Last active
May 17, 2017 13:36
-
-
Save H-Max/cbbb05c70bad6b96975e8fa90c1f5b0b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Mongodump + GPG + S3 | |
# | |
# MDB_HOST is your mongod/s host / IP | |
# MDB_PORT is your mongod/s instance port | |
# MDB_BACKUP_USER is your mongodb backup user with backup/restore role | |
# MDB_BACKUP_PASSWORD is your mongodb backup user password | |
# MDB_AUTHDB is mongodb database used for authentication mechanism | |
# MDB_DB is the dabatase you want to backup | |
# BACKUP_BUCKET is the S3 bucket where you store your backups | |
# GPG_RECIPIENT is the recipient footprint in your GPG recipient list | |
# IAM_PROFILE is a profile with upload rights to the S3 bucket, that you configured with "aws configure {profile_name}" | |
# | |
# Of course, you use SSL, because security and privacy matters more than anything else | |
# On the S3 side, use Infrequent access storage class (it's for backups after all) and enable encryption (--sse) | |
(echo $MDB_BACKUP_PASSWORD) \ | |
| mongodump --host $MDB_HOST --port $MDB_PORT -u $MDB_BACKUP_USER --authenticationDatabase $MDB_AUTHDB --ssl --sslAllowInvalidCertificates --sslAllowInvalidHostnames --archive --db $MDB_DB \ | |
| gpg --output - --encrypt --batch --recipient $GPG_RECIPIENT --yes \ | |
| aws s3 cp - s3://$BACKUP_BUCKET/$MDB_DB.gpg --storage-class STANDARD_IA --sse --profile $IAM_PROFILE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment