{"id":36768604,"url":"https://github.com/sikalabs/tergum","last_synced_at":"2026-01-12T13:02:58.002Z","repository":{"id":45703465,"uuid":"370828238","full_name":"sikalabs/tergum","owner":"sikalabs","description":"Tergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...)","archived":false,"fork":false,"pushed_at":"2025-11-06T09:12:09.000Z","size":2994,"stargazers_count":49,"open_issues_count":16,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-11-06T11:10:22.474Z","etag":null,"topics":["backup","backup-database","backup-tool","mysql","restore","restore-database","s3"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sikalabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["ondrejsika"]}},"created_at":"2021-05-25T21:09:16.000Z","updated_at":"2025-11-06T09:12:13.000Z","dependencies_parsed_at":"2024-01-01T08:42:45.465Z","dependency_job_id":"0ecf1aec-3f2b-40a6-bbff-6a74dec91665","html_url":"https://github.com/sikalabs/tergum","commit_stats":null,"previous_names":[],"tags_count":78,"template":false,"template_full_name":null,"purl":"pkg:github/sikalabs/tergum","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sikalabs%2Ftergum","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sikalabs%2Ftergum/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sikalabs%2Ftergum/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sikalabs%2Ftergum/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sikalabs","download_url":"https://codeload.github.com/sikalabs/tergum/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sikalabs%2Ftergum/sbom","scorecard":{"id":823352,"data":{"date":"2025-08-11","repo":{"name":"github.com/sikalabs/tergum","commit":"6a4e8a0d403680779707f39f559c94d3899af0e2"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"21 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/13 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.41.0 not signed: https://api.github.com/repos/sikalabs/tergum/releases/220155839","Warn: release artifact v0.40.0 not signed: https://api.github.com/repos/sikalabs/tergum/releases/217281626","Warn: release artifact v0.39.0 not signed: https://api.github.com/repos/sikalabs/tergum/releases/216669677","Warn: release artifact v0.38.0 not signed: https://api.github.com/repos/sikalabs/tergum/releases/202100183","Warn: release artifact v0.37.0 not signed: https://api.github.com/repos/sikalabs/tergum/releases/199193919","Warn: release artifact v0.41.0 does not have provenance: https://api.github.com/repos/sikalabs/tergum/releases/220155839","Warn: release artifact v0.40.0 does not have provenance: https://api.github.com/repos/sikalabs/tergum/releases/217281626","Warn: release artifact v0.39.0 does not have provenance: https://api.github.com/repos/sikalabs/tergum/releases/216669677","Warn: release artifact v0.38.0 does not have provenance: https://api.github.com/repos/sikalabs/tergum/releases/202100183","Warn: release artifact v0.37.0 does not have provenance: https://api.github.com/repos/sikalabs/tergum/releases/199193919"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sikalabs/tergum/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sikalabs/tergum/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sikalabs/tergum/build.