added scipt for restore and create backup

2025-11-24 18:23:00 +00:00 · 2025-11-24 18:23:00 +00:00 · 3360921bae
parent 31b6850b9c
commit 3360921bae
3 changed files with 435 additions and 0 deletions
--- a/scripts/backup-netbird.sh
+++ b/scripts/backup-netbird.sh
@ -0,0 +1,49 @@
+#!/bin/bash
+set -e
+
+BACKUP_DIR="/home/Dejan/Docker/Netbird-compose/backup"
+TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")
+BACKUP_FILE="${BACKUP_DIR}/netbird_backup_${TIMESTAMP}.tar.gz"
+
+echo "[*] Creating backup directory..."
+mkdir -p "$BACKUP_DIR"
+
+echo "[*] Stopping NetBird stack..."
+docker compose down
+
+echo "[*] Backing up Docker volumes..."
+VOLUMES=(
+  "netbird_zdb_data"
+  "netbird_management"
+  "netbird_zitadel_certs"
+)
+
+TEMP_DIR="/tmp/netbird_backup_${TIMESTAMP}"
+mkdir -p "$TEMP_DIR"
+
+for VOL in "${VOLUMES[@]}"; do
+  echo "[*] Exporting volume: $VOL"
+  docker run --rm -v ${VOL}:/volume -v $TEMP_DIR:/backup \
+    alpine tar -czf /backup/${VOL}.tar.gz -C /volume .
+done
+
+echo "[*] Backing up configuration files..."
+tar -czf "$BACKUP_FILE" \
+  docker-compose.yml \
+  *.env \
+  management.json \
+  turnserver.conf \
+  machinekey \
+  traefik-stack \
+  backup-netbird.sh \
+  $TEMP_DIR/*.tar.gz
+
+echo "[*] Cleaning temporary files..."
+rm -rf "$TEMP_DIR"
+
+echo "[*] Starting NetBird stack again..."
+docker compose up -d
+
+echo "======================================================"
+echo "Backup created: $BACKUP_FILE"
+echo "======================================================"
--- a/scripts/readme.md
+++ b/scripts/readme.md
@ -0,0 +1,252 @@
+# NetBird Backup & Restore Scripts
+
+Comprehensive backup and restore solution for NetBird Docker deployments with Zitadel integration.
+
+## Overview
+
+These scripts provide automated backup and restore functionality for your NetBird installation, including:
+- Docker volumes (database, management data, certificates)
+- Configuration files (docker-compose, environment variables)
+- Traefik reverse proxy configuration
+- Zitadel authentication data
+
+## Prerequisites
+
+- Docker and Docker Compose installed
+- NetBird deployed via Docker Compose
+- Sufficient disk space for backups
+- Root or sudo access for Docker operations
+
+## Files
+
+### 1. `backup-netbird.sh`
+Creates timestamped backups of your complete NetBird installation.
+
+### 2. `restore-netbird.sh`
+Restores NetBird from a backup archive.
+
+## Installation
+
+1. Place both scripts in your NetBird installation directory:
+   ```bash
+   /home/Dejan/Docker/Netbird-compose/
+   ```
+
+2. Make scripts executable:
+   ```bash
+   chmod +x backup-netbird.sh restore-netbird.sh
+   ```
+
+3. Ensure the backup directory exists:
+   ```bash
+   mkdir -p /home/Dejan/Docker/Netbird-compose/backup
+   ```
+
+## Usage
+
+### Creating a Backup
+
+Run the backup script from your NetBird directory:
+
+```bash
+cd /home/Dejan/Docker/Netbird-compose
+./backup-netbird.sh
+```
+
+**What happens during backup:**
+1. Creates backup directory if it doesn't exist
+2. Stops the NetBird Docker stack
+3. Exports all Docker volumes to compressed archives
+4. Archives configuration files
+5. Restarts the NetBird stack
+6. Creates a timestamped backup file: `netbird_backup_YYYY-MM-DD_HH-MM-SS.tar.gz`
+
+**Backup includes:**
+- Docker volumes: `netbird_zdb_data`, `netbird_management`, `netbird_zitadel_certs`
+- Configuration: `docker-compose.yml`, `*.env` files
+- NetBird config: `management.json`, `turnserver.conf`
+- Authentication: `machinekey` directory
+- Reverse proxy: `traefik-stack` directory
+- The backup script itself
+
+### Restoring from Backup
+
+#### Option 1: Restore latest backup (automatic)
+```bash
+cd /home/Dejan/Docker/Netbird-compose
+./restore-netbird.sh
+```
+
+#### Option 2: Restore specific backup
+```bash
+./restore-netbird.sh netbird_backup_2024-11-24_14-30-00.tar.gz
+```
+
+Or with full path:
+```bash
+./restore-netbird.sh /home/Dejan/Docker/Netbird-compose/backup/netbird_backup_2024-11-24_14-30-00.tar.gz
+```
+
+**What happens during restore:**
+1. Validates backup file exists
+2. Extracts backup to temporary directory
+3. Stops current NetBird stack
+4. Restores all Docker volumes
+5. Restores configuration files
+6. Cleans up temporary files
+7. Starts NetBird stack with restored data
+
+## Backup Schedule
+
+### Manual Backups
+Run before major changes:
+- System updates
+- Configuration modifications
+- Docker Compose upgrades
+
+### Automated Backups (Recommended)
+
+Add to crontab for automatic daily backups:
+
+```bash
+crontab -e
