Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create backup action #171

Closed
Closed
Show file tree
Hide file tree
Changes from 23 commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
2d4e010
Create S3 client interface without resource for consistency
javierdelapuente Jan 30, 2024
455c95d
Remove self hosted runner
javierdelapuente Jan 30, 2024
7789454
Add self hosted runners again
javierdelapuente Jan 30, 2024
b77f9b1
WIP backup created using bash with tar, gpg and aws cli
javierdelapuente Jan 30, 2024
7cba784
More unit tests and minor refactoring for backup
javierdelapuente Jan 30, 2024
3bde660
Add noset to name of passphrase file
javierdelapuente Jan 30, 2024
e21fc0a
Remove wrong file
javierdelapuente Jan 31, 2024
3a0b520
Integration tests for create-backup
javierdelapuente Jan 31, 2024
804d5a1
Correct message in assert
javierdelapuente Jan 31, 2024
3dcc351
Code reordering and minor improvements
javierdelapuente Jan 31, 2024
f3f6c98
Add how-to for backup
javierdelapuente Jan 31, 2024
c42fef6
Add comment for the files/dirs to back up.
javierdelapuente Jan 31, 2024
421e7c6
Improving format in doc
javierdelapuente Jan 31, 2024
9706988
Missing src-docs
javierdelapuente Jan 31, 2024
85b62b9
Merge branch 'main' into ISD-1480-synapse-create-backup-action-workload
javierdelapuente Jan 31, 2024
38d8a01
Refactor S3 client, new class and use s3 client instead of resource
javierdelapuente Jan 31, 2024
4c774e4
Fix typo in test
javierdelapuente Jan 31, 2024
ab8f74c
Remove unneded pylint to disable protected access
javierdelapuente Jan 31, 2024
ae31edb
Add pylint disable protected access in test
javierdelapuente Jan 31, 2024
1f3ebac
Merge branch 'ISD-1480-synapse-refactor-s3-client' into ISD-1480-syna…
javierdelapuente Jan 31, 2024
5d33dda
Create backup key in backup instead of backup_observer
javierdelapuente Feb 1, 2024
0b85975
Merge branch 'main' into ISD-1480-synapse-create-backup-action-workload
javierdelapuente Feb 1, 2024
9ebff9e
Rename backup_key to backup_id everywhere
javierdelapuente Feb 1, 2024
b222101
Put passphrase file for gpg in Synapse config dir
javierdelapuente Feb 2, 2024
ca936d7
Merge branch 'main' into ISD-1480-synapse-create-backup-action-workload
javierdelapuente Feb 2, 2024
78718d2
Remove self hosted runners from integ tests
javierdelapuente Feb 5, 2024
9060821
Merge branch 'main' into ISD-1480-synapse-create-backup-action-workload
merkata Feb 6, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions actions.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,3 +41,6 @@ promote-user-admin:
description: |
User name to be promoted to admin.
type: string
create-backup:
description: |
Creates a backup to s3 storage.
3 changes: 3 additions & 0 deletions config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ options:
description: |
Allows any other homeserver to fetch the server's public rooms directory
via federation.
backup_passphrase:
type: string
description: Passphrase used to encrypt a backup using gpg with symmetric key.
enable_mjolnir:
type: boolean
default: false
Expand Down
36 changes: 36 additions & 0 deletions docs/how-to/backup.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# How to back up Synapse

This document shows how to back up Synapse.

## Deploy s3-integrator charm

Synapse gets backed up to a S3 compatible object storage. To get the credentials, the `s3-integrator` is used. Refer to
[s3-integrator](https://charmhub.io/s3-integrator/) for specific configuration options.

```
juju deploy s3-integrator --channel edge
juju config s3-integrator endpoint=<s3 endpoint> bucket=<bucket name> path=<optional-path> region=<region> s3-uri-style=<path or host>
juju run s3-integrator/leader sync-s3-credentials access-key=<access-key> secret-key=<secret-key>
```

Integrate with Synapse with:

`juju integrate synapse:backup s3-integrator`

## Configure the passphrase

The backup will be encrypted before being sent using symmetric encryption. You need
to set the desired password with:
```
juju config synapse backup_passphrase=<secret passphase>
```

## Run the backup

Run the backup with the next command:
```
juju run synapse/leader create-backup
```

A new object should be placed in the S3 compatible object storage. This file is a tar
file encrypted with the `gpg` command.
141 changes: 138 additions & 3 deletions src-docs/backup.py.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,149 @@
# <kbd>module</kbd> `backup.py`
Provides backup functionality for Synapse.