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile.goreleaser:1: pin your Docker image by updating debian:10-slim to debian:10-slim@sha256:bb3dc79fddbca7e8903248ab916bb775c96ec61014b3d02b4f06043b604726dc","Warn: containerImage not pinned by hash: Dockerfile.goreleaser.arm64v8:1: pin your Docker image by updating arm64v8/debian:10-slim to arm64v8/debian:10-slim@sha256:7c4d2a7d6cf0863888c4dbe1207211c5a7c2eaa6374a51b5d4cc02dd0dd95099","Warn: containerImage not pinned by hash: misc/docker/mysql-with-tergum/Dockerfile:3","Warn: containerImage not pinned by hash: misc/docker/mysql-with-tergum/Dockerfile:4","Warn: containerImage not pinned by hash: misc/docker/postgres-with-mysqldump-mongodump-with-tergum/Dockerfile:3","Warn: containerImage not pinned by hash: misc/docker/postgres-with-mysqldump-with-tergum/Dockerfile:3","Warn: containerImage not pinned by hash: misc/docker/postgres-with-redis-with-tergum/Dockerfile:3","Warn: containerImage not pinned by hash: misc/docker/postgres-with-redis-with-tergum/Dockerfile:4","Warn: containerImage not pinned by hash: misc/docker/postgres-with-tergum/Dockerfile:3","Warn: containerImage not pinned by hash: misc/docker/postgres-with-tergum/Dockerfile:4","Warn: containerImage not pinned by hash: misc/docker/tergum-with-ca-certificates/Dockerfile:2","Warn: containerImage not pinned by hash: misc/example/docker/mongo/Dockerfile:1: pin your Docker image by updating mongo to mongo@sha256:95a98776f273721a295b03098578b06bc10281bb56aa828c77e9f60ecc70b150","Warn: containerImage not pinned by hash: misc/example/docker/mysql/Dockerfile:1: pin your Docker image by updating mariadb to mariadb@sha256:b30cc65b57a11a2e791ad5c06284e599fe9f1bf3fe9081a88d85bcf36389be4a","Warn: containerImage not pinned by hash: misc/example/docker/postgres/Dockerfile:1: pin your Docker image by updating postgres to postgres@sha256:19ad070ea172efd48d7cae52297caaf845a3625728674bbc1a6efb679ab7befe","Warn: downloadThenRun not pinned by hash: install.sh:1","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of  14 containerImage dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build.yml:10"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T16:07:59.737Z","repository_id":45703465,"created_at":"2025-08-23T16:07:59.737Z","updated_at":"2025-08-23T16:07:59.737Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28338990,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T12:22:26.515Z","status":"ssl_error","status_checked_at":"2026-01-12T12:22:10.856Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backup","backup-database","backup-tool","mysql","restore","restore-database","s3"],"created_at":"2026-01-12T13:02:57.887Z","updated_at":"2026-01-12T13:02:57.988Z","avatar_url":"https://github.com/sikalabs.png","language":"Go","funding_links":["https://github.com/sponsors/ondrejsika"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg alt=\"Tergum\" src=\"_images/tergum_transparent.png\" width=\"150\"\u003e\u003c/img\u003e\n  \u003ch1 align=\"center\"\u003eTergum: Universal Backup Tool\u003c/h1\u003e\n  \u003cp align=\"center\"\u003e\n    \u003ca href=\"https://opensource.sikalabs.com\"\u003e\u003cimg alt=\"SikaLabs\" src=\"https://img.shields.io/badge/OPENSOURCE BY-SIKALABS-131480?style=for-the-badge\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://sikalabs.com\"\u003e\u003cimg alt=\"SikaLabs\" src=\"https://img.shields.io/badge/-sikalabs.com-gray?style=for-the-badge\"\u003e\u003c/a\u003e\n    \u003ca href=\"mailto://opensource@sikalabs.com\"\u003e\u003cimg alt=\"SikaLabs\" src=\"https://img.shields.io/badge/-opensource@sikalabs.com-gray?style=for-the-badge\"\u003e\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n## Why Tergum?