admin/logbuch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: backup — MYSQL_PWD statt -p Flag, SSH-Key optional

Browse Source 
Passwort via MYSQL_PWD-Env statt -p vermeidet die mysqldump-Warnung
und ist sicherer. BACKUP_SSH_KEY_PATH ist jetzt optional: wenn leer,
wird kein -i übergeben und SSH nutzt seine eigene Konfiguration
(~/.ssh/config, ssh-agent). So funktionieren SSH-Config-Aliases
(z.B. 'strato_1') ohne Key-Override.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Reinhard X. Fürst
2026-06-04 15:46:54 +02:00
parent 10b52d268e
commit d99a696ef0
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/backup.ts
+4 -4
View File
@@ -14,7 +14,7 @@ async function runBackup(): Promise<void> {
return;
}
const [, sshHost, remotePath] = match;
const rawKeyPath = process.env.BACKUP_SSH_KEY_PATH || '/app/.ssh/id_rsa';
const rawKeyPath = process.env.BACKUP_SSH_KEY_PATH || '';
const keyPath = rawKeyPath.startsWith('~')
? rawKeyPath.replace('~', process.env.HOME || '/root')
: rawKeyPath;
@@ -29,17 +29,17 @@ async function runBackup(): Promise<void> {
const dbName = process.env.DB_NAME || 'sternwarte';
const sshOpts = [
'-i', keyPath,
...(keyPath ? ['-i', keyPath] : []),
'-o', 'StrictHostKeyChecking=no',
'-o', 'BatchMode=yes',
];
await new Promise<void>((resolve, reject) => {
const dump = spawn('mysqldump', [
`-h${dbHost}`, `-P${dbPort}`, `-u${dbUser}`, `-p${dbPass}`,
`-h${dbHost}`, `-P${dbPort}`, `-u${dbUser}`,
`--ignore-table=${dbName}.beos`,
dbName,
]);
], { env: { ...process.env, MYSQL_PWD: dbPass } });
const gzip = spawn('gzip');
const ssh = spawn('ssh', [...sshOpts, sshHost, `cat > ${remotePath}/${filename}`]);