Skip to content
/ tergum Public

Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...)

43 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sikalabs/tergum

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

428 Commits
.github
.github
 
 
backup
backup
 
 
backup_log
backup_log
 
 
backup_output
backup_output
 
 
backup_process
backup_process
 
 
backup_process_utils
backup_process_utils
 
 
cloud
cloud
 
 
cmd
cmd
 
 
config
config
 
 
do_backup
do_backup
 
 
misc
misc
 
 
notification
notification
 
 
server
server
 
 
telemetry
telemetry
 
 
utils
utils
 
 
version
version
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.goreleaser.yml
.goreleaser.yml
 
 
Dockerfile.goreleaser
Dockerfile.goreleaser
 
 
Dockerfile.goreleaser.arm64v8
Dockerfile.goreleaser.arm64v8
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Tergum: Universal Backup Tool

SikaLabs SikaLabs SikaLabs

Why Tergum?

Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...). Tergum has native backup monitoring and alerts you when backup fails. Tergum also support backup encryption, compression and automatic recovery testing.

Tergum is under active development, not all features are already implemented. Check current project state

Do you want to start using Tergum? Give us a call

Let's discuss Tergum in your project in 30 min call

What "Tergum" means?

Tergum means backup in latin.

Tergum Cloud: Bring Your Backups into Cloud

Tergum Cloud allow you to manage your backup using UI & Terraform and store your backups securely in our AWS.

Are you interested in our public beta? Drop us email hello@sikalabs.com

Tergum Enterprise: Use Tergum Cloud in Your Private Infrastructure

Tergum Enterprise brings our cloud platform behind your filewall. For an inquiry, contact our sales sales@sikalabs.com

Install

Install using Brew:

brew install sikalabs/tap/tergum

Autocomplete

See: tergum completion

Bash

source <(tergum completion bash)

CLI Usage

Generated CLI Docs on Github

See: https://github.com/sikalabs/tergum-cli-docs/blob/master/tergum.md#tergum

Generate CLI Docs

Generate Markdown CLI docs to ./cobra-docs

tergum generate-docs

Tergum Config File

Tergum supports only JSON config file, but we're working on YAML support.

Config file examples are in misc/example/config directory

Basic Config Structure

Meta:
  SchemaVersion: 3
Cloud: <Cloud>
Notification: <Notification>
Backups:
  - <Backup>
  - <Backup>
  - ...

Backup Block

ID: <UniqueBackupID>
Source:
  Mysql: <BackupSourceMysqlConfiguration>
  MysqlServer: <BackupSourceMysqlServerConfiguration>
  Postgres: <BackupSourcePostgresConfiguration>
  PostgresServer: <BackupSourcePostgresServerConfiguration>
  Mongo: <BackupSourceMongoConfiguration>
  SingleFile: <BackupSourceSingleFileConfiguration>
  Dir: <BackupSourceDirConfiguration>
  KubernetesTLSSecret: <BackupSourceKubernetesTLSSecret>
  Kubernetes: <BackupSourceKubernetes>
  Notion: <BackupSourceNotion>
  FTP: <BackupSourceFTP>
  Redis: <BackupSourceRedis>
  Vault: <BackupSourceVault>
  Dummy: <BackupSourceDummy>
  Gitlab: <BackupSourceGitlab>
  Consul: <BackupSourceConsul>
Middlewares:
  - <MiddlewareConfiguration>
  - ...
Destinations:
  - ID: <UniqueBackupDestinationID>
    Middlewares:
      - <MiddlewareConfiguration>
      - ...
    FilePath: <BackupDestinationFilePathConfiguration>
    File: <BackupDestinationFileConfiguration>
    S3: <BackupDestinationS3Configuration>
    AzureBlob: <BackupDestinationAzureBlobConfiguration>
  - ...
SleepBefore: <sleep time befor backup job in seconds>

GzipMiddlewareConfiguration

Gzip: {}
SymmetricEncryption:
  Passphrase: "passphrase"

Example BackupSourceMysqlConfiguration Block

Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
Database: "default"

With extra args

Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
Database: "default"
MysqldumpExtraArgs:
  - --column-statistics=0

Example BackupSourceMysqlServerConfiguration Block

Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"

With extra args

Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
MysqldumpExtraArgs:
  - --column-statistics=0

Example BackupSourcePostgresConfiguration Block

Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
Database: "postgres"

With extra args

Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
Database: "postgres"
PgdumpExtraArgs:
  - --ignore-version

Example BackupSourcePostgresServerConfiguration Block

Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"

With extra args

Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
PgdumpallExtraArgs:
  - --ignore-version

Example BackupSourceMongoConfiguration Block

Dump all dbs & no auth

Host: "127.0.0.1"
Port: "27017"

Dump all dbs with auth

Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"

Dump single db with auth

Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"
Database: "test"

