Backup Retention Script +Create `cleanup-old-backups.sh`: +```bash +#!/bin/bash +BACKUP_DIR="/home/Dejan/Docker/Netbird-compose/backup" +KEEP_LAST=7 +cd "$BACKUP_DIR" +ls -1t netbird_backup_*.tar.gz | tail -n +$((KEEP_LAST + 1)) | xargs -r rm -f +echo "Cleaned up old backups, kept last $KEEP_LAST" +``` + +## Troubleshooting + +### Backup Script Fails +- **Insufficient disk space**: Check available space with `df -h` +- **Docker not running**: Start Docker service: `sudo systemctl start docker` +- **Permission denied**: Run with sudo: `sudo ./backup-netbird.sh` + +### Restore Script Fails +- **Backup file not found**: Verify path and filename +- **Volume restore fails**: Check Docker is running and volumes are accessible +- **Stack won't start**: Check logs: `docker compose logs` + +### Common Issues + +**Stack doesn't start after restore:** +```bash +# Check container logs +docker compose logs -f + +# Verify volumes exist +docker volume ls | grep netbird + +# Try manual restart +docker compose down +docker compose up -d +``` + +**Configuration mismatch:** +```bash +# Verify restored files +ls -la /home/Dejan/Docker/Netbird-compose/ + +# Check environment variables +cat .env +``` + +## Important Notes + +- **Downtime**: Both backup and restore scripts stop the NetBird stack temporarily +- **Backup size**: Varies based on database size and user count (typically 100MB-1GB) +- **Storage**: Ensure adequate backup storage space +- **Testing**: Test restore process in a development environment first +- **Security**: Backup files contain sensitive data - secure appropriately + +## Backup Security + +Protect your backups: + +1. **Restrict permissions:** + ```bash + chmod 700 /home/Dejan/Docker/Netbird-compose/backup + chmod 600 /home/Dejan/Docker/Netbird-compose/backup/*.tar.gz + ``` + +2. **Encrypt backups (optional):** + ```bash + gpg --symmetric --cipher-algo AES256 netbird_backup_*.tar.gz + ``` + +3. **Off-site backup:** + ```bash + # Example: rsync to remote server + rsync -avz backup/ user@backup-server:/backups/netbird/ + ``` + +## Migration Guide + +To migrate NetBird to a new server: + +1. **On old server:** Create backup + ```bash + ./backup-netbird.sh + ``` + +2. **Transfer backup file:** + ```bash + scp backup/netbird_backup_*.tar.gz user@new-server:/tmp/ + ``` + +3. **On new server:** Install Docker, Docker Compose, and NetBird structure + +4. **Restore backup:** + ```bash + ./restore-netbird.sh /tmp/netbird_backup_*.tar.gz + ``` + +5. **Update DNS/IP** if necessary + +## Support + +For issues or questions: +- Check NetBird documentation: https://docs.netbird.io +- Review Docker Compose logs: `docker compose logs` +- Verify volume integrity: `docker volume inspect ` + +## Version History + +- **v1.0** - Initial backup and restore scripts with full volume and config support + +--- + +**Created for NetBird deployment at:** `/home/Dejan/Docker/Netbird-compose/` +**Last updated:** November 2024 \ No newline at end of file diff --git a/scripts/restore-netbird.sh b/scripts/restore-netbird.sh new file mode 100644 index 0000000..4aad210 --- /dev/null +++ b/scripts/restore-netbird.sh @@ -0,0 +1,134 @@ +#!