Set up automated MongoDB 8.0 backups with systemd timers, compression, and retention policies. Includes monitoring and alerting for backup failures across Ubuntu, Debian, AlmaLinux, and Rocky Linux systems.
Prerequisites
- Root or sudo access
- MongoDB 8.0 installed
- At least 2GB free disk space
- Email server for alerts
What this solves
MongoDB databases require regular backups to prevent data loss, but manual backups are unreliable and time-consuming. This tutorial shows you how to create automated MongoDB 8.0 backup scripts with compression and rotation, schedule them using systemd timers, and set up monitoring to alert you when backups fail. You'll have a production-ready backup system that runs automatically and stores compressed backups with configurable retention policies.
Step-by-step installation
Update system packages and install dependencies
Start by updating your system and installing required packages for backup operations and compression.
sudo apt update && sudo apt upgrade -y
sudo apt install -y gzip bzip2 xz-utils mailutils postfixInstall MongoDB 8.0 with authentication
Install MongoDB 8.0 and configure it with authentication enabled for secure backup operations.
curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/8.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list
sudo apt update
sudo apt install -y mongodb-orgConfigure MongoDB with authentication
Enable authentication in MongoDB configuration and create backup user credentials.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
net:
port: 27017
bindIp: 127.0.0.1
processManagement:
timeZoneInfo: /usr/share/zoneinfo
security:
authorization: enabledStart MongoDB and create admin user
Start MongoDB service and create the initial admin user for database administration.
sudo systemctl enable --now mongod
sudo systemctl status mongod
Connect to MongoDB and create admin user
mongosh --eval '
use admin
db.createUser({
user: "admin",
pwd: "SecureAdminPass123!",
roles: ["userAdminAnyDatabase", "readWriteAnyDatabase", "dbAdminAnyDatabase", "clusterAdmin"]
})
'Create backup user with minimal privileges
Create a dedicated backup user with only the permissions needed for database backups.
mongosh -u admin -p SecureAdminPass123! --authenticationDatabase admin --eval '
use admin
db.createUser({
user: "backupuser",
pwd: "SecureBackupPass123!",
roles: ["backup", "clusterMonitor"]
})
'Create backup directory structure
Set up directories for storing backups with proper permissions and ownership.
sudo mkdir -p /opt/mongodb-backups/{scripts,logs,data}
sudo mkdir -p /opt/mongodb-backups/data/{daily,weekly,monthly}
sudo useradd --system --home-dir /opt/mongodb-backups --shell /bin/bash mongobackup
sudo chown -R mongobackup:mongobackup /opt/mongodb-backups
sudo chmod 750 /opt/mongodb-backups
sudo chmod 755 /opt/mongodb-backups/dataNote: Never use chmod 777 for backup directories. The 750 permission gives the backup user full access while preventing other users from reading sensitive backup data.
Create backup script with compression and rotation
Create the main backup script that handles database dumps, compression, and automatic cleanup of old backups.
#!/bin/bash
MongoDB Backup Script with Compression and Rotation
Author: MongoDB Backup System
Version: 1.0
set -euo pipefail
Configuration
BACKUP_DIR="/opt/mongodb-backups/data"
LOG_DIR="/opt/mongodb-backups/logs"
SCRIPT_NAME="mongodb-backup"
DATE=$(date +%Y%m%d_%H%M%S)
LOG_FILE="$LOG_DIR/${SCRIPT_NAME}_${DATE}.log"
MongoDB Connection Details
MONGO_HOST="localhost"
MONGO_PORT="27017"
MONGO_USER="backupuser"
MONGO_PASS="SecureBackupPass123!"