\n\nTergum is simple tool provides centralized backup solution with multiple sources (databases, files, S3, ...) and multiple backup storages (S3, filesystem, ...). Tergum has native backup monitoring and alerts you when backup fails. Tergum also support backup encryption, compression and automatic recovery testing.\n\n__Tergum is under active development, not all features are already implemented. Check [current project state](#current-project-state)__\n\n## Do you want to start using Tergum? Give us a call\n\nLet's discuss Tergum in your project in [30 min call](https://calendly.com/ondrejsika/tergum-intro)\n\n## What \"Tergum\" means?\n\nTergum means backup in latin.\n\n## Tergum Cloud: Bring Your Backups into Cloud\n\nTergum Cloud allow you to manage your backup using UI \u0026 Terraform and store your backups securely in our AWS.\n\nAre you interested in our public beta? Drop us email [hi@sikalabs.com](mailto:hi@sikalabs.com?subject=Tergum_Cloud)\n\n## Tergum Enterprise: Use Tergum Cloud in Your Private Infrastructure\n\nTergum Enterprise brings our cloud platform behind your filewall. For an inquiry, contact our sales [sales@sikalabs.com](mailto:sales@sikalabs.com?subject=Tergum_Enterprise)\n\n## Install\n\nInstall using Brew:\n\n```\nbrew install sikalabs/tap/tergum\n```\n\nOn Linux (amd64):\n\n```\ncurl -fsSL https://raw.githubusercontent.com/sikalabs/tergum/master/install.sh | sudo sh\n```\n\nUsing [scoop](https://scoop.sh/) on Windows:\n\n```\nscoop install https://raw.githubusercontent.com/sikalabs/scoop-bucket/master/tergum.json\n```\n\n### Autocomplete\n\nSee: `tergum completion`\n\n#### Bash\n\n```\nsource \u003c(tergum completion bash)\n```\n\n## CLI Usage\n\n### Generated CLI Docs on Github\n\nSee: \u003chttps://github.com/sikalabs/tergum-cli-docs/blob/master/tergum.md#tergum\u003e\n\n## Generate CLI Docs\n\nGenerate Markdown CLI docs to `./cobra-docs`\n\n```\ntergum generate-docs\n```\n\n## Tergum Config File\n\nTergum supports only JSON config file, but we're working on YAML support.\n\nConfig file examples are in [misc/example/config](./misc/example/config) directory\n\n#### Basic Config Structure\n\n```yaml\nMeta:\n  SchemaVersion: 3\nSettings: \u003cSettings\u003e\nCloud: \u003cCloud\u003e\nNotification: \u003cNotification\u003e\nTelemetry: \u003cTelemetry\u003e\nBackups:\n  - \u003cBackup\u003e\n  - \u003cBackup\u003e\n  - ...\n```\n\n#### Backup Block\n\n```yaml\nID: \u003cUniqueBackupID\u003e\nSource:\n  Mysql: \u003cBackupSourceMysqlConfiguration\u003e\n  MysqlServer: \u003cBackupSourceMysqlServerConfiguration\u003e\n  Postgres: \u003cBackupSourcePostgresConfiguration\u003e\n  PostgresServer: \u003cBackupSourcePostgresServerConfiguration\u003e\n  Mongo: \u003cBackupSourceMongoConfiguration\u003e\n  SingleFile: \u003cBackupSourceSingleFileConfiguration\u003e\n  Dir: \u003cBackupSourceDirConfiguration\u003e\n  KubernetesTLSSecret: \u003cBackupSourceKubernetesTLSSecret\u003e\n  Kubernetes: \u003cBackupSourceKubernetes\u003e\n  Notion: \u003cBackupSourceNotion\u003e\n  FTP: \u003cBackupSourceFTP\u003e\n  Redis: \u003cBackupSourceRedis\u003e\n  Vault: \u003cBackupSourceVault\u003e\n  Dummy: \u003cBackupSourceDummy\u003e\n  Gitlab: \u003cBackupSourceGitlab\u003e\n  Consul: \u003cBackupSourceConsul\u003e\nMiddlewares:\n  - \u003cMiddlewareConfiguration\u003e\n  - ...\nDestinations:\n  - ID: \u003cUniqueBackupDestinationID\u003e\n    Middlewares:\n      - \u003cMiddlewareConfiguration\u003e\n      - ...