/bin/bash +set -e + +# ============================================ +# CONFIG +# ============================================ +BASE_DIR="/home/Dejan/Docker/Netbird-compose" +BACKUP_DIR="${BASE_DIR}/backup" + +cd "$BASE_DIR" + +# ============================================ +# SELECT BACKUP FILE +# ============================================ +if [[ -n "$1" ]]; then + BACKUP_FILE="$1" + # If a relative path is passed, prepend BACKUP_DIR if file not found + if [[ ! -f "$BACKUP_FILE" ]]; then + if [[ -f "${BACKUP_DIR}/$BACKUP_FILE" ]]; then + BACKUP_FILE="${BACKUP_DIR}/$BACKUP_FILE" + fi + fi +else + # Auto-select latest backup + BACKUP_FILE=$(ls -1t "${BACKUP_DIR}"/netbird_backup_*.tar.gz 2>/dev/null | head -n 1 || true) +fi + +if [[ -z "$BACKUP_FILE" || ! -f "$BACKUP_FILE" ]]; then + echo "ERROR: Backup file not found." + echo "Usage: $0 [path/to/netbird_backup_*.tar.gz]" + exit 1 +fi + +echo "[*] Using backup file: $BACKUP_FILE" + +# ============================================ +# PREPARE TEMP DIR +# ============================================ +TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S") +TEMP_DIR="/tmp/netbird_restore_${TIMESTAMP}" + +echo "[*] Creating temp directory: $TEMP_DIR" +mkdir -p "$TEMP_DIR" + +echo "[*] Extracting backup archive..." +tar -xzf "$BACKUP_FILE" -C "$TEMP_DIR" + +# ============================================ +# STOP CURRENT STACK +# ============================================ +echo "[*] Stopping current NetBird stack (if running)..." +docker compose down || true + +# ============================================ +# RESTORE DOCKER VOLUMES +# ============================================ +VOLUMES=( + "netbird_zdb_data" + "netbird_management" + "netbird_zitadel_certs" +) + +for VOL in "${VOLUMES[@]}"; do + VOL_ARCHIVE="${TEMP_DIR}/${VOL}.tar.gz" + if [[ ! -f "$VOL_ARCHIVE" ]]; then + echo "[!] WARNING: Volume archive not found for ${VOL} at ${VOL_ARCHIVE}, skipping..." + continue + fi + + echo "[*] Ensuring Docker volume exists: $VOL" + if ! docker volume ls -q | grep -q "^${VOL}$"; then + docker volume create "$VOL" >/dev/null + fi + + echo "[*] Restoring volume: $VOL" + docker run --rm \ + -v "${VOL}:/volume" \ + -v "${TEMP_DIR}:/backup" \ + alpine sh -c "cd /volume && tar -xzf /backup/$(basename "$VOL_ARCHIVE")" +done + +# ============================================ +# RESTORE CONFIG FILES +# ============================================ +echo "[*] Restoring configuration files to ${BASE_DIR}..." + +# docker-compose.yml +if [[ -f "${TEMP_DIR}/docker-compose.yml" ]]; then + cp -a "${TEMP_DIR}/docker-compose.yml" "${BASE_DIR}/" +fi + +# *.env files +if ls "${TEMP_DIR}"/*.env >/dev/null 2>&1; then + cp -a "${TEMP_DIR}"/*.env "${BASE_DIR}/" +fi + +# management.json +if [[ -f "${TEMP_DIR}/management.json" ]]; then + cp -a "${TEMP_DIR}/management.json" "${BASE_DIR}/" +fi + +# turnserver.conf +if [[ -f "${TEMP_DIR}/turnserver.conf" ]]; then + cp -a "${TEMP_DIR}/turnserver.conf" "${BASE_DIR}/" +fi + +# machinekey directory +if [[ -d "${TEMP_DIR}/machinekey" ]]; then + rm -rf "${BASE_DIR}/machinekey" + cp -a "${TEMP_DIR}/machinekey" "${BASE_DIR}/" +fi + +# traefik-stack directory (if present in backup) +if [[ -d "${TEMP_DIR}/traefik-stack" ]]; then + rm -rf "${BASE_DIR}/traefik-stack" + cp -a "${TEMP_DIR}/traefik-stack" "${BASE_DIR}/" +fi + +# ============================================ +# CLEAN UP TEMP +# ============================================ +echo "[*] Cleaning up temporary directory..." +rm -rf "$TEMP_DIR" + +# ============================================ +# START STACK +# ============================================ +echo "[*] Starting NetBird stack..." +docker compose up -d + +echo "==========================================================" +echo "Restore completed from: $BACKUP_FILE" +echo "NetBird + Zitadel stack should now be running again." +echo "=========================================================="