MONGO_AUTH_DB="admin"
Retention Policy (days)
DAILY_RETENTION=7
WEEKLY_RETENTION=30
MONTHLY_RETENTION=365
Email Configuration
EMAIL_TO="admin@example.com"
EMAIL_FROM="mongodb-backup@example.com"
Logging function
log() {
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE"
}
Error handling
error_exit() {
log "ERROR: $1"
echo "MongoDB backup failed on $(hostname) at $(date)" | mail -s "MongoDB Backup Failure" -r "$EMAIL_FROM" "$EMAIL_TO"
exit 1
}
Check if mongodump is available
if ! command -v mongodump &> /dev/null; then
error_exit "mongodump command not found. Please install MongoDB tools."
fi
Create backup type directory
BACKUP_TYPE="daily"
if [ "$(date +%u)" -eq 7 ]; then
BACKUP_TYPE="weekly"
fi
if [ "$(date +%d)" -eq 01 ]; then
BACKUP_TYPE="monthly"
fi
BACKUP_PATH="$BACKUP_DIR/$BACKUP_TYPE"
mkdir -p "$BACKUP_PATH"
log "Starting MongoDB backup ($BACKUP_TYPE)"
log "Backup directory: $BACKUP_PATH"
Create temporary directory for backup
TEMP_DIR=$(mktemp -d)
trap "rm -rf $TEMP_DIR" EXIT
Perform backup
BACKUP_NAME="mongodb_backup_${DATE}"
DUMP_DIR="$TEMP_DIR/$BACKUP_NAME"
log "Creating database dump..."
if ! mongodump --host="$MONGO_HOST:$MONGO_PORT" \
--username="$MONGO_USER" \
--password="$MONGO_PASS" \
--authenticationDatabase="$MONGO_AUTH_DB" \
--out="$DUMP_DIR" \
--gzip 2>> "$LOG_FILE"; then
error_exit "mongodump failed"
fi
Create compressed archive
log "Compressing backup..."
COMPRESSED_BACKUP="$BACKUP_PATH/${BACKUP_NAME}.tar.xz"
if ! tar -cJf "$COMPRESSED_BACKUP" -C "$TEMP_DIR" "$BACKUP_NAME" 2>> "$LOG_FILE"; then
error_exit "Backup compression failed"
fi
Verify backup integrity
log "Verifying backup integrity..."
if ! tar -tJf "$COMPRESSED_BACKUP" >/dev/null 2>> "$LOG_FILE"; then
error_exit "Backup verification failed"
fi
Get backup size
BACKUP_SIZE=$(du -h "$COMPRESSED_BACKUP" | cut -f1)
log "Backup completed successfully. Size: $BACKUP_SIZE"
Cleanup old backups based on retention policy
log "Cleaning up old backups..."
Daily cleanup
find "$BACKUP_DIR/daily" -name "mongodb_backup_*.tar.xz" -type f -mtime +$DAILY_RETENTION -delete 2>> "$LOG_FILE" || true
Weekly cleanup
find "$BACKUP_DIR/weekly" -name "mongodb_backup_*.tar.xz" -type f -mtime +$WEEKLY_RETENTION -delete 2>> "$LOG_FILE" || true
Monthly cleanup
find "$BACKUP_DIR/monthly" -name "mongodb_backup_*.tar.xz" -type f -mtime +$MONTHLY_RETENTION -delete 2>> "$LOG_FILE" || true
Log cleanup
find "$LOG_DIR" -name "${SCRIPT_NAME}_*.log" -type f -mtime +30 -delete 2>/dev/null || true
log "Backup process completed successfully"
Send success notification
echo "MongoDB backup completed successfully on $(hostname) at $(date). Backup size: $BACKUP_SIZE" | \
mail -s "MongoDB Backup Success" -r "$EMAIL_FROM" "$EMAIL_TO"Create backup restore script
Create a companion script for restoring backups when needed.
#!/bin/bash
MongoDB Restore Script
Usage: ./mongodb-restore.sh /path/to/backup.tar.xz [target_database]
set -euo pipefail
if [ $# -lt 1 ]; then
echo "Usage: $0 [target_database]"
echo "Example: $0 /opt/mongodb-backups/data/daily/mongodb_backup_20241203_120000.tar.xz"
exit 1
fi
BACKUP_FILE="$1"
TARGET_DB="${2:-}"
MongoDB Connection Details
MONGO_HOST="localhost"
MONGO_PORT="27017"
MONGO_USER="admin"
MONGO_PASS="SecureAdminPass123!"
