A containerized web application built with Bun runtime that provides automated backup and restore capabilities for PostgreSQL and MySQL databases, designed to run as a companion container in existing Docker Compose environments.
- Multi-Database Support: PostgreSQL and MySQL backup/restore
- Automated Scheduling: Cron-based scheduling with hourly, daily, weekly, and monthly presets
- Intelligent Retention: Hierarchical retention policies (hourly, daily, weekly, monthly, yearly)
- S3 Integration: Upload backups to Amazon S3 or S3-compatible storage
- Web UI: Modern web interface for managing backups and restores (Coming Soon)
- REST API: Complete API for programmatic access
- Secure: AES-256-GCM encryption for storing credentials
- Docker Native: Runs as a companion container in your Docker Compose stack
- Docker and Docker Compose
- Existing PostgreSQL or MySQL databases in Docker containers
- (Optional) AWS S3 bucket for offsite backup storage
-
Clone the repository
git clone <repository-url> cd db-backups
-
Create environment file
cp .env.example .env
-
Edit
.envfile# Required: Set a secure encryption key (minimum 32 characters) ENCRYPTION_KEY=your-secure-32-character-encryption-key-here # Optional: Configure S3 S3_REGION=us-east-1 S3_BUCKET=my-backups S3_ACCESS_KEY_ID=your-access-key S3_SECRET_ACCESS_KEY=your-secret-key
-
Add to your docker-compose.yml
services: db-backup: build: ./db-backups ports: - "3000:3000" environment: - ENCRYPTION_KEY=${ENCRYPTION_KEY} - S3_REGION=${S3_REGION} - S3_BUCKET=${S3_BUCKET} - S3_ACCESS_KEY_ID=${S3_ACCESS_KEY_ID} - S3_SECRET_ACCESS_KEY=${S3_SECRET_ACCESS_KEY} volumes: - backup_data:/app/data networks: - app_network restart: unless-stopped volumes: backup_data:
-
Start the application
docker-compose up -d db-backup
-
Access the web interface Open http://localhost:3000 in your browser
Create a database configuration
curl -X POST http://localhost:3000/api/databases \
-H "Content-Type: application/json" \
-d '{
"Name": "My PostgreSQL Database",
"Type": "postgresql",
"Host": "postgres",
"Port": 5432,
"DatabaseName": "myapp",
"Username": "myapp",
"Password": "secret",
"DockerContainerName": "postgres",
"Enabled": true
}'List all databases
curl http://localhost:3000/api/databasesTest database connection
curl -X POST http://localhost:3000/api/databases/{id}/test-connectionExecute a manual backup
curl -X POST http://localhost:3000/api/backups \
-H "Content-Type: application/json" \
-d '{
"DatabaseConfigId": "database-id-here",
"BackupType": "manual",
"S3UploadEnabled": true
}'List all backups
curl http://localhost:3000/api/backupsList backups for a specific database
curl http://localhost:3000/api/backups?databaseId=database-id-hereExecute a restore from S3
curl -X POST http://localhost:3000/api/restores \
-H "Content-Type: application/json" \
-d '{
"DatabaseConfigId": "database-id-here",
"SourceType": "s3",
"S3Bucket": "my-backups",
"S3Key": "backups/myapp_db/2025/11/myapp_db_daily_20251116.sql.gz",
"RestoreOptions": {
"cleanBeforeRestore": true
}
}'Execute a restore from local backup
curl -X POST http://localhost:3000/api/restores \
-H "Content-Type: application/json" \
-d '{
"DatabaseConfigId": "database-id-here",
"SourceType": "local",
"SourcePath": "/app/data/backups/myapp_db_daily_20251116.sql.gz"
}'List all restores
curl http://localhost:3000/api/restores-
Install Bun (if not already installed)
curl -fsSL https://bun.sh/install | bash -
Install dependencies
bun install
-
Set up environment
cp .env.example .env # Edit .env with your settings -
Run database migrations
bun run db:migrate
-