+```
+
+Add this line for daily backup at 2 AM:
+```cron
+0 2 * * * /home/Dejan/Docker/Netbird-compose/backup-netbird.sh >> /var/log/netbird-backup.log 2>&1
+```
+
+For weekly backups (Sunday at 3 AM):
+```cron
+0 3 * * 0 /home/Dejan/Docker/Netbird-compose/backup-netbird.sh >> /var/log/netbird-backup.log 2>&1
+```
+
+## Backup Management
+
+### View Available Backups
+```bash
+ls -lh /home/Dejan/Docker/Netbird-compose/backup/
+```
+
+### Delete Old Backups
+Keep only last 7 backups:
+```bash
+cd /home/Dejan/Docker/Netbird-compose/backup
+ls -1t netbird_backup_*.tar.gz | tail -n +8 | xargs rm -f
+```
+
+### Backup Retention Script
+Create `cleanup-old-backups.sh`:
+```bash
+#!/bin/bash
+BACKUP_DIR="/home/Dejan/Docker/Netbird-compose/backup"
+KEEP_LAST=7
+cd "$BACKUP_DIR"
+ls -1t netbird_backup_*.tar.gz | tail -n +$((KEEP_LAST + 1)) | xargs -r rm -f
+echo "Cleaned up old backups, kept last $KEEP_LAST"
+```
+
+## Troubleshooting
+
+### Backup Script Fails
+- **Insufficient disk space**: Check available space with `df -h`
+- **Docker not running**: Start Docker service: `sudo systemctl start docker`
+- **Permission denied**: Run with sudo: `sudo ./backup-netbird.sh`
+
+### Restore Script Fails
+- **Backup file not found**: Verify path and filename
+- **Volume restore fails**: Check Docker is running and volumes are accessible
+- **Stack won't start**: Check logs: `docker compose logs`
+
+### Common Issues
+
+**Stack doesn't start after restore:**
+```bash
+# Check container logs
+docker compose logs -f
+
+# Verify volumes exist
+docker volume ls | grep netbird
+
+# Try manual restart
+docker compose down
+docker compose up -d
+```
+
+**Configuration mismatch:**
+```bash
+# Verify restored files
+ls -la /home/Dejan/Docker/Netbird-compose/
+
+# Check environment variables
+cat .env
+```
+
+## Important Notes
+
+- **Downtime**: Both backup and restore scripts stop the NetBird stack temporarily
+- **Backup size**: Varies based on database size and user count (typically 100MB-1GB)
+- **Storage**: Ensure adequate backup storage space
+- **Testing**: Test restore process in a development environment first
+- **Security**: Backup files contain sensitive data - secure appropriately
+
+## Backup Security
+
+Protect your backups:
+
+1. **Restrict permissions:**
+   ```bash
+   chmod 700 /home/Dejan/Docker/Netbird-compose/backup
+   chmod 600 /home/Dejan/Docker/Netbird-compose/backup/*.tar.gz
+   ```
+
+2. **Encrypt backups (optional):**
+   ```bash
+   gpg --symmetric --cipher-algo AES256 netbird_backup_*.tar.gz
+   ```
+
+3. **Off-site backup:**
+   ```bash
+   # Example: rsync to remote server
+   rsync -avz backup/ user@backup-server:/backups/netbird/
+   ```
+
+## Migration Guide
+
+To migrate NetBird to a new server:
+
+1. **On old server:** Create backup
+   ```bash
+   ./backup-netbird.sh
+   ```
+
+2. **Transfer backup file:**
+   ```bash
+   scp backup/netbird_backup_*.tar.gz user@new-server:/tmp/
+   ```
+
+3. **On new server:** Install Docker, Docker Compose, and NetBird structure
+
+4. **Restore backup:**
+   ```bash
+   ./restore-netbird.sh /tmp/netbird_backup_*.tar.gz
+   ```
+
+5. **Update DNS/IP** if necessary
+
+## Support
+
+For issues or questions:
+- Check NetBird documentation: https://docs.netbird.io
+- Review Docker Compose logs: `docker compose logs`
+- Verify volume integrity: `docker volume inspect <volume_name>`
+
+## Version History
+
+- **v1.0** - Initial backup and restore scripts with full volume and config support
+
+---
+
+**Created for NetBird deployment at:** `/home/Dejan/Docker/Netbird-compose/`  
+**Last updated:** November 2024
--- a/scripts/restore-netbird.sh
+++ b/scripts/restore-netbird.sh
@ -0,0 +1,134 @@
+#!/bin/bash
+set -e
+
+# ============================================
+# CONFIG
+# ============================================
+BASE_DIR="/home/Dejan/Docker/Netbird-compose"
+BACKUP_DIR="${BASE_DIR}/backup"
+
+cd "$BASE_DIR"
+
+# ============================================
+# SELECT BACKUP FILE
+# ============================================
+if [[ -n "$1" ]]; then
+  BACKUP_FILE="$1"
+  # If a relative path is passed, prepend BACKUP_DIR if file not found
+  if [[ ! -f "$BACKUP_FILE" ]]; then
+    if [[ -f "${BACKUP_DIR}/$BACKUP_FILE" ]]; then
+      BACKUP_FILE="${BACKUP_DIR}/$BACKUP_FILE"
+    fi
+  fi
+else
+  # Auto-select latest backup
+  BACKUP_FILE=$(ls -1t "${BACKUP_DIR}"/netbird_backup_*.tar.gz 2>/dev/null | head -n 1 || true)
+fi
+
+if [[ -z "$BACKUP_FILE" || ! -f "$BACKUP_FILE" ]]; then
+  echo "ERROR: Backup file not found."
