diff --git a/README.md b/README.md index 03aadfc..7eabe0a 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,14 @@ Froxlorbackup ============= -Backup your Froxlor Webhosting to another server. Encrypted, via ssh. +Backup your Froxlor Webhosting (or anything else) to another server. Encrypted, via ssh. -Works until version 0.9.32. +Works for all versions. -SQL works now also for Versions > 0.9.32. -HTML is planned to be backed up with duplicity +0. install duplicity and all required packages +1. copy the script to the froxlorserver and run it as /$PATH/backup-server.sh full +2. Add a cronjob like "17 2 * * * /$PATH/backup-server.sh" +3. Let the magic happen -The decrypt.sh file has just two lines. With them you can decrypt and untar your backups as long as they are back on the local storage. -For $encrypt in this file use the same path as you do in any other file +You can restore your data with +duplicity $EXTERNALPATH/TO/file $INTERNALPATH/TO/file diff --git a/backup-server.sh b/backup-server.sh index 0d8744d..c16a330 100644 --- a/backup-server.sh +++ b/backup-server.sh @@ -1,46 +1,132 @@ #!/bin/bash -# 2014 by Mainboarder.de +# +# Simple script for creating backups with Duplicity. +# Full backups are made on the 1st day of each month or with the 'full' option. +# Incremental backups are made on any other days. +# +# contains lines from http://menzerath.eu/artikel/froxlor-alle-datenbanken-und-verzeichnisse-sichern/ +# and http://wiki.hetzner.de/index.php/Duplicity_Script +# +# USAGE: backup.sh [full] # # Keep this comment untouched and do not use this software for military purposes. # you are allowed to use this just like you want on your own risk. -# +# -path="var/customers/backups/" -temp="var/customers/temp-backup-path/" -sshkey="/etc/ssh/ssh_host_dsa_key" -encryption="path/to/enc.key" -external="user@extern.server.de" -externalpath="/media/mountpoint/backups" +# get day of the month +DATE=`date +%d` -# um <> zu vermeiden -cd / +# Set protocol (use scp for sftp and ftp for FTP, see manpage for more) +BPROTO='ssh' -# Ordner finden -for f in $( ls $path); do +# set user and hostname of backup account +BUSER='user' +BHOST='host.example.com' -# HTML-Dateien finden - for g in $( ls $path$f | grep html); do +# Setting the password for the Backup account that the +# backup files will be transferred to. +# for sftp a public key can and should be used. +#BPASSWORD='yourpass' -# Dateien kopieren - cp $path$f/$g $temp - done -done +# MySQL-root-access +mysql_user="root" +mysql_password="P4aSsw04d" -#Datum erstellen +# Temp Dir for SQL Backups (must exist) +temp="var/customers/temp_backup" + +# directories to backup (but . for /) +BDIRS="etc var/customers" +ENDDIR="/media/hddmount/duplicity" +LOGDIR='/var/log/duplicity' # must exist + +# Setting the pass phrase to encrypt the backup files. Will use symmetrical keys in this case. +PASSPHRASE='ult4a s3C43t!' +export PASSPHRASE + +# encryption algorithm for gpg, disable for default (CAST5) +# see available ones via 'gpg --version' +ALGO=AES + +############################## + +### MySQL Export +# Date create datum=$(date +"%d"."%m"."