Dump single db with auth and custom Authentication Database

Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"
AuthenticationDatabase: "test" # default is admin
Database: "test"

Example BackupSourceKubernetesTLSSecret Block

Backup all TLS secrets

Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default

Backup single TLS secret

Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
SecretName: tls-example-com

Example BackupSourceKubernetes Block

Backup all resources (pods)

Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
Resource: pod

Backup single resource (hello-world pod)

Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
Resource: pod
Name: hello-world

Example BackupSourceSingleFileConfiguration Block

Path: /data/export/dump.sql

Example BackupSourceDirConfiguration Block

Path: /data

Example BackupSourceNotion Block

Token: <Notion token_v2>
SpaceID: <Notion Space UID>
Format: <Fotmat of export ("html" or "markdown")>

Example BackupSourceFTP Block

Host: <FTP host>
User: <FTP user>
Password: <FTP password>

Example BackupSourceRedis Block

Host: <host>
Port: <port>

Example BackupSourceVault Block

Addr: <vault address>
Token: <vault token>

Example BackupSourceDummy Block

Content: <backup content>

Example BackupSourceGitlab Block

NamePrefix: <prefix Gitlab backup file in /var/opt/gitlab/backups>
Skip: <skip (for example registry)>

Example BackupSourceConsul Block

Addr: <host>
Token: <token>

Example without ACL

Addr: http://127.0.0.1:8500

Example with ACL requires token

Addr: http://127.0.0.1:8500
Token: 51047cd1-c243-a969-2bf1-a845405e4da9

Example BackupDestinationFilePathConfiguration Block

Path: "/backup/mysql-default.sql"

Example BackupDestinationFileConfiguration Block

Dir: "/backup/"
Prefix: "mysql-default"
Suffix: "sql"

Example BackupDestinationS3Configuration Block

AWS:

AccessKey: "admin"
SecretKey: "asdfasdf"
Endpoint: "https://minio.example.com"
BucketName: "tergum-backups"
Prefix: "mysql-default"
Suffix: "sql"

Minio:

accessKey: "aws_access_key_id"
secretKey: "aws_secret_access_key"
region: "eu-central-1"
bucketName: "tergum-backups"
prefix: "mysql-default"
suffix: "sql"

Example BackupDestinationAzureBlobConfiguration Block

AccountName: account_name
AccountKey: account_key
ContainerName: container_name
Prefix: "mysql-default"
Suffix: "sql"

Notification Block

Backends: {
  Email:  <NotificationBackendEmail>
Target:
  - <NotificationTarget>
  - <NotificationTarget>
  - ...

Example NotificationBackendEmail Block

SmtpHost: "mail.example.com"
SmtpPort: "25"
Usename: "aaa"
Password: "aaa/bbb"
From: "tergum@example.com"

NotificationTarget Block

Email: <NotificationEmailTarget>
SlackWebhook: <NotificationSlackWebhookTarget>

Example NotificationEmailTarget Block

Emails:
  - ondrej@example.com
  - monitoring@example.com
SendOK: false
  • SendOK=true will send email notification for all tergum runs (failed & OK runs)

Example NotificationSlackWebhookTarget Block

URLs:
  - https://hooks.slack.com/services/xxx/yyy/zzz
SendOK: false
  • SendOK=true will send email notification for all tergum runs (failed & OK runs)

Cloud Block

Email: <email of tergum cloud account>

Current Project State

Backup Sources

  • SingleFile
  • Files (Dir)
  • Postgres
  • PostgresServer
  • MySQL
  • MySQLServer
  • Oracle (Enterprise)
  • S3
  • Ceph RBD
  • CephFS
  • MongoDB
  • Gitlab
  • Proxmox
  • Kubernetes Resource
    • Kubernetes TLS Secret
  • Container Image
  • Redis
  • Notion
  • FTP Server (for old school hostings)
  • Hashicorp Vault
  • Hashicorp Consul
  • Dummy (for testing)

Passwords Sources

  • YAML
  • Environment Variables
  • Hashicorp Vault
  • AWS Secrets Manager
  • Azure Key Vault

Backup Processors

  • GZIP Compression
  • Symmetric Encryption
  • AsymmetricEncryption
  • GPG Encryption
  • GPG Signatures

Backup Storage

  • Files
  • S3
  • Tergum Cloud
  • Azure Blob
  • GCS (Google Cloud Storage)
  • Container Registry

Notification

  • Email
  • Slack
  • Microsoft Teams
  • Pagerduty

About

Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...)

Topics

mysql backup restore restore-database s3 backup-tool backup-database

Resources

Readme
Activity
Custom properties

Stars

43 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases 58

v0.35.0 Latest
Apr 8, 2023
+ 57 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

 
 
 

Contributors 2

  •  
  •  

Languages