\n    FilePath: \u003cBackupDestinationFilePathConfiguration\u003e\n    File: \u003cBackupDestinationFileConfiguration\u003e\n    S3: \u003cBackupDestinationS3Configuration\u003e\n    AzureBlob: \u003cBackupDestinationAzureBlobConfiguration\u003e\n    Telegram: \u003cBackupDestinationTelegramConfiguration\u003e\n  - ...\nSleepBefore: \u003csleep time befor backup job in seconds\u003e\n```\n\n#### GzipMiddlewareConfiguration\n\n```yaml\nGzip: {}\nSymmetricEncryption:\n  Passphrase: \"passphrase\"\n```\n\n#### Example BackupSourceMysqlConfiguration Block\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"3306\"\nUser: \"root\"\nPassword: \"root\"\nDatabase: \"default\"\n```\n\nWith extra args\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"3306\"\nUser: \"root\"\nPassword: \"root\"\nDatabase: \"default\"\nMysqldumpExtraArgs:\n  - --column-statistics=0\n```\n\n#### Example BackupSourceMysqlServerConfiguration Block\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"3306\"\nUser: \"root\"\nPassword: \"root\"\n```\n\nWith extra args\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"3306\"\nUser: \"root\"\nPassword: \"root\"\nMysqldumpExtraArgs:\n  - --column-statistics=0\n```\n\n#### Example BackupSourcePostgresConfiguration Block\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\nDatabase: \"postgres\"\n```\n\nWith extra args\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\nDatabase: \"postgres\"\nPgdumpExtraArgs:\n  - --ignore-version\n```\n\nWith SSL mode\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\nDatabase: \"postgres\"\nSSLMode: \"require\"\n```\n\n#### Example BackupSourcePostgresServerConfiguration Block\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\n```\n\nWith extra args\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\nPgdumpallExtraArgs:\n  - --ignore-version\n```\n\nWith SSL mode\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"15432\"\nUser: \"postgres\"\nPassword: \"pg\"\nSSLMode: \"require\"\n```\n\n#### Example BackupSourceMongoConfiguration Block\n\nDump all dbs \u0026 no auth\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"27017\"\n```\n\nDump all dbs with auth\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"27017\"\nUser: \"root\"\nPassword: \"root\"\n```\n\nDump single db with auth\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"27017\"\nUser: \"root\"\nPassword: \"root\"\nDatabase: \"test\"\n```\n\nDump single db with auth and custom Authentication Database\n\n```yaml\nHost: \"127.0.0.1\"\nPort: \"27017\"\nUser: \"root\"\nPassword: \"root\"\nAuthenticationDatabase: \"test\" # default is admin\nDatabase: \"test\"\n```\n\n#### Example BackupSourceKubernetesTLSSecret Block\n\nBackup all TLS secrets\n\n```yaml\nServer: https://kubernetes-api.example.com\nToken: foo-bar-baz\nNamespace: default\n```\n\nBackup single TLS secret\n\n```yaml\nServer: https://kubernetes-api.example.com\nToken: foo-bar-baz\nNamespace: default\nSecretName: tls-example-com\n```\n\n#### Example BackupSourceKubernetes Block\n\nBackup all resources (pods)\n\n```yaml\nServer: https://kubernetes-api.example.com\nToken: foo-bar-baz\nNamespace: default\nResource: pod\n```\n\nBackup single resource (hello-world pod)\n\n```yaml\nServer: https://kubernetes-api.example.com\nToken: foo-bar-baz\nNamespace: default\nResource: pod\nName: hello-world\n```\n\n#### Example BackupSourceSingleFileConfiguration