Daniel Doubrovkine bio photo

Daniel Doubrovkine

aka dB., @awscloud, former CTO @artsy, +@vestris, NYC

Email Twitter LinkedIn Github Strava
Creative Commons License

After migrating my apps to DigitalOcean apps I started looking for a MongoDB automated offsite backup solution. DO backs up all MongoDB daily automatically, but I am paranoid, and like to store an offsite copy of the data in Dropbox in monthly increments.

I first tried to build a DigitalOcean app function that could run on a schedule and connect to my database, but ran into two missing features: lack of non-web app functions, and adding functions to trusted sources. In short you can either make an app with a function that connects to a database, but then it’s always a web function with no cron support, or you can make a function that can be invoked on a cron, but cannot connect to your database.

I tried simplebackups, and found the UX somewhat to be desired and that it was too expensive for the service it provided. In theory, it could connect to DO in a single click, and set everything up, but in practice the UX didn’t always work, I had to manually allow-list a bunch of IPs, saw cryptic error messages in failing backups, etc. A serverless simple backup with your own storage costs $29/mo, which is too steep for my needs of 1 single database backup that is stored offsite. I’d just be paying for a daily cron, worth no more than $5 to me.

Finally, I settled on a cron and a script to run on my mac. The script has some nice features, such as storing credentials in the keychain that I reuse in a lot of such scripts.

AUTH=$(security find-generic-password -s $URI -w)

if [ -z "$AUTH" ]; then
    read -p 'MongoDB Username: ' USERNAME
    read -sp 'MongoDB Password: ' PASSWORD
    printf "\n"
    AUTH=$USERNAME:$PASSWORD
    security add-generic-password -a $USER -s $URI -w "$AUTH"
fi

Note that to access a DO MongoDB you need your external IP in trusted sources. It’s annoying to add in case my IP changes, but because I already get automated backups elsewhere, I am OK with these limitations.