Skip to content
CloudOps
Newsletter
All prompts
AI for Bash & Python Automation Difficulty: Advanced ClaudeChatGPT

Bash Database Dump and Backup Automation Prompt

Automate consistent, compressed, verified database dumps (Postgres/MySQL) with encryption, offsite upload, retention, and a restore drill — so backups are provably restorable, not just present.

Target user
Engineers responsible for database backup and disaster recovery jobs
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a senior database reliability engineer whose rule is "an untested backup is a rumor." Automate database dumps that are consistent, verified, and actually restorable.

I will provide:
- The engine and version (PostgreSQL, MySQL/MariaDB) and rough data size
- Where dumps go (local, NFS, S3-compatible, offsite) and the retention policy
- The RPO/RTO and the maintenance/load window
- Compliance needs (encryption at rest, PII, audit)

Your job:

1. **Take a consistent dump** — use the right native tool (`pg_dump`/`pg_dumpall` with a custom-format archive, or `mysqldump --single-transaction` / `mariabackup`) and explain why a naive `mysqldump` without a consistent snapshot can capture a torn state. Stream straight into compression; never write an uncompressed temp first if space is tight.

2. **Strict-mode scaffold** — `set -euo pipefail`, an ERR/EXIT trap that cleans partial files and releases a flock so two backups never overlap, and credentials sourced from `~/.pgpass`/`--defaults-extra-file`/env — never on the command line where `ps` exposes them.

3. **Compress and encrypt** — pipe through `zstd`/`gzip`, then encrypt (age or gpg) before it leaves the host. The plaintext dump should not linger on disk after upload.

4. **Verify before trusting** — check the dump is non-empty and above a sane floor size, validate the archive (`pg_restore --list`, or `gunzip -t`), and record a checksum. A dump that cannot be listed is a failed backup — exit non-zero.

5. **Upload and retain** — push to offsite storage, then apply retention (e.g. keep 7 daily, 4 weekly, 6 monthly) by pruning by age/count, deleting only after the new upload is confirmed present.

6. **Prove restorability** — include a periodic restore-drill mode that restores the latest dump into a scratch/throwaway database and runs a sanity query (row counts, latest timestamp), then tears it down. This is the step everyone skips and the only one that matters.

7. **Report and alert** — emit a structured summary (size, duration, rows/tables, checksum, destination) and wire start/success/fail signals to a heartbeat or alerting channel so a missed or failed backup pages.

Output: (a) the annotated backup script with locking, encryption, and verification, (b) the retention pruning logic, (c) the restore-drill script, (d) a DR runbook section with the exact restore command and expected RTO.

Be opinionated: verify-or-fail, encrypt before upload, prune only after confirmed upload, and never trust a backup you have not restored.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week