Block\n\n```yaml\nPath: /data/export/dump.sql\n```\n\n### Example BackupSourceDirConfiguration Block\n\n```yaml\nPath: /data\nExcludes:\n  - /data/tmp\n```\n\n\n### Example BackupSourceNotion Block\n\n```yaml\nToken: \u003cNotion token_v2\u003e\nSpaceID: \u003cNotion Space UID\u003e\nFormat: \u003cFotmat of export (\"html\" or \"markdown\")\u003e\n```\n\n### Example BackupSourceFTP Block\n\n```yaml\nHost: \u003cFTP host\u003e\nUser: \u003cFTP user\u003e\nPassword: \u003cFTP password\u003e\n```\n\n### Example BackupSourceRedis Block\n\n```yaml\nHost: \u003chost\u003e\nPort: \u003cport\u003e\n```\n\n### Example BackupSourceVault Block\n\n```yaml\nAddr: \u003cvault address\u003e\nToken: \u003cvault token\u003e\nHeaders: \u003cmap[string]string of headers, optional\u003e\n```\n\nexample with cloudflare access headers\n\n```yaml\nAddr: https://vault.corp.com\nToken: s.1234567890\nHeaders:\n  CF-Access-Client-ID: xxx1234567890\n  CF-Access-Client-Secret: xxx123456789\n```\n\n\n### Example BackupSourceDummy Block\n\n```yaml\nContent: \u003cbackup content\u003e\n```\n\n### Example BackupSourceGitlab Block\n\n```yaml\nNamePrefix: \u003cprefix Gitlab backup file in /var/opt/gitlab/backups\u003e\nSkip: \u003cskip (for example registry)\u003e\n```\n\n- Gitlab Docs about SKIP - \u003chttps://docs.gitlab.com/ee/administration/backup_restore/backup_gitlab.html?tab=Linux+package+%28Omnibus%29#excluding-specific-data-from-the-backup\u003e\n\n### Example BackupSourceConsul Block\n\n```yaml\nAddr: \u003chost\u003e\nToken: \u003ctoken\u003e\n```\n\nExample without ACL\n\n```yaml\nAddr: http://127.0.0.1:8500\n```\n\nExample with ACL requires token\n\n```yaml\nAddr: http://127.0.0.1:8500\nToken: 51047cd1-c243-a969-2bf1-a845405e4da9\n```\n\n#### Example BackupDestinationFilePathConfiguration Block\n\n```yaml\nPath: \"/backup/mysql-default.sql\"\n```\n\n#### Example BackupDestinationFileConfiguration Block\n\n```yaml\nDir: \"/backup/\"\nPrefix: \"mysql-default\"\nSuffix: \"sql\"\n```\n\n#### Example BackupDestinationS3Configuration Block\n\nAWS:\n\n```yaml\nAccessKey: \"admin\"\nSecretKey: \"asdfasdf\"\nEndpoint: \"https://minio.example.com\"\nBucketName: \"tergum-backups\"\nPrefix: \"mysql-default\"\nSuffix: \"sql\"\n```\n\nMinio:\n\n```yaml\naccessKey: \"aws_access_key_id\"\nsecretKey: \"aws_secret_access_key\"\nregion: \"eu-central-1\"\nbucketName: \"tergum-backups\"\nprefix: \"mysql-default\"\nsuffix: \"sql\"\n```\n\nMinio with 3 retries:\n\nYou can set `UploadRetries` (default is 0) to retry upload in case of error.\n\n```yaml\naccessKey: \"aws_access_key_id\"\nsecretKey: \"aws_secret_access_key\"\nregion: \"eu-central-1\"\nbucketName: \"tergum-backups\"\nprefix: \"mysql-default\"\nsuffix: \"sql\"\nUploadRetries: 3\n```\n\n#### Example BackupDestinationAzureBlobConfiguration Block\n\n```yaml\nAccountName: account_name\nAccountKey: account_key\nContainerName: container_name\nPrefix: \"mysql-default\"\nSuffix: \"sql\"\n```\n\n#### Example BackupDestinationTelegramConfiguration Block\n\n```yaml\nBotToken: \"123456789:ABC-DEF1234ghIkl-zyx57W2v1u123ew11\"\nChatID: -123456789\nFileName: \"backup.sql\"\n```\n\n[example](./examples/config/telegram)\n\n#### Notification Block\n\n```yaml\nBackends: {\n  Email:  \u003cNotificationBackendEmail\u003e\nTarget:\n  - \u003cNotificationTarget\u003e\n  - \u003cNotificationTarget\u003e\n  - ...