%y") -#Dateien zusammenpacken und komprimieren -tar cfvz backup-html-$datum.tar.gz $temp +cd / -#Verschlüsseln und gepackte Datei löschen -openssl aes-256-cbc -kfile $encryption -in backup-html-$datum.tar.gz -out ./backup-html-$datum.enc.tar.gz +# find all databases +databases=`mysql -u $mysql_user -p$mysql_password -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema|mysql)"` -rm backup-html-$datum.tar.gz +# export all databases +for db in $databases; do + mysqldump -u $mysql_user -p$mysql_password $db > "$temp/$db.sql" +done -#Kopieren und verschlüsselte Datei löschen -scp -i $sshkey ./backup-html-$datum.enc.tar.gz $external:$externalpath +### Backup -rm backup-html-$datum.enc.tar.gz +if [ $ALGO ]; then + GPGOPT="--gpg-options '--cipher-algo $ALGO'" +fi + +if [ $BPASSWORD ]; then + BAC="$BPROTO://$BUSER:$BPASSWORD@$BHOST/$ENDDIR" +else + BAC="$BPROTO://$BUSER@$BHOST/$ENDDIR" +fi + +# Check to see if we're at the first of the month. +# If we are on the 1st day of the month, then run +# a full backup. If not, then run an incremental +# backup. + +if [ $DATE = 01 ] || [ "$1" = 'full' ]; then + TYPE='full' +else + TYPE='incremental' +fi + +for DIR in $BDIRS +do + if [ $DIR = '.' ]; then + EXCLUDELIST='/usr/local/etc/duplicity-exclude.conf' + else + EXCLUDELIST="/usr/local/etc/duplicity-exclude-$DIR.conf" + fi + + if [ -f $EXCLUDELIST ]; then + EXCLUDE="--exclude-filelist $EXCLUDELIST" + else + EXCLUDE='' + fi + + # first remove everything older than 1 month + if [ $DIR = '.' ]; then + CMD="duplicity remove-older-than 1M -v5 $BAC/system >> $LOGDIR/system.log" + else + CMD="duplicity remove-older-than 1M -v5 $BAC/$DIR >> $LOGDIR/$DIR.log" + fi + eval $CMD + + # do a backup + if [ $DIR = '.' ]; then + CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE / $BAC/system >> $LOGDIR/system.log" + else + CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE /$DIR $BAC/$DIR >> $LOGDIR/$DIR.log" + fi + eval $CMD + +done + +# Check the manpage for all available options for Duplicity. +# Unsetting the confidential variables +unset PASSPHRASE +unset FTP_PASSWORD + +# Delete SQL Exports rm -r $temp mkdir $temp + +exit 0 diff --git a/backup-sql.sh b/backup-sql.sh deleted file mode 100644 index cfdb5f2..0000000 --- a/backup-sql.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# 2014 by Mainboarder.de -# -# Keep this comment untouched and do not use this software for military purposes. -# you are allowed to use this just like you want on your own risk. -# -# contains lines from http://menzerath.eu/artikel/froxlor-alle-datenbanken-und-verzeichnisse-sichern/ -# - -temp="var/customers/temp-backup-path" -backuppath="/mnt/usb/backups" -encryption="/path/to/enc.key" -sshkey="/etc/ssh/ssh_host_dsa_key" -external="user@extern.server.de" -mysql_user="root" -mysql_password="root" - -# Programm - -# um <> zu vermeiden -cd / - -#Datum erstellen -datum=$(date +"%d"."%m"."%y") - -#Datenbanken finden -databases=`mysql -u $mysql_user -p$mysql_password -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema|mysql)"` - -#Datenbanken exportieren -for db in $databases; do - mysqldump -u $mysql_user -p$mysql_password $db > "$temp/$db.sql" -done - -# Alle SQL-Dumps in ein Archiv packen -tar cfvz $temp/../backup-sql-$datum.tar.gz $temp - -#Verschlüsseln und gepackte Datei löschen -openssl aes-256-cbc -kfile $encryption -in $temp/../backup-sql-$datum.tar.gz -out $temp/backup-sql-$datum.enc.tar.gz - -rm $temp/../backup-sql-$datum.tar.gz - -#Kopieren und verschlüsselte Datei löschen -scp -i $sshkey $temp/backup-sql-$datum.enc.tar.gz $external:$backuppath - -rm -r $temp -mkdir $temp diff --git a/decrypt.sh b/decrypt.sh deleted file mode 100644 index e25bd26..0000000 --- a/decrypt.sh +++ /dev/null @@ -1,7 +0,0 @@ -## -# This just shows how to decrypt and untar files -# replace $encryption with your path to the encryption file -## - -openssl aes-256-cbc -d -kfile $encryption -in file.enc.tar.gz > file.tar.gz -tar xzfv file.tar.gz