MONGO_AUTH_DB="admin"
Verify backup file exists
if [ ! -f "$BACKUP_FILE" ]; then
echo "Error: Backup file not found: $BACKUP_FILE"
exit 1
fi
echo "Starting MongoDB restore from: $BACKUP_FILE"
Create temporary directory
TEMP_DIR=$(mktemp -d)
trap "rm -rf $TEMP_DIR" EXIT
Extract backup
echo "Extracting backup..."
if ! tar -xJf "$BACKUP_FILE" -C "$TEMP_DIR"; then
echo "Error: Failed to extract backup file"
exit 1
fi
Find extracted directory
EXTRACTED_DIR=$(find "$TEMP_DIR" -maxdepth 1 -type d -name "mongodb_backup_*" | head -n1)
if [ -z "$EXTRACTED_DIR" ]; then
echo "Error: Could not find extracted backup directory"
exit 1
fi
Perform restore
echo "Restoring database..."
RESTORE_CMD="mongorestore --host=$MONGO_HOST:$MONGO_PORT --username=$MONGO_USER --password=$MONGO_PASS --authenticationDatabase=$MONGO_AUTH_DB --gzip"
if [ -n "$TARGET_DB" ]; then
RESTORE_CMD="$RESTORE_CMD --db=$TARGET_DB"
fi
if ! $RESTORE_CMD "$EXTRACTED_DIR"; then
echo "Error: Database restore failed"
exit 1
fi
echo "Database restore completed successfully" Set proper script permissions
Make the backup scripts executable and secure them with appropriate permissions.
sudo chmod 750 /opt/mongodb-backups/scripts/*.sh
sudo chown mongobackup:mongobackup /opt/mongodb-backups/scripts/*.sh
sudo chmod 640 /opt/mongodb-backups/scripts/*.sh
sudo chmod u+x /opt/mongodb-backups/scripts/*.shCreate systemd service for backup execution
Create a systemd service that will execute the backup script with proper user context and logging.
[Unit]
Description=MongoDB Backup Service
Wants=network-online.target
After=network-online.target mongod.service
Requires=mongod.service
[Service]
Type=oneshot
User=mongobackup
Group=mongobackup
ExecStart=/opt/mongodb-backups/scripts/mongodb-backup.sh
WorkingDirectory=/opt/mongodb-backups
StandardOutput=journal
StandardError=journal
SyslogIdentifier=mongodb-backup
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/mongodb-backups
NoNewPrivileges=true
TimeoutSec=3600Create systemd timer for automated scheduling
Create a systemd timer that will run the backup service automatically on a daily schedule.
[Unit]
Description=MongoDB Backup Timer
Requires=mongodb-backup.service
[Timer]
OnCalendar=daily
RandomizedDelaySec=1800
Persistent=true
[Install]
WantedBy=timers.targetEnable and start the backup timer
Reload systemd configuration and enable the backup timer to start automatically.
sudo systemctl daemon-reload
sudo systemctl enable mongodb-backup.timer
sudo systemctl start mongodb-backup.timer
sudo systemctl status mongodb-backup.timerCreate backup monitoring script
Create a monitoring script that checks backup health and sends alerts for missing or failed backups.