+  echo "Usage: $0 [path/to/netbird_backup_*.tar.gz]"
+  exit 1
+fi
+
+echo "[*] Using backup file: $BACKUP_FILE"
+
+# ============================================
+# PREPARE TEMP DIR
+# ============================================
+TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")
+TEMP_DIR="/tmp/netbird_restore_${TIMESTAMP}"
+
+echo "[*] Creating temp directory: $TEMP_DIR"
+mkdir -p "$TEMP_DIR"
+
+echo "[*] Extracting backup archive..."
+tar -xzf "$BACKUP_FILE" -C "$TEMP_DIR"
+
+# ============================================
+# STOP CURRENT STACK
+# ============================================
+echo "[*] Stopping current NetBird stack (if running)..."
+docker compose down || true
+
+# ============================================
+# RESTORE DOCKER VOLUMES
+# ============================================
+VOLUMES=(
+  "netbird_zdb_data"
+  "netbird_management"
+  "netbird_zitadel_certs"
+)
+
+for VOL in "${VOLUMES[@]}"; do
+  VOL_ARCHIVE="${TEMP_DIR}/${VOL}.tar.gz"
+  if [[ ! -f "$VOL_ARCHIVE" ]]; then
+    echo "[!] WARNING: Volume archive not found for ${VOL} at ${VOL_ARCHIVE}, skipping..."
+    continue
+  fi
+
+  echo "[*] Ensuring Docker volume exists: $VOL"
+  if ! docker volume ls -q | grep -q "^${VOL}$"; then
+    docker volume create "$VOL" >/dev/null
+  fi
+
+  echo "[*] Restoring volume: $VOL"
+  docker run --rm \
+    -v "${VOL}:/volume" \
+    -v "${TEMP_DIR}:/backup" \
+    alpine sh -c "cd /volume && tar -xzf /backup/$(basename "$VOL_ARCHIVE")"
+done
+
+# ============================================
+# RESTORE CONFIG FILES
+# ============================================
+echo "[*] Restoring configuration files to ${BASE_DIR}..."
+
+# docker-compose.yml
+if [[ -f "${TEMP_DIR}/docker-compose.yml" ]]; then
+  cp -a "${TEMP_DIR}/docker-compose.yml" "${BASE_DIR}/"
+fi
+
+# *.env files
+if ls "${TEMP_DIR}"/*.env >/dev/null 2>&1; then
+  cp -a "${TEMP_DIR}"/*.env "${BASE_DIR}/"
+fi
+
+# management.json
+if [[ -f "${TEMP_DIR}/management.json" ]]; then
+  cp -a "${TEMP_DIR}/management.json" "${BASE_DIR}/"
+fi
+
+# turnserver.conf
+if [[ -f "${TEMP_DIR}/turnserver.conf" ]]; then
+  cp -a "${TEMP_DIR}/turnserver.conf" "${BASE_DIR}/"
+fi
+
+# machinekey directory
+if [[ -d "${TEMP_DIR}/machinekey" ]]; then
+  rm -rf "${BASE_DIR}/machinekey"
+  cp -a "${TEMP_DIR}/machinekey" "${BASE_DIR}/"
+fi
+
+# traefik-stack directory (if present in backup)
+if [[ -d "${TEMP_DIR}/traefik-stack" ]]; then
+  rm -rf "${BASE_DIR}/traefik-stack"
+  cp -a "${TEMP_DIR}/traefik-stack" "${BASE_DIR}/"
+fi
+
+# ============================================
+# CLEAN UP TEMP
+# ============================================
+echo "[*] Cleaning up temporary directory..."
+rm -rf "$TEMP_DIR"
+
+# ============================================
+# START STACK
+# ============================================
+echo "[*] Starting NetBird stack..."
+docker compose up -d
+
+echo "=========================================================="
+echo "Restore completed from: $BACKUP_FILE"
+echo "NetBird + Zitadel stack should now be running again."
+echo "=========================================================="