**Global Variables**
---------------
- **AWS_COMMAND**
- **BACKUP_FILE_PATTERNS**
- **MEDIA_DIR**
- **LOCAL_DIR_PATTERN**
- **S3_MAX_CONCURRENT_REQUESTS**
- **PASSPHRASE_FILE**
- **BASH_COMMAND**
- **BACKUP_ID_FORMAT**

---

<a href="../src/backup.py#L162"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

## <kbd>function</kbd> `paths_to_args`

```python
paths_to_args(paths: Iterable[str]) → str
```

Given a list of paths, quote and concatenate them for use as cli arguments.



**Args:**

- <b>`paths`</b>: List of paths



**Returns:**
paths concatenated and quoted


---

<a href="../src/backup.py#L174"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

## <kbd>function</kbd> `get_paths_to_backup`

```python
get_paths_to_backup(container: Container) → Iterable[str]
```

Get the list of paths that should be in a backup for Synapse.



**Args:**

- <b>`container`</b>: Synapse Container.



**Returns:**
Iterable with the list of paths to backup.


---

<a href="../src/backup.py#L193"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

## <kbd>function</kbd> `calculate_size`

```python
calculate_size(container: Container, paths: Iterable[str]) → int
```

Return the combined size of all the paths given.



**Args:**

- <b>`container`</b>: Container where to check the size of the paths.
- <b>`paths`</b>: Paths to check.



**Returns:**
Total size in bytes.



**Raises:**

- <b>`BackupError`</b>: If there was a problem calculating the size.


---

<a href="../src/backup.py#L315"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

## <kbd>function</kbd> `create_backup`

```python
create_backup(
container: Container,
s3_parameters: S3Parameters,
passphrase: str,
backup_id: Optional[str] = None
) → str
```

Create a backup for Synapse running it in the workload.



**Args:**

- <b>`container`</b>: Synapse Container
- <b>`s3_parameters`</b>: S3 parameters for the backup.
- <b>`passphrase`</b>: Passphrase use to encrypt the backup.
- <b>`backup_id`</b>: Name of the object in the backup. It will be autogenerated if it is not set.



**Returns:**
The backup key used for the backup.



**Raises:**

- <b>`BackupError`</b>: If there was an error creating the backup.


---

## <kbd>class</kbd> `BackupError`
Generic backup Exception.





---

## <kbd>class</kbd> `S3Client`
S3 Client Wrapper around boto3 library.

<a href="../src/backup.py#L77"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
<a href="../src/backup.py#L106"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

### <kbd>function</kbd> `__init__`

Expand All @@ -33,7 +168,7 @@ Initialize the S3 client.

---

<a href="../src/backup.py#L116"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
<a href="../src/backup.py#L145"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

### <kbd>function</kbd> `can_use_bucket`

Expand Down Expand Up @@ -87,7 +222,7 @@ Translates s3_uri_style to AWS addressing_style.

---

<a href="../src/backup.py#L44"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
<a href="../src/backup.py#L73"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

### <kbd>classmethod</kbd> `check_endpoint_or_region_set`

Expand Down
2 changes: 1 addition & 1 deletion src-docs/backup_observer.py.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ S3 Backup relation observer for Synapse.
## <kbd>class</kbd> `BackupObserver`
The S3 backup relation observer.

<a href="../src/backup_observer.py#L25"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
<a href="../src/backup_observer.py#L28"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>

### <kbd>function</kbd> `__init__`

Expand Down
Loading
Loading