#!/bin/bash
MongoDB Backup Monitor Script
Checks for successful backups and alerts on failures
set -euo pipefail
BACKUP_DIR="/opt/mongodb-backups/data/daily"
LOG_DIR="/opt/mongodb-backups/logs"
EMAIL_TO="admin@example.com"
EMAIL_FROM="mongodb-monitor@example.com"
MAX_AGE_HOURS=25 # Alert if backup is older than 25 hours
Find the most recent backup
LATEST_BACKUP=$(find "$BACKUP_DIR" -name "mongodb_backup_*.tar.xz" -type f -printf '%T@ %p\n' | sort -rn | head -n1 | cut -d' ' -f2-)
if [ -z "$LATEST_BACKUP" ]; then
echo "CRITICAL: No MongoDB backups found in $BACKUP_DIR" | \
mail -s "MongoDB Backup Monitor: No Backups Found" -r "$EMAIL_FROM" "$EMAIL_TO"
exit 1
fi
Check backup age
BACKUP_TIME=$(stat -c %Y "$LATEST_BACKUP")
CURRENT_TIME=$(date +%s)
AGE_SECONDS=$((CURRENT_TIME - BACKUP_TIME))
AGE_HOURS=$((AGE_SECONDS / 3600))
if [ $AGE_HOURS -gt $MAX_AGE_HOURS ]; then
echo "WARNING: Latest MongoDB backup is $AGE_HOURS hours old (threshold: $MAX_AGE_HOURS hours)" | \
mail -s "MongoDB Backup Monitor: Backup Too Old" -r "$EMAIL_FROM" "$EMAIL_TO"
exit 1
fi
Verify backup integrity
if ! tar -tJf "$LATEST_BACKUP" >/dev/null 2>&1; then
echo "CRITICAL: Latest MongoDB backup file is corrupted: $LATEST_BACKUP" | \
mail -s "MongoDB Backup Monitor: Corrupted Backup" -r "$EMAIL_FROM" "$EMAIL_TO"
exit 1
fi
Check recent logs for errors
RECENT_LOG=$(find "$LOG_DIR" -name "mongodb-backup_*.log" -type f -mtime -1 | head -n1)
if [ -n "$RECENT_LOG" ] && grep -q "ERROR" "$RECENT_LOG"; then
echo "WARNING: Errors found in recent backup log: $RECENT_LOG" | \
mail -s "MongoDB Backup Monitor: Backup Errors" -r "$EMAIL_FROM" "$EMAIL_TO"
fi
echo "MongoDB backup monitoring passed. Latest backup: $(basename "$LATEST_BACKUP") (${AGE_HOURS}h old)"Create monitoring service and timer
Set up systemd service and timer for automated backup monitoring.
[Unit]
Description=MongoDB Backup Monitor Service
Wants=network-online.target
After=network-online.target
[Service]
Type=oneshot
User=mongobackup
Group=mongobackup
ExecStart=/opt/mongodb-backups/scripts/mongodb-backup-monitor.sh
WorkingDirectory=/opt/mongodb-backups
StandardOutput=journal
StandardError=journal
SyslogIdentifier=mongodb-backup-monitor[Unit]
Description=MongoDB Backup Monitor Timer
Requires=mongodb-backup-monitor.service
[Timer]
OnCalendar=hourly
RandomizedDelaySec=300
Persistent=true
[Install]
WantedBy=timers.targetEnable monitoring and configure email alerts
Enable the monitoring timer and configure postfix for email notifications.
sudo chmod 750 /opt/mongodb-backups/scripts/mongodb-backup-monitor.sh
sudo chown mongobackup:mongobackup /opt/mongodb-backups/scripts/mongodb-backup-monitor.sh
sudo systemctl daemon-reload
sudo systemctl enable mongodb-backup-monitor.timer
sudo systemctl start mongodb-backup-monitor.timer
Configure postfix for local delivery
sudo postconf -e 'myhostname = mongodb-server.example.com'
sudo postconf -e 'mydestination = $myhostname, localhost.localdomain, localhost'
sudo systemctl enable --now postfixTest the backup system
Run a manual backup test to verify the entire system works correctly.
sudo systemctl start mongodb-backup.service
sudo systemctl status mongodb-backup.service
sudo journalctl -u mongodb-backup.service -fVerify your setup
Check that your MongoDB backup automation is working correctly with these verification commands.
