2014-02-25 19:11:29 +00:00
|
|
|
#!/bin/bash
|
2014-09-08 09:14:13 +00:00
|
|
|
#
|
|
|
|
# Simple script for creating backups with Duplicity.
|
|
|
|
# Full backups are made on the 1st day of each month or with the 'full' option.
|
|
|
|
# Incremental backups are made on any other days.
|
|
|
|
#
|
|
|
|
# contains lines from http://menzerath.eu/artikel/froxlor-alle-datenbanken-und-verzeichnisse-sichern/
|
|
|
|
# and http://wiki.hetzner.de/index.php/Duplicity_Script
|
|
|
|
#
|
|
|
|
# USAGE: backup.sh [full]
|
2014-02-25 19:11:29 +00:00
|
|
|
#
|
|
|
|
# Keep this comment untouched and do not use this software for military purposes.
|
|
|
|
# you are allowed to use this just like you want on your own risk.
|
2014-09-08 09:14:13 +00:00
|
|
|
#
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-09 21:24:18 +00:00
|
|
|
EMAIL="mail@example.com"
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# get day of the month
|
|
|
|
DATE=`date +%d`
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# Set protocol (use scp for sftp and ftp for FTP, see manpage for more)
|
|
|
|
BPROTO='ssh'
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# set user and hostname of backup account
|
|
|
|
BUSER='user'
|
|
|
|
BHOST='host.example.com'
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# Setting the password for the Backup account that the
|
|
|
|
# backup files will be transferred to.
|
|
|
|
# for sftp a public key can and should be used.
|
|
|
|
#BPASSWORD='yourpass'
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# MySQL-root-access
|
2015-09-03 09:45:29 +00:00
|
|
|
mysql_backup=false
|
2014-09-08 09:14:13 +00:00
|
|
|
mysql_user="root"
|
|
|
|
mysql_password="P4aSsw04d"
|
|
|
|
|
2015-03-06 07:56:53 +00:00
|
|
|
# Backup iptables?
|
|
|
|
iptables=false
|
|
|
|
|
|
|
|
# Backup ip6tables?
|
|
|
|
ip6tables=false
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# Temp Dir for SQL Backups (must exist)
|
|
|
|
temp="var/customers/temp_backup"
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# directories to backup (but . for /)
|
|
|
|
BDIRS="etc var/customers"
|
|
|
|
ENDDIR="/media/hddmount/duplicity"
|
|
|
|
LOGDIR='/var/log/duplicity' # must exist
|
|
|
|
|
|
|
|
# Setting the pass phrase to encrypt the backup files. Will use symmetrical keys in this case.
|
2014-09-09 21:24:18 +00:00
|
|
|
# Set one Password per Backup
|
2015-03-22 17:16:12 +00:00
|
|
|
PASSPHRASE=$(/usr/bin/openssl rand -base64 21)
|
2014-09-08 09:14:13 +00:00
|
|
|
export PASSPHRASE
|
|
|
|
|
|
|
|
# encryption algorithm for gpg, disable for default (CAST5)
|
|
|
|
# see available ones via 'gpg --version'
|
|
|
|
ALGO=AES
|
|
|
|
|
|
|
|
##############################
|
|
|
|
|
2015-03-06 07:56:53 +00:00
|
|
|
IPTABLESEXEC=`which iptables-save`
|
|
|
|
IP6TABLESEXEC=`which ip6tables-save`
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
### MySQL Export
|
|
|
|
# Date create
|
2014-02-25 19:11:29 +00:00
|
|
|
datum=$(date +"%d"."%m"."%y")
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
cd /
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# find all databases
|
2015-09-03 09:45:29 +00:00
|
|
|
if [ $mysql_backup = true ]; then
|
|
|
|
databases=`mysql -u $mysql_user -p$mysql_password -e "SHOW DATABASES;" -Nsr | grep -Ev "(information_schema|performance_schema|mysql)"`
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
# export all databases
|
2015-09-03 09:45:29 +00:00
|
|
|
for db in $databases; do
|
|
|
|
mysqldump -u $mysql_user -p$mysql_password $db > "$temp/$db.sql"
|
|
|
|
done
|
|
|
|
fi
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2015-03-06 07:56:53 +00:00
|
|
|
# export iptables and ip6tables
|
|
|
|
if [ $iptables = true ]; then
|
|
|
|
$IPTABLESEXEC > "$temp/iptables"
|
|
|
|
fi
|
|
|
|
if [ $ip6tables = true ]; then
|
|
|
|
$IP6TABLESEXEC > "$temp/ip6tables"
|
|
|
|
fi
|
|
|
|
|
2017-07-19 22:43:14 +00:00
|
|
|
# save names of installed packages
|
|
|
|
dpkg --get-selections | awk '!/deinstall|purge|hold/ {print $1}' > "$temp/packages.list"
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
### Backup
|
2014-02-25 19:11:29 +00:00
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
if [ $ALGO ]; then
|
|
|
|
GPGOPT="--gpg-options '--cipher-algo $ALGO'"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ $BPASSWORD ]; then
|
|
|
|
BAC="$BPROTO://$BUSER:$BPASSWORD@$BHOST/$ENDDIR"
|
|
|
|
else
|
|
|
|
BAC="$BPROTO://$BUSER@$BHOST/$ENDDIR"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Check to see if we're at the first of the month.
