#!/bin/bash # SSO Infrastructure Backup Script # Created by Ralph Loop Iteration 10 # Backs up all three SSO platforms set -e BACKUP_DIR="/srv/backups/sso-$(date +%Y%m%d-%H%M%S)" mkdir -p "$BACKUP_DIR" echo "==========================================" echo "SSO Infrastructure Backup" echo "==========================================" echo "Backup location: $BACKUP_DIR" echo "" # Backup Authentik echo "Backing up Authentik..." cd /srv/docker/authentik sudo docker compose exec -T postgresql pg_dump -U authentik authentik | gzip > "$BACKUP_DIR/authentik-db.sql.gz" sudo cp -r ./media "$BACKUP_DIR/authentik-media" 2>/dev/null || echo "No media files" sudo cp .env docker-compose.yml "$BACKUP_DIR/" echo "✅ Authentik backed up" # Backup Pangolin echo "Backing up Pangolin..." cd /srv/docker/pangolin sudo docker compose exec -T postgres pg_dump -U pangolin pangolin | gzip > "$BACKUP_DIR/pangolin-db.sql.gz" sudo cp config/config.yml .env docker-compose.yml "$BACKUP_DIR/" echo "✅ Pangolin backed up" # Backup Guacamole echo "Backing up Guacamole..." cd /srv/docker/guacamole sudo docker compose exec -T postgres pg_dump -U guacamole guacamole | gzip > "$BACKUP_DIR/guacamole-db.sql.gz" sudo cp initdb/initdb.sql .env docker-compose.yml "$BACKUP_DIR/" echo "✅ Guacamole backed up" # Backup Traefik dynamic config echo "Backing up Traefik configuration..." sudo cp /srv/docker/traefik/traefik_dynamic.yaml "$BACKUP_DIR/" echo "✅ Traefik config backed up" # Create backup manifest cat > "$BACKUP_DIR/MANIFEST.txt" << EOF SSO Infrastructure Backup Created: $(date -Iseconds) Hostname: $(hostname) Contents: - authentik-db.sql.gz - Authentik PostgreSQL database - authentik-media/ - Authentik media files - pangolin-db.sql.gz - Pangolin PostgreSQL database - guacamole-db.sql.gz - Guacamole PostgreSQL database - config.yml - Pangolin configuration - docker-compose.yml files for all services - .env files (CONTAINS SECRETS - PROTECT THIS BACKUP) - traefik_dynamic.yaml - Traefik routing configuration Restoration: See: /home/olaf/pangolin/RESTORE-GUIDE.md EOF # Set permissions chmod 600 "$BACKUP_DIR"/*.env 2>/dev/null || true chmod -R 700 "$BACKUP_DIR" echo "" echo "==========================================" echo "Backup Complete!" echo "==========================================" echo "Location: $BACKUP_DIR" echo "Size: $(du -sh $BACKUP_DIR | cut -f1)" echo "" echo "⚠️ This backup contains secrets (.env files)" echo " Store securely and encrypt if transmitted" echo "" echo "To restore: See /home/olaf/pangolin/RESTORE-GUIDE.md"