# Check timer status
sudo systemctl list-timers | grep mongodb-backup
Verify backup files were created
ls -la /opt/mongodb-backups/data/daily/
Check backup logs
tail -f /opt/mongodb-backups/logs/mongodb-backup_*.log
Test backup integrity
tar -tJf /opt/mongodb-backups/data/daily/mongodb_backup_*.tar.xz
Check monitoring status
sudo systemctl status mongodb-backup-monitor.timer
View systemd journal for backup services
sudo journalctl -u mongodb-backup.service -u mongodb-backup-monitor.service --since "1 hour ago"Common issues
| Symptom | Cause | Fix |
|---|---|---|
| Authentication failed during backup | Incorrect MongoDB credentials | Verify credentials with mongosh -u backupuser -p |
| Permission denied on backup directory | Incorrect file permissions | sudo chown -R mongobackup:mongobackup /opt/mongodb-backups |
| Backup service fails to start | MongoDB service not running | sudo systemctl start mongod then retry backup |
| Email alerts not sending | Postfix not configured | Configure postfix with sudo dpkg-reconfigure postfix |
| Backup files consuming too much disk | Retention policy too long | Adjust retention days in backup script configuration |
| Timer not running automatically | Timer not enabled | sudo systemctl enable mongodb-backup.timer |
Next steps
- Set up automated MySQL database backups with compression and rotation for additional database backup strategies
- Configure backup encryption with GPG and rsync for secure automated backups to add encryption to your backups
- Setup remote backup storage with S3-compatible encryption and automated retention policies for offsite backup storage
- Set up MongoDB backup restoration testing automation to verify backup integrity automatically
- Configure MongoDB backup compression algorithms comparison to optimize backup storage efficiency
Automated install script
Run this to automate the entire setup
install.sh
#!/usr/bin/env bash
set -euo pipefail
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
# Error handling
cleanup() {
if [ -n "${TEMP_DIR:-}" ] && [ -d "$TEMP_DIR" ]; then
rm -rf "$TEMP_DIR"
fi
}
trap cleanup EXIT ERR
error_exit() {
echo -e "${RED}ERROR: $1${NC}" >&2
exit 1
}
log() {
echo -e "${GREEN}[$(date '+%Y-%m-%d %H:%M:%S')] $1${NC}"
}
warn() {
echo -e "${YELLOW}WARNING: $1${NC}" >&2
}
# Check root privileges
if [[ $EUID -ne 0 ]]; then
error_exit "This script must be run as root"
fi
# Detect distribution
if [ ! -f /etc/os-release ]; then
error_exit "/etc/os-release not found. Cannot detect distribution."
fi
. /etc/os-release
case "$ID" in
ubuntu|debian)
PKG_MGR="apt"
PKG_UPDATE="apt update"
PKG_INSTALL="apt install -y"
MAIL_PKG="mailutils"
;;
almalinux|rocky|centos|rhel|ol|fedora)
PKG_MGR="dnf"
PKG_UPDATE="dnf update -y"
PKG_INSTALL="dnf install -y"
MAIL_PKG="mailx"
;;
amzn)
PKG_MGR="yum"
PKG_UPDATE="yum update -y"
PKG_INSTALL="yum install -y"
MAIL_PKG="mailx"
;;
*)
error_exit "Unsupported distribution: $ID"
;;
esac
log "Detected distribution: $ID"
# Check prerequisites
echo "[1/8] Checking prerequisites..."
if ! command -v curl &> /dev/null; then
$PKG_INSTALL curl
fi
if ! command -v gpg &> /dev/null; then
case "$ID" in
ubuntu|debian)
$PKG_INSTALL gnupg
;;
*)
$PKG_INSTALL gnupg2
;;
esac
fi
# Update system and install dependencies
echo "[2/8] Updating system and installing dependencies..."
$PKG_UPDATE
$PKG_INSTALL gzip bzip2 xz $MAIL_PKG postfix
# Install MongoDB 8.0
echo "[3/8] Installing MongoDB 8.0..."
case "$ID" in
ubuntu|debian)
curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/8.0 multiverse" > /etc/apt/sources.list.d/mongodb-org-8.0.list
apt update
apt install -y mongodb-org
;;
*)
cat > /etc/yum.repos.d/mongodb-org-8.0.repo << 'EOF'
[mongodb-org-8.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/8.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-8.0.asc
EOF
$PKG_INSTALL mongodb-org
;;
esac
# Configure MongoDB
echo "[4/8] Configuring MongoDB with authentication..."
