#!/bin/bash
#
# Backup nightly du PostgreSQL Karbé vers MinIO.
# Lancé par un systemd timer (karbe-backup.timer).
#
# Rétention 30 jours côté MinIO (s'appuyer sur une lifecycle policy ou un
# nettoyage côté `mc rm` planifié — TODO si on veut être propre).

set -euo pipefail

STAMP=$(date -u +%Y%m%d-%H%M%S)
DUMP_DIR=/tmp/karbe-backup
DUMP_FILE="$DUMP_DIR/karbe-${STAMP}.sql.gz"
BUCKET_DEST="karbe-backups/postgres/karbe-${STAMP}.sql.gz"

mkdir -p "$DUMP_DIR"

# Dump compressé depuis le conteneur postgres
docker compose -f /home/ubuntu/karbe/docker-compose.prod.yml \
                -f /home/ubuntu/karbe/docker-compose.override.yml \
                exec -T postgres pg_dump -U karbe -d karbe \
  | gzip > "$DUMP_FILE"

SIZE=$(stat -c %s "$DUMP_FILE")
echo "[$(date -u +%FT%TZ)] dump created size=${SIZE}B path=${DUMP_FILE}"

# Push vers MinIO via mc Docker
docker run --rm --network karbe-net \
  --entrypoint /bin/sh \
  -v "$DUMP_DIR:/dump" \
  -e MINIO_ROOT_USER \
  -e MINIO_ROOT_PASSWORD \
  minio/mc:latest -c "
    mc alias set karbe http://minio:9000 \"\$MINIO_ROOT_USER\" \"\$MINIO_ROOT_PASSWORD\" >/dev/null 2>&1 && \
    mc mb karbe/karbe-backups --ignore-existing >/dev/null 2>&1 && \
    mc cp /dump/karbe-${STAMP}.sql.gz karbe/${BUCKET_DEST}
  "

echo "[$(date -u +%FT%TZ)] uploaded to karbe/${BUCKET_DEST}"

# Nettoyage local
rm -f "$DUMP_FILE"

# Rétention : supprime les backups > 30 jours dans MinIO
docker run --rm --network karbe-net \
  --entrypoint /bin/sh \
  -e MINIO_ROOT_USER \
  -e MINIO_ROOT_PASSWORD \
  minio/mc:latest -c "
    mc alias set karbe http://minio:9000 \"\$MINIO_ROOT_USER\" \"\$MINIO_ROOT_PASSWORD\" >/dev/null 2>&1 && \
    mc rm --recursive --force --older-than 30d karbe/karbe-backups/ 2>/dev/null || true
  "

echo "[$(date -u +%FT%TZ)] retention sweep done (>30d removed)"