s4k-psql-db-backuper/README.md

# 💾 PostgreSQL Backup Automator (Bash)

### 🚀 The Problem
In ISP environments, database backups are critical. Relying on manual exports is risky, and standard tools often lack built-in monitoring, retention policies, and smart remote storage integration.

### 🛠 The Solution
This script provides a robust automation layer for `pg_basebackup`. It ensures backups are created, transferred to remote **NFS storage**, monitored via **Telegram/Email**, and rotated automatically to save space.

### Key Features:
* ● **NFS-Aware:** Automatically checks, mounts, and verifies remote storage before starting the dump.
* ● **Concurrency Control:** Uses `flock` to prevent process overlapping and race conditions.
* ● **Health Monitoring:** Real-time Telegram alerts for failures and detailed Email reports for successful runs.
* ● **Retention Management:** Automatically purges old backups based on a configurable RETENTION_DAYS policy.
* ● **Dry-Run Mode:** Safe debugging mode (`DEBUG=1`) to test logic without affecting data.
* ● **Dependency Check:** Built-in verification for pg_basebackup, curl, and mailutils.

### 📦 Dependencies & Requirements

| Component | Ubuntu/Debian | RHEL/CentOS/Rocky |
| :--- | :--- | :--- |
| **NFS Server** | `nfs-kernel-server` | `nfs-utils` |
| **NFS Client** | `nfs-common` | `nfs-utils` + `rpcbind` |
| **PostgreSQL** | `postgresql-client` | `postgresql` |
| **Reports** | `curl`, `mailutils` | `curl`, `mailx` |

### 📖 Usage (locally)
1. Clone the repository and navigate to the directory.
2. Create your configuration from the template:
   ```bash
   cp db_backuper.conf.example db_backuper.conf
   ```
3. Edit `db_backuper.conf` with your DB credentials, NFS paths, and API tokens.
4. Add to your crontab (e.g., daily at 02:00):
   ```bash
   # crontab -e (edit crontab)
   0 2 * * * /path/to/db_backuper.sh
   ```

### 📁 Remote Storage Setup (NFS Guide)
To use the remote backup feature, follow these steps to configure your NFS environment.
1. On the Backup Server (Storage)
Add the client's IP to your exports file:
   ```bash
   # Edit /etc/exports (Path to the backup folder and the DB server IP):
   /backups/your_db_path  192.168.X.X (rw,sync,no_root_squash,no_subtree_check)
   # Where 192.168.X.X is the IP of your DB/Billing server.
   ```
Restart services to apply changes:
   ```bash
   sudo systemctl restart rpcbind nfs-kernel-server
   ```
**Firewall Configuration** (`iptables`):
Ensure ports `111` and `2049` (TCP/UDP) are open for the client IP:
   ```bash
   iptables -A INPUT -s 192.168.X.X/32 -p tcp --dport 111 -j ACCEPT
   iptables -A INPUT -s 192.168.X.X/32 -p udp --dport 111 -j ACCEPT
   iptables -A INPUT -s 192.168.X.X/32 -p tcp --dport 2049 -j ACCEPT
   iptables -A INPUT -s 192.168.X.X/32 -p udp --dport 2049 -j ACCEPT
   ```
**For Remote Server need to install NFS-kernel if not installed yet:**
**Ubuntu/Debian:**
   ```bash
   sudo apt update && sudo apt install nfs-kernel-server -y
   ```
**RHEL/CentOS:**
   ```bash
   sudo yum install nfs-utils -y
   ```
2. On the Client Side (Database Server)
The script handles mounting automatically, but if you want to persist the mount or test it manually:
   ```bash
   # Manual mount
   sudo mount -t nfs 192.168.X.Y:/backups/your_db_path /var/db_backups_via_nfs

   # Permanent mount via /etc/fstab
   192.168.X.Y:/backups/your_db_path  /var/db_backups_via_nfs  nfs  defaults,timeo=900,retrans=5,_netdev  0  0
   # Where 192.168.X.Y - IP of the server with NFS-share folder from the 1st step.
   ```
## For **Client Side (Database Server)** need to install NFS-common if not installed yet:
**Ubuntu/Debian:**
   ```bash
   sudo apt update && sudo apt install nfs-common -y
   ```
**RHEL/CentOS:**
   ```bash
   sudo yum install nfs-utils -y
   sudo systemctl enable --now rpcbind
   ```

### ⚖️ License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

### ⚠️ Disclaimer:
**Use at your own risk! The author is not responsible for any data loss or infrastructure downtime.**