Tergum
Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...)
Install / Use
/learn @sikalabs/TergumREADME
Why Tergum?
Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...). Tergum has native backup monitoring and alerts you when backup fails. Tergum also support backup encryption, compression and automatic recovery testing.
Tergum is under active development, not all features are already implemented. Check current project state
Do you want to start using Tergum? Give us a call
Let's discuss Tergum in your project in 30 min call
What "Tergum" means?
Tergum means backup in latin.
Tergum Cloud: Bring Your Backups into Cloud
Tergum Cloud allow you to manage your backup using UI & Terraform and store your backups securely in our AWS.
Are you interested in our public beta? Drop us email hi@sikalabs.com
Tergum Enterprise: Use Tergum Cloud in Your Private Infrastructure
Tergum Enterprise brings our cloud platform behind your filewall. For an inquiry, contact our sales sales@sikalabs.com
Install
Install using Brew:
brew install sikalabs/tap/tergum
On Linux (amd64):
curl -fsSL https://raw.githubusercontent.com/sikalabs/tergum/master/install.sh | sudo sh
Using scoop on Windows:
scoop install https://raw.githubusercontent.com/sikalabs/scoop-bucket/master/tergum.json
Autocomplete
See: tergum completion
Bash
source <(tergum completion bash)
CLI Usage
Generated CLI Docs on Github
See: https://github.com/sikalabs/tergum-cli-docs/blob/master/tergum.md#tergum
Generate CLI Docs
Generate Markdown CLI docs to ./cobra-docs
tergum generate-docs
Tergum Config File
Tergum supports only JSON config file, but we're working on YAML support.
Config file examples are in misc/example/config directory
Basic Config Structure
Meta:
SchemaVersion: 3
Settings: <Settings>
Cloud: <Cloud>
Notification: <Notification>
Telemetry: <Telemetry>
Backups:
- <Backup>
- <Backup>
- ...
Backup Block
ID: <UniqueBackupID>
Source:
Mysql: <BackupSourceMysqlConfiguration>
MysqlServer: <BackupSourceMysqlServerConfiguration>
Postgres: <BackupSourcePostgresConfiguration>
PostgresServer: <BackupSourcePostgresServerConfiguration>
Mongo: <BackupSourceMongoConfiguration>
SingleFile: <BackupSourceSingleFileConfiguration>
Dir: <BackupSourceDirConfiguration>
KubernetesTLSSecret: <BackupSourceKubernetesTLSSecret>
Kubernetes: <BackupSourceKubernetes>
Notion: <BackupSourceNotion>
FTP: <BackupSourceFTP>
Redis: <BackupSourceRedis>
Vault: <BackupSourceVault>
Dummy: <BackupSourceDummy>
Gitlab: <BackupSourceGitlab>
Consul: <BackupSourceConsul>
Middlewares:
- <MiddlewareConfiguration>
- ...
Destinations:
- ID: <UniqueBackupDestinationID>
Middlewares:
- <MiddlewareConfiguration>
- ...
FilePath: <BackupDestinationFilePathConfiguration>
File: <BackupDestinationFileConfiguration>
S3: <BackupDestinationS3Configuration>
AzureBlob: <BackupDestinationAzureBlobConfiguration>
Telegram: <BackupDestinationTelegramConfiguration>
- ...