\n```\n\n#### Example NotificationBackendEmail Block\n\n```yaml\nSmtpHost: \"mail.example.com\"\nSmtpPort: \"25\"\nUsename: \"aaa\"\nPassword: \"aaa/bbb\"\nFrom: \"tergum@example.com\"\n```\n\n#### NotificationTarget Block\n\n```yaml\nEmail: \u003cNotificationEmailTarget\u003e\nSlackWebhook: \u003cNotificationSlackWebhookTarget\u003e\nTelegram: \u003cNotificationTelegramTarget\u003e\n```\n\n#### Example NotificationEmailTarget Block\n\n```yaml\nEmails:\n  - ondrej@example.com\n  - monitoring@example.com\nSendOK: false\n```\n\n- `SendOK=true` will send email notification for all tergum runs (failed \u0026 OK runs)\n\n#### Example NotificationSlackWebhookTarget Block\n\n```yaml\nURLs:\n  - https://hooks.slack.com/services/xxx/yyy/zzz\nSendOK: false\n```\n\n- `SendOK=true` will send email notification for all tergum runs (failed \u0026 OK runs)\n\n#### Example NotificationTelegramTarget Block\n\n```yaml\nBotToken: \"123456789:ABC-DEF1234ghIkl-zyx57W2v1u123ew11\"\nChatIDs: -123456789\nSendOK: false\n```\n\n[example](./examples/config/telegram)\n\n- `SendOK=true` will send email notification for all tergum runs (failed \u0026 OK runs)\n\n#### Cloud Block\n\n```yaml\nEmail: \u003cemail of tergum cloud account\u003e\n```\n\n### Settings Block\n\n- `UseDoBackupV2` - use new backup processor (default is false)\n- `ExtraName` - extra name for backup file (for example \"my-backup\") - default is empty\n\n```yaml\nSettings:\n  UseDoBackupV2: true\n  ExtraName: \"my-backup\"\n```\n\n### Telemetry Block\n\n- `Origin` - origin of custom telemetry api\n- `Disable` - disable telemetry\n- `Name` - name of the instance in telemetry\n- `CollectHostData` - collect host data (hostname, os, arch, cpu, memory)\n- `CollectBackupLog` - collect backup log (backup log is sent to telemetry api)\n\n```yaml\nTelemetry:\n  Origin: \"tergum-telemetry-api.corp.com\"\n  Disable: true\n  Name: \"my-tergum\"\n  CollectHostData: true\n  CollectBackupLog: true\n```\n\n### Tergum Utils\n\n#### `tergum utils cron`\n\nSimple cron scheduler in Tergum\n\n```\ntergum utils cron \u003ccron-expression\u003e \u003ccommand\u003e [args...]\n```\n\nExample usage:\n\n```\ntergum utils cron \"0 0 * * *\" -- tergum backup -c tergum.yaml\n```\n\n## Current Project State\n\n### Backup Sources\n\n- [x] SingleFile\n- [x] Files (Dir)\n- [x] Postgres\n- [x] PostgresServer\n- [x] MySQL\n- [x] MySQLServer\n- [ ] Oracle (Enterprise)\n- [ ] S3\n- [ ] Ceph RBD\n- [ ] CephFS\n- [x] MongoDB\n- [x] Gitlab\n- [ ] Proxmox\n- [x] Kubernetes Resource\n  - [x] Kubernetes TLS Secret\n- [ ] Container Image\n- [x] Redis\n- [x] [Notion](https://notion.so)\n- [x] FTP Server (for old school hostings)\n- [x] Hashicorp Vault\n- [x] Hashicorp Consul\n- [x] Dummy (for testing)\n\n### Passwords Sources\n\n- [x] YAML\n- [x] Environment Variables\n- [ ] Hashicorp Vault\n- [ ] AWS Secrets Manager\n- [ ] Azure Key Vault\n\n### Backup Processors\n\n- [x] GZIP Compression\n- [x] Symmetric Encryption\n- [ ] AsymmetricEncryption\n- [ ] GPG Encryption\n- [ ] GPG Signatures\n\n### Backup Storage\n\n- [x] Files\n- [x] S3\n- [ ] Tergum Cloud\n- [x] Azure Blob\n- [ ] GCS (Google Cloud Storage)\n- [ ] Container Registry\n- [x] Telegram\n\n### Notification\n\n- [x] Email\n- [x] Slack\n- [x] Telegram\n- [ ] Microsoft Teams\n- [ ] Pagerduty\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsikalabs%2Ftergum","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsikalabs%2Ftergum","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsikalabs%2Ftergum/lists"}