springboot>> secure-backup>> 返回
项目作者: oscaroox

项目描述 :
Securely backup your mysql, postgres database with asymmetric encryption
高级语言: JavaScript
项目地址: git://github.com/oscaroox/secure-backup.git
创建时间: 2017-02-04T23:49:43Z
项目社区:https://github.com/oscaroox/secure-backup
开源协议:MIT License
下载


secure-backup

Standard - JavaScript Style Guide

secure-backup is a nodejs module which you can use to safely encrypt your mysql or postgres database backups with asymmetric encryption.
your backups will never touch your server disk without being encrypted first, you can also directly upload your backup directly to aws s3 storage.
To use this module it is required to have a public/private key pair.
Secure-backup uses openssl smime to encrypt your backups you can decrypt your backups using your private key.

Table of Contents

Install

  1.  npm install secure-backup

Requirements

secure-backup needs the following software/files to work properly and must be in your env Path

  • openssl (required)
  • a public/private key pair (required)
  • gzip (optional)
  • nodejs v4+
  • postgres/mysql (required)
  • aws-sdk v2.1.0+ (optional)

Decryption

example decrypting a gzip compressed backup using openssl smime
you can omit the -binary flag if you didn’t use compression.

  1. openssl smime -decrypt -in 2017-01-25:23:21:22-mysql_dump.sql.gz.enc \
  2. -binary -inform DEM inkey private.pem -out mysql_dump.sql.gz

using gzip to decompress a backup

  1. gzip -d mysql_dump.sql.gz

if all went well you should be able to read the .sql file and restore your backup.

Quick example

Basic example.

  1. let secureBackup = require('secure-backup');
  2. let pgHandler = require('secure-backup/lib/handlers/pg')
  3. let backup = secureBackup({
  4.   pubKeyPath: '/path/to/postgres_backup.pub.pem', // path to your public key
  5.   outputPath: '/path/to/output/', // where to output your encrypted backup
  6.   compress: true, // enable compression (gzip)
  7.   handler: pgHandler({
  8.     user: 'postgres',
  9.     database: 'my_database'
  10.   })
  11. })
  12. backup() // can be invoked directly
  14. // or used with a cron-job module like node-schedule
  15. let schedule = nodeSchedule.scheduleJob('0 4 8-14 * *', backup)

Example with s3

  1. let secureBackup = require('secure-backup')
  2. let mysqlHandler = require('secure-backup/lib/handlers/mysql')
  3. let s3Handler = require('secure-backup/lib/handlers/s3')
  4. let aws = require('aws-sdk')
  6. let backup = secureBackup({
  7.   pubKeyPath: '/path/to/postgres_backup.pub.pem', // path to your public key
  8.   compress: true, // enable compression (gzip)
  9.   handler: mysqlHandler({
  10.     user: 'mysql_user',
  11.     password: 'my_password', // you can also pass in the password,
  12.     database: 'my_database'
  13.   }),
  14.   s3: s3Handler({
  15.     handler: new aws.S3(),
  16.     bucket: 'my_bucket'
  17.   })
  18. })
  19. backup() // can be invoked directly
  21. // or used with a cron-job module like node-schedule
  22. let nodeSchedule = require('node-schedule')
  23. let schedule = nodeSchedule.scheduleJob('0 4 8-14 * *', backup)

Usage

Before using this module you will need to generate a public/private key pair.

secureBackup({options})

options
pubKeyPath

Path to public key, absolute path recommended
Type: string (required)

outputPath

Where to store the encrypted backup locally, can be omitted when using s3 otherwise required.
absolute path recommended
Type: string (optional | required)
default: null

outputName

What to name the backup should have a extension like .sql or something else.
will be concatenated with a timestamp in the format YYYY-MM-DD:HH:MM:SS
when omitted will use the a default name depending on postgres/mysql handler
Type: string (optional)
default: pg_dump.sql/mysql_dump.sql

handler

What database handler to use.
Type: function (required)

compress

will use gzip to compress your backup
Type: Boolean (optional)
default: false

s3

outputPath should be omitted when using the s3 handler.
Type: function (optional)
default: null

  1.  let secureBackup = require('secure-backup')
  2.  let pgHandler = require('secure-backup/libs/handlers/pg')
  3.  let s3Handler = require('secure-backup/libs/handlers/s3')
  4.  let backup = secureBackup({
  5.     pubKeyPath: '/path/to/key.pub.pem',
  6.     outputPath: '/path/to/output/',
  7.     outputName: 'my_backup.sql',
  8.     handler: pgHander(...),
  9.     compress: true,
  10.     s3: s3Handler(...)
  11.  })

pgHandler({options}) / mysqlHandler({options})

options
user

postgres/mysql user
Type: string (required)

password

postgres/mysql password, can be omitted when using a .pgaccess or .my.cnf file
Type: string (optional)
default: null

database

what database to backup
Type: string (required)

  1. let dbHandler = require('secure-backup/lib/handlers/pg') // or mysql require('secure-backup/lib/handlers/mysql')
  2. ...
  3.  dbHandler({
  4.      user: 'postgres',
  5.      password: 'postgres',
  6.      database: 'my_database'
  7.  })
  8. ...

s3Handler({options})

options
handler

Requires a aws s3 instance
Type: Instance (required)

bucket

s3 bucket name
Type: string (required)

  1. let s3Handler = require('secure-backup/lib/handlers/s3')
  2. let aws = require('aws-sdk')
  3. ...
  4.   s3Handler({
  5.      handler: new aws.S3(),
  6.      bucket: 'my_bucket'
  7.   })
  8. ...

Todos

  • Write Tests
  • allow to override gzip options
  • allow other compression software than gzip
  • Add Code Comments
  • Allow gpg?

License

MIT