From 4f75b9dffb741253c12be0fea4e44516ca19befb Mon Sep 17 00:00:00 2001
From: kappa <kappa@inouter.com>
Date: Wed, 25 Mar 2026 16:37:49 +0900
Subject: [PATCH] =?UTF-8?q?OpenWrt=20=EB=B0=B1=EC=97=85=20=EC=84=A4?=
 =?UTF-8?q?=EC=A0=95=20=EC=B6=94=EA=B0=80:=20sysupgrade=20=E2=86=92=20NAS,?=
 =?UTF-8?q?=20cron=2003:30?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 infra/backup.md  | 13 +++++++++++++
 infra/openwrt.md | 20 ++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/infra/backup.md b/infra/backup.md
index 53b1246..431b17d 100644
--- a/infra/backup.md
+++ b/infra/backup.md
@@ -117,6 +117,19 @@ K3s datastore인 외부 etcd 클러스터의 스냅샷 백업.
 
 NAS `/volume1/k3s-backup/` → R2 `k3s-backup` 버킷 (매일 05:00)
 
+## OpenWrt 라우터 백업
+
+- **호스트**: openwrt-gw (root@100.66.60.66)
+- **스크립트**: `/usr/local/bin/backup-openwrt.sh`
+- **스케줄**: cron 매일 03:30
+- **방식**: `sysupgrade -b /tmp/backup-openwrt.tar.gz` → scp → NAS
+- **대상**: `kaffa@192.168.9.100:/volume1/k3s-backup/openwrt/`
+- **SSH 키**: `/root/.ssh/id_ed25519` (Dropbear, dbclient 또는 `ssh -i` 필요)
+- **보관**: 7일 초과 자동 삭제
+- **크기**: ~18KB
+- **포함**: `/etc/` 전체 (haproxy.cfg, nftables.d/, config/firewall, config/network, crontabs/, ssh 키 등)
+- **복원**: `sysupgrade -r backup.tar.gz`
+
 ## k3s 백업 (기존)
 
 - **호스트**: Synology NAS
diff --git a/infra/openwrt.md b/infra/openwrt.md
index 644daa6..9ee128b 100644
--- a/infra/openwrt.md
+++ b/infra/openwrt.md
@@ -68,6 +68,26 @@ LAN(192.168.1.0/24, 192.168.9.0/24)에서 공인IP(220.120.65.245)로 접근 시
 
 WAN TCP 80/443 → 192.168.9.1:80/443 (HAProxy)로 DNAT.
 
+## 백업
+
+- **스크립트**: `/usr/local/bin/backup-openwrt.sh`
+- **스케줄**: cron 매일 03:30
+- **방식**: `sysupgrade -b` → scp → NAS
+- **NAS 경로**: `kaffa@192.168.9.100:/volume1/k3s-backup/openwrt/`
+- **SSH 키**: `/root/.ssh/id_ed25519`
+- **보관**: 7일 초과 자동 삭제
+- **크기**: ~18KB
+- **복원**: `sysupgrade -r backup.tar.gz`
+- **포함**: `/etc/` 전체 (haproxy.cfg, nftables.d/, config/, crontabs/, ssh 키 등)
+- **R2 연동**: NAS `/volume1/k3s-backup/` → R2 `k3s-backup` 버킷 (기존 r2-backup.timer로 자동 포함)
+
+## cron 작업
+
+| 스케줄 | 스크립트 | 용도 |
+|--------|----------|------|
+| 03:30 | `/usr/local/bin/backup-openwrt.sh` | 설정 백업 → NAS |
+| 04:00 | `/etc/cdn-filter-update.sh` | BunnyCDN+Cloudflare IP 갱신 |
+
 ## 관련 문서
 
 - [[infra-hosts]] — 서버 목록