Skip to content

Instantly share code, notes, and snippets.

@satabin

satabin/01-README.md

Last active September 2, 2023 14:26
Show Gist options
  • Save satabin/d11f9b550769d15a2f17e24130fc9093 to your computer and use it in GitHub Desktop.
Save satabin/d11f9b550769d15a2f17e24130fc9093 to your computer and use it in GitHub Desktop.
Download ZIP
My service maintenance scripts and units
Raw
01-README.md

This gist lists the systemd units, timers, and scripts I am running to maintain my various services.

Backups

Data are backed up in an S3 compatible data store. To add a service using a database, just add the service name and database to the services.json file.

The backup runs as the backup user, which has read-only access to all databases. This is ensured by giving the appropriate role:

GRANT pg_read_all_data TO backup;

The backup user also is allowed to read the redis dump (group redis on Debian).

Raw
backup.sh
#!/bin/bash
now=$(date --iso-8601=seconds)
echo "Backing up postgresql databases..."
for service in $(jq -c '.postgresql | to_entries[]' services.json); do
name=$(echo $service | jq -r '.key')
db=$(echo $service | jq -r '.value')
file="/tmp/postgresql-$name.dump"
echo "Service $name"
pg_dump -Fc $db -f $file
echo " in file $file"
aws s3 cp $file s3://my-backups-bucket/postgresql/$now/
done
echo "Backing up Redis dump..."
aws s3 cp /var/lib/redis/dump.rdb s3://my-backups-bucket/redis/$now/
Raw
services-backup.service
[Unit]
Description=Backup Service data
[Service]
Type=oneshot
WorkingDirectory=/opt/backups
ExecStart=bash ./backup.sh
User=backup
Group=backup
[Install]
WantedBy=multi-user.target
Raw
services-backup.timer
[Unit]
Description="Backup Service data every day"
[Timer]
OnCalendar=*-*-* 1:00:00
Unit=services-backup.service
[Install]
WantedBy=timers.target
Raw
services.json
{
"postgresql": {
"mastodon": "mastodon_production",
"bookwyrm": "bookwyrm",
"umap": "umap",
"synapse": "synapse"
}
}
Raw
tootctl-prune-profiles.service
[Unit]
Description=Prune profiles with tootctl
[Service]
Type=oneshot
Environment="RAILS_ENV=production"
Environment="LD_PRELOAD=libjemalloc.so"
WorkingDirectory=/home/mastodon/live
ExecStart=/home/mastodon/.rbenv/shims/bundle exec /home/mastodon/live/bin/tootctl media remove --prune-profiles
User=mastodon
[Install]
WantedBy=multi-user.target
Raw
tootctl-prune-profiles.timer
[Unit]
Description="Prune profiles every day"
[Timer]
OnCalendar=*-*-* 2:00:00
Unit=tootctl-prune-profiles.service
[Install]
WantedBy=timers.target
Raw
tootctl-remove-media.service
[Unit]
Description=Cleanup media with tootctl
[Service]
Type=oneshot
Environment="RAILS_ENV=production"
Environment="LD_PRELOAD=libjemalloc.so"
WorkingDirectory=/home/mastodon/live
ExecStart=/home/mastodon/.rbenv/shims/bundle exec /home/mastodon/live/bin/tootctl media remove
User=mastodon
[Install]
WantedBy=multi-user.target
Raw
tootctl-remove-media.timer
[Unit]
Description="Cleanup media every day"
[Timer]
OnCalendar=*-*-* 1:00:00
Unit=tootctl-remove-media.service
[Install]
WantedBy=timers.target
Raw
tootctl-remove-preview-cards.service
[Unit]
Description=Cleanup preview cards with tootctl
[Service]
Type=oneshot
Environment="RAILS_ENV=production"
Environment="LD_PRELOAD=libjemalloc.so"
WorkingDirectory=/home/mastodon/live
ExecStart=/home/mastodon/.rbenv/shims/bundle exec /home/mastodon/live/bin/tootctl preview_cards remove
User=mastodon
[Install]
WantedBy=multi-user.target
Raw
tootctl-remove-preview-cards.timer
[Unit]
Description="Cleanup preview cards every day"
[Timer]
OnCalendar=*-*-* 2:00:00
Unit=tootctl-remove-preview-cards.service
[Install]
WantedBy=timers.target
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment