deploy(M00-E): 补充备份恢复检查模板

2026-06-15 16:55:52 +08:00
parent c3be30d4c7
commit 292ab7f062
20 changed files with 151 additions and 21 deletions
@@ -39,7 +39,8 @@
 - Nginx：提供 `deploy/nginx/api.txyundm.cn.conf.template`，菜单第 4 项会检查模板、站点文件、TLS 和健康端点。
 - 证书：提供 `deploy/certbot/api.txyundm.cn.commands.md`，菜单第 4 项会检查 Certbot、证书文件、续期配置和 `certbot.timer`。
 - EMQX：提供 `deploy/emqx/install-ubuntu24-amd64.md`、ACL 模板和授权模板，菜单第 3 项会检查命令、服务、端口和模板。
- 非交互检查：`setup.sh --preflight`、`setup.sh --status`、`setup.sh --https`、`setup.sh --mqtt`、`setup.sh --diagnose`。
+- 备份：提供 `deploy/backup/backup-policy.template.json` 和 `deploy/backup/backup-restore-runbook.md`，菜单第 6 项仍只写 manifest；`setup.sh --backup-status` 可检查工具、目录和模板。
+- 非交互检查：`setup.sh --preflight`、`setup.sh --status`、`setup.sh --https`、`setup.sh --mqtt`、`setup.sh --backup-status`、`setup.sh --diagnose`。
 - 状态：显示部署上下文、快检、仓库状态和当前 release manifest。
 - 备份：当前生成 manifest-only 备份记录，不触碰真实数据库。
 - 恢复/回滚：列出人工输入和回滚点，不自动改动生产数据。
@@ -1 +1 @@
-0.1.3-m00-emqx-check
+0.1.4-m00-backup-check
@@ -0,0 +1,30 @@
+{
+  "version": "0.1.4-m00-backup-check",
+  "retention": {
+    "daily": 7,
+    "weekly": 4,
+    "monthly": 3
+  },
+  "targets": {
+    "mysql": {
+      "enabled": false,
+      "database": "qipai",
+      "output": "/opt/apps/backups/mysql",
+      "command": "mysqldump --single-transaction --routines --triggers --events qipai"
+    },
+    "emqx": {
+      "enabled": false,
+      "output": "/opt/apps/backups/emqx",
+      "command": "emqx ctl data export"
+    },
+    "uploads": {
+      "enabled": false,
+      "source": "/opt/apps/uploads",
+      "output": "/opt/apps/backups/files"
+    }
+  },
+  "notes": [
+    "This template contains no real passwords or production paths outside /opt/apps.",
+    "Enable targets only on production Ubuntu after credentials and retention policy are confirmed."
+  ]
+}
@@ -0,0 +1,37 @@
+# Backup And Restore Runbook
+
+M00 provides checks and templates only. Production backups must be enabled by the Ubuntu administrator after database credentials, upload paths and EMQX configuration are confirmed.
+
+## Backup Targets
+
+- MySQL logical dump: `/opt/apps/backups/mysql`
+- EMQX data export: `/opt/apps/backups/emqx`
+- Uploaded files archive: `/opt/apps/backups/files`
+- Manual manifests: `/opt/apps/backups/manual`
+
+## Backup Check
+
+```bash
+/opt/apps/setup.sh --backup-status
+```
+
+## Manual Commands
+
+The commands below are examples for the production administrator. Do not store real credentials in Git.
+
+```bash
+mysqldump --single-transaction --routines --triggers --events qipai > /opt/apps/backups/mysql/qipai-YYYYmmddHHMMSS.sql
+emqx ctl data export
+tar -C /opt/apps -czf /opt/apps/backups/files/uploads-YYYYmmddHHMMSS.tgz uploads
+```
+
+## Restore Outline
+
+1. Stop the backend process through PM2 after confirming a maintenance window.
+2. Verify the selected backup files and hashes.
+3. Restore MySQL into a staging database before production.
+4. Restore EMQX export and restart EMQX.
+5. Restore uploads into `/opt/apps/uploads`.
+6. Run API, admin, miniapp and MQTT smoke checks.
+
+Automatic production restore is intentionally disabled in M00.