SleepBefore: <sleep time befor backup job in seconds>
GzipMiddlewareConfiguration
Gzip: {}
SymmetricEncryption:
Passphrase: "passphrase"
Example BackupSourceMysqlConfiguration Block
Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
Database: "default"
With extra args
Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
Database: "default"
MysqldumpExtraArgs:
- --column-statistics=0
Example BackupSourceMysqlServerConfiguration Block
Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
With extra args
Host: "127.0.0.1"
Port: "3306"
User: "root"
Password: "root"
MysqldumpExtraArgs:
- --column-statistics=0
Example BackupSourcePostgresConfiguration Block
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
Database: "postgres"
With extra args
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
Database: "postgres"
PgdumpExtraArgs:
- --ignore-version
With SSL mode
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
Database: "postgres"
SSLMode: "require"
Example BackupSourcePostgresServerConfiguration Block
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
With extra args
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
PgdumpallExtraArgs:
- --ignore-version
With SSL mode
Host: "127.0.0.1"
Port: "15432"
User: "postgres"
Password: "pg"
SSLMode: "require"
Example BackupSourceMongoConfiguration Block
Dump all dbs & no auth
Host: "127.0.0.1"
Port: "27017"
Dump all dbs with auth
Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"
Dump single db with auth
Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"
Database: "test"
Dump single db with auth and custom Authentication Database
Host: "127.0.0.1"
Port: "27017"
User: "root"
Password: "root"
AuthenticationDatabase: "test" # default is admin
Database: "test"
Example BackupSourceKubernetesTLSSecret Block
Backup all TLS secrets
Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
Backup single TLS secret
Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
SecretName: tls-example-com
Example BackupSourceKubernetes Block
Backup all resources (pods)
Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
Resource: pod
Backup single resource (hello-world pod)
Server: https://kubernetes-api.example.com
Token: foo-bar-baz
Namespace: default
Resource: pod
Name: hello-world
Example BackupSourceSingleFileConfiguration Block
Path: /data/export/dump.sql
Example BackupSourceDirConfiguration Block
Path: /data
Excludes:
- /data/tmp
Example BackupSourceNotion Block
Token: <Notion token_v2>
SpaceID: <Notion Space UID>
Format: <Fotmat of export ("html" or "markdown")>
Example BackupSourceFTP Block
Host: <FTP host>
User: <FTP user>
Password: <FTP password>
Example BackupSourceRedis Block
Host: <host>
Port: <port>
Example BackupSourceVault Block
Addr: <vault address>
Token: <vault token>
Headers: <map[string]string of headers, optional>
example with cloudflare access headers
Addr: https://vault.corp.com
Token: s.1234567890
Headers:
CF-Access-Client-ID: xxx1234567890
CF-Access-Client-Secret: xxx123456789
Example BackupSourceDummy Block
Content: <backup content>
Example BackupSourceGitlab Block
NamePrefix: <prefix Gitlab backup file in /var/opt/gitlab/backups>
Skip: <skip (for example registry)>
- Gitlab Docs about SKIP - https://docs.gitlab.com/ee/administration/backup_restore/backup_gitlab.html?tab=Linux+package+%28Omnibus%29#excluding-specific-data-from-the-backup
Example BackupSourceConsul Block
Addr: <host>
Token: <token>
Example without ACL
Addr: http://127.0.0.1:8500
Example with ACL requires token
Addr: http://127.0.0.1:8500
Token: 51047cd1-c243-a969-2bf1-a845405e4da9
Example BackupDestinationFilePathConfiguration Block
Path: "/backup/mysql-default.sql"
Example BackupDestinationFileConfiguration Block
Dir: "/backup/"
Prefix: "mysql-default"
Suffix: "sql"
Example BackupDestinationS3Configuration Block
AWS:
AccessKey: "admin"
SecretKey: "asdfasdf"
Endpoint: "https://minio.example.com"
BucketName: "tergum-backups"
Prefix: "mysql-default"
Suffix: "sql"
Minio:
accessKey: "aws_access_key_id"
secretKey: "aws_secret_access_key"
region: "eu-central-1"
bucketName: "tergum-backups"
prefix: "mysql-default"
suffix: "sql"
Minio with 3 retries:
You can set UploadRetries (default is 0) to retry upload in case of error.
accessKey: "aws_access_key_id"
secretKey: "aws_secret_access_key"
region: "eu-central-1"
bucketName: "tergum-backups"
prefix: "mysql-default"
suffix: "sql"
UploadRetries: 3
Example BackupDestinationAzureBlobConfiguration Block
AccountName: account_name
AccountKey: account_key
ContainerName: container_name
Prefix: "mysql-default"
Suffix: "sql"
Example BackupDestinationTelegramConfiguration Block
BotToken: "123456789:ABC-DEF1234ghIkl-zyx57W2v1u123ew11"
ChatID: -123456789
FileName: "backup.sql"
Notification Block
Backends: {
Email: <NotificationBackendEmail>
Target:
- <NotificationTarget>
- <NotificationTarget>
- ...
Example NotificationBackendEmail Block
SmtpHost: "mail.example.com"
SmtpPort: "25"
Usename: "aaa"
Password: "aaa/bbb"
From: "tergum@example.com"
NotificationTarget Block
Email: <NotificationEmailTarget>
SlackWebhook: <
