Stack
| Komponentas | Vertė |
|---|---|
| Įrankis | restic — encrypted, deduplicated |
| Destinacija | Cloudflare R2 (S3-compatible, EEUR regionas) |
| Bucket | play-army-backups |
| Šifravimas | AES-256 + Poly1305 (restic native) |
| Grafikas | Kasdien 03:00 UTC |
| Retention | 7 daily, 4 weekly, 3 monthly |
Kas backupinama
| Path | Turinys |
|---|---|
/var/www/pterodactyl | Panel kodas + .env |
/var/lib/pterodactyl | Wings + game server volumes (DayZ persistence) |
/var/backups/db | MariaDB dump (atnaujinamas prieš kiekvieną backup) |
/etc | Visos sistemos konfigūracijos |
Excluded: *.tmp, *.log, Docker volume cache, .steam katalogai.
Automatizacija
systemd timer (03:00 UTC)
→ play-army-backup.service
→ restic-backup.sh
1. mysqldump → /var/backups/db/
2. restic backup (encrypted)
3. restic forget --prune (retention)
4. restic check (integrity)
5. ntfy alert (OK/FAIL)
Jei backup failina — OnFailure=play-army-alert@backup.service siunčia urgent ntfy pranešimą.
Restore drill
Mėnesinis automatinis restore drill tikrina, ar backup’ai tikrai veikia:
systemd timer (monthly)
→ play-army-restore-drill.service
→ restic-restore-drill.sh
1. restic restore latest → /tmp/restore-drill/
2. SHA256 checksum tikrinimas prieš live failus
3. ntfy alert su drill rezultatu
Pirmas sėkmingas drill: 2026-05-05 03:56 UTC (trukmė: 2s).
Failai
| Skriptas | Paskirtis |
|---|---|
restic-backup.sh | Pagrindinis backup |
restic-restore-drill.sh | Monthly restore drill |
install-restic-backup.sh | Vienkartinis installer |
Kredencialai saugomi tik VPS:
/etc/restic/r2.env(perms 600 root:root). Nėra Git’e.