docker-pgbackrest
pgBackRest inside Docker can be useful when you using Dedicated Repository Host or inside CI/CD systems.
The repository contains information for the last 5 releases of pgBackRest. If necessary to use an older version - do a manual build.
Supported pgBackRest version tags:
2.41
,latest
2.41-alpine
2.40
2.40-alpine
2.39
2.39-alpine
2.38
2.38-alpine
2.37
2.37-alpine
The image is based on the official ubuntu or alpine image. For ubuntu image each version of pgBackRest builds from the source code in a separate builder
container. For alpine image each version of pgBackRest builds from the source code in container using virtual package .backrest-build
.
The image contains pgbackrest-bash-completion script. You can complete pgbackrest
commands by pressing tab key.
Environment variables supported by this image:
TZ
- container's time zone, defaultEtc/UTC
;BACKREST_USER
- non-root user name for execution of the command, defaultpgbackrest
;BACKREST_UID
- UID of internal${BACKREST_USER}
user, default2001
;BACKREST_GROUP
- group name of internal${BACKREST_USER}
user, defaultpgbackrest
;BACKREST_GID
- GID of internal${BACKREST_USER}
user, default2001
;BACKREST_HOST_TYPE
- repository host protocol type, defaultssh
, available values:ssh
,tls
;BACKREST_TLS_WAIT
- waiting for TLS server startup in seconds whenBACKREST_HOST_TYPE=tls
, default15
;BACKREST_TLS_SERVER
- start container as pgBackRest TLS server, defaultdisable
, available values:disable
,enable
.
Pull
Change tag
to to the version you need.
- Docker Hub:
docker pull woblerr/pgbackrest:tag
docker pull woblerr/pgbackrest:tag-alpine
- GitHub Registry:
docker pull ghcr.io/woblerr/pgbackrest:tag
docker pull ghcr.io/woblerr/pgbackrest:tag-alpine
Run
You will need to mount the necessary directories or files inside the container (or use this image to build your own on top of it).
Simple
docker run --rm pgbackrest:2.41 pgbackrest help
Injecting inside
docker run --rm -it pgbackrest:2.41 bash
pgbackrest@cac1f58b56f2:/$ pgbackrest version
pgBackRest 2.41
Example for Dedicated Repository Host
Host USER:GROUP
- pgbackrest:pgbackrest
, UID:GID
- 1001:1001
. Backups are stored locally under the user pgbackrest
.
Use SSH
docker run --rm \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-v ~/.ssh/id_rsa:/home/pgbackrest/.ssh/id_rsa \
-v /etc/pgbackrest:/etc/pgbackrest \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
pgbackrest:2.41 \
pgbackrest backup --stanza demo --type full --log-level-console info
And and the same time for old pgBackRest version:
docker run --rm \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-v ~/.ssh/id_rsa:/home/pgbackrest/.ssh/id_rsa \
-v /etc/pgbackrest:/etc/pgbackrest \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
pgbackrest:2.30 \
pgbackrest backup --stanza demo-old --type full --log-level-console info
Use TLS
Available only for pgBackRest version >= 2.37
.
There are two mode for using TLS for communication.
-
Run container as pgBackRest TLS server.
You need to set
BACKREST_TLS_SERVER=enable
.The variables
BACKREST_HOST_TYPE
andBACKREST_TLS_WAIT
do not affect this startup mode. -
Run container with TLS server in background for pgBackRest execution over TLS.
You need to set
BACKREST_HOST_TYPE=tls
.Using
BACKREST_TLS_WAIT
, you can change the TLS server startup waiting. By default, checking that the TLS server is running will be performed after15 seconds
.The variable should be
BACKREST_TLS_SERVER=disable
.
TLS server configuration is described in the pgBackRest documentation.
Run container as pgBackRest TLS server
docker run -d \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-e BACKREST_TLS_SERVER=enable \
-v /etc/pgbackrest:/etc/pgbackrest \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
-p 8432:8432 \
--name backrest_server \
pgbackrest:2.41
Run container with TLS server in background for pgBackRest execution over TLS
docker run --rm \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-e BACKREST_HOST_TYPE=tls \
-v /etc/pgbackrest:/etc/pgbackrest \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
pgbackrest:2.41 \
pgbackrest backup --stanza demo --type full --log-level-console info
Example for backup to local path for PostgreSQL running locally in Chicago
PostgreSQL run from user postgres:postgres
with UID:GID 1001:1001
. PostgreSQL data path - /var/lib/postgresql/12/main
, pgBackRest backup path - /var/lib/pgbackrest
.
docker run --rm \
-e BACKREST_USER=postgres \
-e BACKREST_UID=1001 \
-e BACKREST_GROUP=postgres \
-e BACKREST_GID=1001 \
-e TZ=America/Chicago \
-v /etc/pgbackrest/pgbackrest.conf:/etc/pgbackrest/pgbackrest.conf \
-v /var/lib/postgresql/12/main:/var/lib/postgresql/12/main \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
-v /var/run/postgresql/.s.PGSQL.5432:/var/run/postgresql/.s.PGSQL.5432 \
pgbackrest:2.41 \
pgbackrest backup --stanza demo --type full --log-level-console info
Example for backup to local path for PostgreSQL running remote over TLS
PostgreSQL run on remote host. Сommunication between hosts via TLS. pgBackRest path for backup and WAL files - /var/lib/pgbackrest
.
Run the container as a TLS server. After that, remote PostgreSQL will be able to archive WAL files.
docker run -d \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-e BACKREST_TLS_SERVER=enable \
-v /etc/pgbackrest/pgbackrest.conf:/etc/pgbackrest/pgbackrest.conf \
-v /etc/pgbackrest/cert:/etc/pgbackrest/cert \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
-p 8432:8432 \
--name backrest_server \
pgbackrest:2.41
Performing a backup:
docker run --rm \
-e BACKREST_UID=1001 \
-e BACKREST_GID=1001 \
-e BACKREST_HOST_TYPE=tls \
-v /etc/pgbackrest/pgbackrest.conf:/etc/pgbackrest/pgbackrest.conf \
-v /etc/pgbackrest/cert:/etc/pgbackrest/cert \
-v /var/lib/pgbackrest:/var/lib/pgbackrest \
pgbackrest:2.41 \
pgbackrest backup --stanza demo --type full --log-level-console info
Build
make build_version TAG=2.41
make build_version_alpine TAG=2.41
or
docker build -f Dockerfile --build-arg BACKREST_VERSION=2.41 --build-arg BACKREST_COMPLETION_VERSION=v0.8 -t pgbackrest:2.41 .
docker build -f Dockerfile.alpine --build-arg BACKREST_VERSION=2.41 --build-arg BACKREST_COMPLETION_VERSION=v0.8 -t pgbackrest:2.41-alpine .
Running tests
Run the end-to-end tests:
make test-e2e
See tests description.