|
|
|
|
# If we are on the 1st day of the month, then run
|
|
|
|
# a full backup. If not, then run an incremental
|
|
|
|
# backup.
|
|
|
|
|
|
|
|
if [ $DATE = 01 ] || [ "$1" = 'full' ]; then
|
|
|
|
TYPE='full'
|
|
|
|
else
|
|
|
|
TYPE='incremental'
|
|
|
|
fi
|
|
|
|
|
|
|
|
for DIR in $BDIRS
|
|
|
|
do
|
|
|
|
if [ $DIR = '.' ]; then
|
|
|
|
EXCLUDELIST='/usr/local/etc/duplicity-exclude.conf'
|
|
|
|
else
|
|
|
|
EXCLUDELIST="/usr/local/etc/duplicity-exclude-$DIR.conf"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f $EXCLUDELIST ]; then
|
|
|
|
EXCLUDE="--exclude-filelist $EXCLUDELIST"
|
|
|
|
else
|
|
|
|
EXCLUDE=''
|
|
|
|
fi
|
|
|
|
|
|
|
|
# first remove everything older than 1 month
|
|
|
|
if [ $DIR = '.' ]; then
|
2015-09-03 09:45:29 +00:00
|
|
|
CMD="duplicity remove-older-than 1M -v5 --force $BAC/system >> $LOGDIR/system.log"
|
2014-09-08 09:14:13 +00:00
|
|
|
else
|
2015-09-03 09:45:29 +00:00
|
|
|
CMD="duplicity remove-older-than 1M -v5 --force $BAC/$DIR >> $LOGDIR/$DIR.log"
|
2014-09-08 09:14:13 +00:00
|
|
|
fi
|
|
|
|
eval $CMD
|
|
|
|
|
|
|
|
# do a backup
|
|
|
|
if [ $DIR = '.' ]; then
|
|
|
|
CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE / $BAC/system >> $LOGDIR/system.log"
|
|
|
|
else
|
|
|
|
CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE /$DIR $BAC/$DIR >> $LOGDIR/$DIR.log"
|
|
|
|
fi
|
|
|
|
eval $CMD
|
|
|
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
|
|
# Delete SQL Exports
|
2015-09-03 09:45:29 +00:00
|
|
|
if [ $mysql_backup = true ]; then
|
|
|
|
rm -r $temp
|
|
|
|
mkdir $temp
|
|
|
|
fi
|
2014-09-08 09:14:13 +00:00
|
|
|
|
2014-09-09 21:24:18 +00:00
|
|
|
/usr/bin/mail -s "$(date) - $(hostname -f) - Backup complete!" $EMAIL <<< "Passphrase: ${PASSPHRASE}"
|
|
|
|
|
|
|
|
# Check the manpage for all available options for Duplicity.
|
|
|
|
# Unsetting the confidential variables
|
|
|
|
unset FTP_PASSWORD
|
|
|
|
unset PASSPHRASE
|
|
|
|
|
2014-09-08 09:14:13 +00:00
|
|
|
exit 0
|