systemctl start mongod
systemctl enable mongod
# Wait for MongoDB to start
sleep 5
# Create admin user
mongosh --eval "
db.getSiblingDB('admin').createUser({
user: 'admin',
pwd: 'AdminPassword123!',
roles: [ { role: 'userAdminAnyDatabase', db: 'admin' },
{ role: 'readWriteAnyDatabase', db: 'admin' },
{ role: 'backup', db: 'admin' },
{ role: 'restore', db: 'admin' } ]
})
"
# Enable authentication
sed -i 's/#security:/security:\n authorization: enabled/' /etc/mongod.conf
systemctl restart mongod
sleep 5
# Create backup user
mongosh -u admin -p AdminPassword123! --authenticationDatabase admin --eval "
db.getSiblingDB('admin').createUser({
user: 'backup',
pwd: 'BackupPassword123!',
roles: [ 'backup', 'restore' ]
})
"
# Create directories
echo "[5/8] Creating backup directories and configuration..."
mkdir -p /opt/mongodb-backup/{daily,weekly,monthly} /var/log/mongodb-backup
chown -R mongodb:mongodb /opt/mongodb-backup /var/log/mongodb-backup
chmod 750 /opt/mongodb-backup /var/log/mongodb-backup
# Create configuration file
cat > /etc/mongodb-backup.conf << 'EOF'
# MongoDB Backup Configuration
MONGO_HOST="127.0.0.1"
MONGO_PORT="27017"
MONGO_USER="backup"
MONGO_PASS="BackupPassword123!"
MONGO_AUTH_DB="admin"
# Backup settings
BACKUP_DIR="/opt/mongodb-backup"
LOG_DIR="/var/log/mongodb-backup"
DAILY_RETENTION="7"
WEEKLY_RETENTION="30"
MONTHLY_RETENTION="365"
# Email notifications
EMAIL_FROM="mongodb-backup@$(hostname -f)"
EMAIL_TO="admin@localhost"
EOF
chmod 640 /etc/mongodb-backup.conf
chown root:mongodb /etc/mongodb-backup.conf
# Create backup script
echo "[6/8] Creating backup scripts..."
cat > /usr/local/bin/mongodb-backup.sh << 'EOF'
#!/bin/bash
set -euo pipefail
SCRIPT_NAME="mongodb-backup"
DATE=$(date +%Y%m%d_%H%M%S)
# Source configuration
if [[ ! -f /etc/mongodb-backup.conf ]]; then
echo "ERROR: Configuration file not found" >&2
exit 1
fi
source /etc/mongodb-backup.conf
# Functions
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" | tee -a "$LOG_FILE"
}
error_exit() {
log "ERROR: $1"
echo "MongoDB backup failed on $(hostname) at $(date): $1" | \
mail -s "MongoDB Backup FAILED" -r "$EMAIL_FROM" "$EMAIL_TO"
exit 1
}
# Create log file
LOG_FILE="$LOG_DIR/${SCRIPT_NAME}_${DATE}.log"
touch "$LOG_FILE"
chmod 640 "$LOG_FILE"
# Check mongodump availability
if ! command -v mongodump &> /dev/null; then
error_exit "mongodump command not found"
fi
# Determine backup type
BACKUP_TYPE="daily"
if [ "$(date +%u)" -eq 7 ]; then
BACKUP_TYPE="weekly"
fi
if [ "$(date +%d)" -eq 01 ]; then
BACKUP_TYPE="monthly"
fi
BACKUP_PATH="$BACKUP_DIR/$BACKUP_TYPE"
mkdir -p "$BACKUP_PATH"
log "Starting MongoDB backup ($BACKUP_TYPE)"
# Create temporary directory
TEMP_DIR=$(mktemp -d)
trap "rm -rf $TEMP_DIR" EXIT
# Perform backup
BACKUP_NAME="mongodb_backup_${DATE}"
DUMP_DIR="$TEMP_DIR/$BACKUP_NAME"
log "Creating database dump..."
if ! mongodump --host="$MONGO_HOST:$MONGO_PORT" \
--username="$MONGO_USER" \
--password="$MONGO_PASS" \
--authenticationDatabase="$MONGO_AUTH_DB" \
--out="$DUMP_DIR" \
--gzip 2>> "$LOG_FILE"; then
error_exit "mongodump failed"
fi
# Create compressed archive
log "Compressing backup..."
