commit dedd23201006a549e528c2caff72e3d0ebe89db8
Author: Ludwig Behm <ludwig@behm.me>
Date:   Wed Apr 19 23:05:27 2023 +0200

    init

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..c7ffc1a
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1 @@
+"THE BEER-WARE LICENSE" (Revision 42):  <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you  can do whatever you want with this stuff. If we meet some day, and you think  this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6938d0e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+# postgresql-backup-scripts
+
+systemd units to backup postgresql databases
\ No newline at end of file
diff --git a/postgresql-backup@.service b/postgresql-backup@.service
new file mode 100644
index 0000000..2cd48da
--- /dev/null
+++ b/postgresql-backup@.service
@@ -0,0 +1,32 @@
+[Unit]
+Description=backup of postgresql database %i
+After=postgresql.target network.target remote-fs.target
+
+[Service]
+Type=exec
+ExecStart=/bin/bash -c '/usr/bin/pg_dump -c %i | bzip2 -9 > /var/backups/postgres/%i.sql.bz2'
+TimeoutStopSec=0
+Restart=no
+
+User=postgres
+Group=postgres
+UMask=117
+WorkingDirectory=/var/backups/postgres
+ReadOnlyDirectories=/
+ReadWritePaths=/var/backups/postgres
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectHome=yes
+NoNewPrivileges=true
+CapabilityBoundingSet=
+MemoryDenyWriteExecute=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+RestrictRealtime=true
+RestrictNamespaces=true
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
diff --git a/postgresql-backup@.timer b/postgresql-backup@.timer
new file mode 100644
index 0000000..32a6f86
--- /dev/null
+++ b/postgresql-backup@.timer
@@ -0,0 +1,8 @@
+[Unit]
+Description=daily database backup of postgresql database %i
+
+[Timer]
+OnCalendar=*-*-* 2:00
+
+[Install]
+WantedBy=timers.target