Start development server
bun run dev
-
Access the application Open http://localhost:3000
bun run build
bun run start| Variable | Required | Default | Description |
|---|---|---|---|
ENCRYPTION_KEY |
Yes | - | Encryption key for storing passwords (min 32 chars) |
S3_REGION |
No | us-east-1 |
AWS region |
S3_BUCKET |
No | - | S3 bucket name |
S3_ACCESS_KEY_ID |
No | - | AWS access key ID |
S3_SECRET_ACCESS_KEY |
No | - | AWS secret access key |
S3_ENDPOINT |
No | - | Custom S3 endpoint (for MinIO, etc.) |
AUTO_DISCOVER |
No | false |
Enable automatic database discovery |
TZ |
No | UTC |
Timezone for cron schedules |
LOG_LEVEL |
No | info |
Logging level (debug, info, warn, error) |
MAX_BACKUP_RETENTION_DAYS |
No | 365 |
Hard limit for backup retention |
BACKUP_STORAGE_PATH |
No | /app/data/backups |
Local backup storage path |
DATABASE_PATH |
No | /app/data/db/app.db |
SQLite database path |
PORT |
No | 3000 |
Server port |
HOSTNAME |
No | 0.0.0.0 |
Server hostname |
The default retention policy keeps:
- 24 hourly backups (last 24 hours)
- 7 daily backups (last 7 days)
- 4 weekly backups (last 4 weeks)
- 12 monthly backups (last 12 months)
- 0 yearly backups
Retention policies automatically delete older backups while preserving the most recent backups in each time bucket.
- Runtime: Bun 1.1+
- Framework: Next.js 16+ with React 19+
- Styling: Tailwind CSS v4+
- Database: SQLite (bun:sqlite)
- Storage: Amazon S3 or S3-compatible services
- Scheduling: node-cron
- Logging: Winston
- Backup Engine: Executes pg_dump/mysqldump with streaming compression
- Restore Engine: Executes pg_restore/mysql with streaming decompression
- Scheduler: Cron-based job scheduling with automatic execution
- Retention Manager: Hierarchical retention policy enforcement
- S3 Client: Multipart upload/download with retry logic
- API Server: RESTful API with Next.js API routes
Local backups are stored in:
/app/data/backups/
├── database1_daily_20251116_143022_abc123.dump.gz
├── database1_hourly_20251116_150000_def456.dump.gz
└── database2_daily_20251116_143025_ghi789.sql.gz
S3 backups are organized by:
{path_prefix}/{database_name}/{year}/{month}/{filename}
Example:
backups/myapp_db/2025/11/myapp_db_daily_20251116_143022.sql.gz
- Encryption at Rest: All database passwords and S3 credentials are encrypted using AES-256-GCM
- Secure Key Storage: Encryption key must be provided via environment variable
- Network Isolation: Runs in same Docker network as target databases
- No Authentication (v1.0): Current version has no built-in authentication - deploy in trusted networks only
- Web UI for managing backups and restores
- Schedule management interface
- Real-time backup progress tracking
- Email/webhook notifications
- Incremental backups
- Point-in-time recovery
- Authentication and authorization
- Multi-user support
- MongoDB support
- Kubernetes Helm chart
- Ensure database container is on the same Docker network
- Check if container name or hostname is correct
- Verify credentials are correct
- Test connection using the
/api/databases/{id}/test-connectionendpoint
- Check disk space on host system
- Verify database is accessible
- Check logs:
docker-compose logs db-backup - Ensure PostgreSQL client version is compatible
- Verify S3 credentials are correct
- Check S3 bucket exists and is accessible
- Ensure IAM permissions allow PutObject operation
- For S3-compatible services, verify endpoint is correct
See the LICENSE file for details.
Contributions are welcome! Please open an issue or submit a pull request.
For issues and questions, please open an issue on GitHub.