#!/bin/bash # Vaultwarden Backup Script # Backs up PostgreSQL database and critical data files set -e # Configuration BACKUP_DIR="/srv/backups/vaultwarden" DATE=$(date +%Y%m%d_%H%M%S) PGHOST="postgresql.pkartchner.com" PGPORT="5432" PGUSER="vaultwarden" PGDATABASE="vaultwarden" PGPASSWORD="lXleSC6e5mL1ZZs8qwG+NWhNh478ipGptRXsEMZRs28=" RETENTION_DAYS=30 # Create backup directory mkdir -p "$BACKUP_DIR" echo "=== Vaultwarden Backup Started: $(date) ===" # PostgreSQL database backup (custom format - compressed and optimized) echo "Backing up PostgreSQL database..." docker run --rm \ -e PGPASSWORD="$PGPASSWORD" \ -v "$BACKUP_DIR:/backup" \ postgres:18-alpine \ pg_dump -h "$PGHOST" -p "$PGPORT" -U "$PGUSER" -d "$PGDATABASE" \ -F c -b -v -f "/backup/vaultwarden_db_$DATE.dump" 2>&1 | grep -v "^$" if [ ${PIPESTATUS[0]} -eq 0 ]; then echo "✓ Database backup completed" else echo "✗ Database backup failed" exit 1 fi # Data directory backup (critical files only) echo "Backing up data directory..." tar -czf "$BACKUP_DIR/vaultwarden_data_$DATE.tar.gz" \ -C /srv/docker-compose/vaultwarden \ --exclude='data/icon_cache' \ --exclude='data/tmp' \ data/config.json data/rsa_key.pem 2>&1 if [ $? -eq 0 ]; then echo "✓ Data directory backup completed" else echo "✗ Data directory backup failed" exit 1 fi # Environment file backup (contains credentials) echo "Backing up .env file..." cp /srv/docker-compose/vaultwarden/.env "$BACKUP_DIR/vaultwarden_env_$DATE.env" echo "✓ Environment file backup completed" # Calculate backup sizes DB_SIZE=$(du -h "$BACKUP_DIR/vaultwarden_db_$DATE.dump" | cut -f1) DATA_SIZE=$(du -h "$BACKUP_DIR/vaultwarden_data_$DATE.tar.gz" | cut -f1) echo "" echo "=== Backup Summary ===" echo "Database backup: $DB_SIZE" echo "Data backup: $DATA_SIZE" echo "Location: $BACKUP_DIR" # Cleanup old backups echo "" echo "Cleaning up backups older than $RETENTION_DAYS days..." DELETED=$(find "$BACKUP_DIR" -name "vaultwarden_*" -mtime +$RETENTION_DAYS -type f) if [ -n "$DELETED" ]; then echo "$DELETED" find "$BACKUP_DIR" -name "vaultwarden_*" -mtime +$RETENTION_DAYS -type f -delete echo "✓ Old backups cleaned up" else echo "No old backups to clean up" fi echo "" echo "=== Vaultwarden Backup Completed: $(date) ==="