feat: add s3 backup support

Author: pcfreak30

Dockerfile

@@ -5,8 +5,26 @@ FROM docker.io/bitnami/etcd:${ETCD_VERSION}
 # Switch to root user
 USER root
 
+# Install required packages
+RUN apt-get update && apt-get install -y \
+    wget \
+    ca-certificates \
+    cronie \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install minio client
+RUN wget https://dl.min.io/client/mc/release/linux-amd64/mc -O /usr/local/bin/mc && \
+    chmod +x /usr/local/bin/mc
+
+# Create backup directory
+RUN mkdir -p /backup
+
 VOLUME ["/bitnami/etcd"]
 
+# Copy backup scripts directly to /usr/local/bin
+COPY backup/*.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/*.sh
+
 # Copy our custom entrypoint
 COPY docker-entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/docker-entrypoint.sh

backup/backup-etcd.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+
+# Configure mc client if not already configured
+if [ ! -f /root/.mc/config.json ]; then
+    mc alias set s3 $S3_ENDPOINT $S3_ACCESS_KEY $S3_SECRET_KEY
+fi
+
+# Create backup directory if it doesn't exist
+BACKUP_DIR="/backup"
+mkdir -p $BACKUP_DIR
+
+# Create backup with timestamp
+TIMESTAMP=$(date +%Y%m%d_%H%M%S)
+BACKUP_NAME="etcd-backup-${TIMESTAMP}.db"
+BACKUP_PATH="${BACKUP_DIR}/${BACKUP_NAME}"
+
+# Create ETCD snapshot
+etcdctl snapshot save $BACKUP_PATH
+
+# Compress backup
+gzip $BACKUP_PATH
+
+# Upload to S3
+mc cp "${BACKUP_PATH}.gz" "s3/$S3_BUCKET/"
+
+# Clean up local backup
+rm -f "${BACKUP_PATH}.gz"
+
+# Clean up old backups in S3
+RETENTION_DAYS=${BACKUP_RETENTION_DAYS:-7}  # Default to 7 days if not set
+mc rm --force --recursive --older-than "${RETENTION_DAYS}d" "s3/$S3_BUCKET/"
+
+echo "Backup completed successfully at $(date)"

backup/crontab

@@ -0,0 +1,2 @@
+# Run backup every 6 hours
+0 */6 * * * /usr/local/bin/backup-etcd.sh >> /var/log/etcd-backup.log 2>&1

backup/init-backup.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+# Validate backup is enabled
+BACKUP_ENABLED=${BACKUP_ENABLED:-true}
+if [ "$BACKUP_ENABLED" != "true" ]; then
+    echo "Backup system is disabled via BACKUP_ENABLED=false"
+    exit 0
+fi
+
+# Install crontab
+crontab /backup/crontab
+
+# Start crond in background
+/usr/sbin/crond
+
+# Configure mc client
+mc alias set s3 $S3_ENDPOINT $S3_ACCESS_KEY $S3_SECRET_KEY
+
+echo "Backup system initialized successfully"

backup/restore-etcd.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+set -e
+
+# Configure mc client if not already configured
+if [ ! -f /root/.mc/config.json ]; then
+    mc alias set s3 $S3_ENDPOINT $S3_ACCESS_KEY $S3_SECRET_KEY
+fi
+
+# Create temporary directory for restore
+RESTORE_DIR="/backup/restore"
+mkdir -p $RESTORE_DIR
+
+# Get latest backup from S3
+LATEST_BACKUP=$(mc ls s3/$S3_BUCKET/ | sort -r | head -n1 | awk '{print $5}')
+if [ -z "$LATEST_BACKUP" ]; then
+    echo "No backup found in S3"
+    exit 1
+fi
+
+# Download and extract backup
+mc cp "s3/$S3_BUCKET/$LATEST_BACKUP" "$RESTORE_DIR/"
+gunzip "$RESTORE_DIR/$LATEST_BACKUP"
+BACKUP_FILE="${RESTORE_DIR}/${LATEST_BACKUP%.*}"
+
+# Stop ETCD service (if running)
+pkill etcd || true
+sleep 5
+
+# Restore from snapshot
+etcdctl snapshot restore "$BACKUP_FILE" \
+    --data-dir /bitnami/etcd/data
+
+# Fix permissions
+chmod 700 -R /bitnami/etcd
+chown -R 1001:1001 /bitnami/etcd
+
+# Clean up
+rm -rf $RESTORE_DIR
+
+echo "Restore completed successfully at $(date)"

docker-entrypoint.sh

@@ -4,7 +4,15 @@ set -e
 # Ensure the data directory exists with correct permissions
 mkdir -p /bitnami/etcd/data
 chmod 700 -R /bitnami/etcd
-chown -R 1000:1000 /bitnami/etcd
+chown -R 1001:1001 /bitnami/etcd
+
+# Initialize backup system if enabled and environment variables are set
+BACKUP_ENABLED=${BACKUP_ENABLED:-true}
+if [ "$BACKUP_ENABLED" = "true" ] && [ ! -z "$S3_ENDPOINT" ] && [ ! -z "$S3_ACCESS_KEY" ] && [ ! -z "$S3_SECRET_KEY" ] && [ ! -z "$S3_BUCKET" ]; then
+    /usr/local/bin/init-backup.sh
+else
+    echo "Backup system not enabled or missing required S3 environment variables"
+fi
 
 # Call the original entrypoint with all arguments
 exec /opt/bitnami/scripts/etcd/entrypoint.sh "$@"