COMPRESSED_BACKUP="$BACKUP_PATH/${BACKUP_NAME}.tar.xz"
if ! tar -cJf "$COMPRESSED_BACKUP" -C "$TEMP_DIR" "$BACKUP_NAME" 2>> "$LOG_FILE"; then
error_exit "Backup compression failed"
fi
# Verify backup
log "Verifying backup integrity..."
if ! tar -tJf "$COMPRESSED_BACKUP" >/dev/null 2>> "$LOG_FILE"; then
error_exit "Backup verification failed"
fi
BACKUP_SIZE=$(du -h "$COMPRESSED_BACKUP" | cut -f1)
log "Backup completed successfully. Size: $BACKUP_SIZE"
# Cleanup old backups
log "Cleaning up old backups..."
find "$BACKUP_DIR/daily" -name "mongodb_backup_*.tar.xz" -type f -mtime +$DAILY_RETENTION -delete 2>> "$LOG_FILE" || true
find "$BACKUP_DIR/weekly" -name "mongodb_backup_*.tar.xz" -type f -mtime +$WEEKLY_RETENTION -delete 2>> "$LOG_FILE" || true
find "$BACKUP_DIR/monthly" -name "mongodb_backup_*.tar.xz" -type f -mtime +$MONTHLY_RETENTION -delete 2>> "$LOG_FILE" || true
find "$LOG_DIR" -name "${SCRIPT_NAME}_*.log" -type f -mtime +30 -delete 2>/dev/null || true
log "Backup process completed successfully"
# Send notification
echo "MongoDB backup completed successfully on $(hostname) at $(date). Backup size: $BACKUP_SIZE" | \
mail -s "MongoDB Backup Success" -r "$EMAIL_FROM" "$EMAIL_TO"
EOF
chmod 750 /usr/local/bin/mongodb-backup.sh
chown root:mongodb /usr/local/bin/mongodb-backup.sh
# Create systemd service
echo "[7/8] Creating systemd service and timer..."
cat > /etc/systemd/system/mongodb-backup.service << 'EOF'
[Unit]
Description=MongoDB Backup Service
After=mongod.service
Requires=mongod.service
[Service]
Type=oneshot
User=mongodb
Group=mongodb
ExecStart=/usr/local/bin/mongodb-backup.sh
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
ReadWritePaths=/opt/mongodb-backup /var/log/mongodb-backup
NoNewPrivileges=true
EOF
cat > /etc/systemd/system/mongodb-backup.timer << 'EOF'
[Unit]
Description=MongoDB Backup Timer
Requires=mongodb-backup.service
[Timer]
OnCalendar=daily
RandomizedDelaySec=1h
Persistent=true
[Install]
WantedBy=timers.target
EOF
systemctl daemon-reload
systemctl enable mongodb-backup.timer
systemctl start mongodb-backup.timer
# Verification
echo "[8/8] Verifying installation..."
if ! systemctl is-active --quiet mongod; then
error_exit "MongoDB service is not running"
fi
if ! systemctl is-enabled --quiet mongodb-backup.timer; then
error_exit "Backup timer is not enabled"
fi
# Test MongoDB connection
if ! mongosh -u backup -p BackupPassword123! --authenticationDatabase admin --eval "db.runCommand('ping')" &>/dev/null; then
warn "MongoDB authentication test failed"
fi
log "MongoDB 8.0 backup automation setup completed successfully!"
log "Backup directory: /opt/mongodb-backup"
log "Log directory: /var/log/mongodb-backup"
log "Configuration: /etc/mongodb-backup.conf"
log "Next scheduled backup: $(systemctl list-timers mongodb-backup.timer --no-pager -l | grep mongodb-backup.timer | awk '{print $1, $2}')"
warn "Please update email settings in /etc/mongodb-backup.conf"
warn "Default passwords should be changed for production use"Review the script before running. Execute with: bash install.sh