Incremental backups with duplicity

2014-09-08 11:14:13 +02:00 · 2014-09-08 11:14:13 +02:00 · 96c69183fd
commit 96c69183fd
parent e91d147cad
4 changed files with 121 additions and 86 deletions
--- a/README.md
+++ b/README.md
@ -1,12 +1,14 @@
 Froxlorbackup
 =============

-Backup your Froxlor Webhosting to another server. Encrypted, via ssh.
+Backup your Froxlor Webhosting (or anything else) to another server. Encrypted, via ssh.

-Works until version 0.9.32.
+Works for all versions.

-SQL works now also for Versions > 0.9.32.
-HTML is planned to be backed up with duplicity
+0. install duplicity and all required packages
+1. copy the script to the froxlorserver and run it as /$PATH/backup-server.sh full
+2. Add a cronjob like "17 2 * * * /$PATH/backup-server.sh"
+3. Let the magic happen

-The decrypt.sh file has just two lines. With them you can decrypt and untar your backups as long as they are back on the local storage.
-For $encrypt in this file use the same path as you do in any other file
+You can restore your data with
+duplicity $EXTERNALPATH/TO/file $INTERNALPATH/TO/file
--- a/backup-server.sh
+++ b/backup-server.sh
@ -1,46 +1,132 @@
 #!/bin/bash
-# 2014 by Mainboarder.de
+#
+# Simple script for creating backups with Duplicity.
+# Full backups are made on the 1st day of each month or with the 'full' option.
+# Incremental backups are made on any other days.
+#
+# contains lines from http://menzerath.eu/artikel/froxlor-alle-datenbanken-und-verzeichnisse-sichern/
+# and http://wiki.hetzner.de/index.php/Duplicity_Script
+#
+# USAGE: backup.sh [full]
 #
 # Keep this comment untouched and do not use this software for military purposes.
 # you are allowed to use this just like you want on your own risk.
-# 
+#

-path="var/customers/backups/"
-temp="var/customers/temp-backup-path/"
-sshkey="/etc/ssh/ssh_host_dsa_key"
-encryption="path/to/enc.key"
-external="user@extern.server.de"
-externalpath="/media/mountpoint/backups"
+# get day of the month
+DATE=`date +%d`

-# um <<tar - Entferne führende „/“ von Elementnamen>> zu vermeiden
-cd /
+# Set protocol (use scp for sftp and ftp for FTP, see manpage for more)
+BPROTO='ssh'

-# Ordner finden
-for f in $( ls $path); do
+# set user and hostname of backup account
+BUSER='user'
+BHOST='host.example.com'

-# HTML-Dateien finden
-        for g in $( ls $path$f | grep html); do
+# Setting the password for the Backup account that the
+# backup files will be transferred to.
+# for sftp a public key can and should be used.
+#BPASSWORD='yourpass'

-# Dateien kopieren
-                cp $path$f/$g $temp
-        done
-done
+# MySQL-root-access
+mysql_user="root"
+mysql_password="P4aSsw04d"

-#Datum erstellen
+# Temp Dir for SQL Backups (must exist)
+temp="var/customers/temp_backup"
+
+# directories to backup (but . for /)
+BDIRS="etc var/customers"
+ENDDIR="/media/hddmount/duplicity"
+LOGDIR='/var/log/duplicity' # must exist
+
+# Setting the pass phrase to encrypt the backup files. Will use symmetrical keys in this case.
+PASSPHRASE='ult4a s3C43t!'
+export PASSPHRASE
+
+# encryption algorithm for gpg, disable for default (CAST5)
+# see available ones via 'gpg --version'
+ALGO=AES
+
+##############################
+
+### MySQL Export
+# Date create
 datum=$(date +"%d"."%m"."%y")

-#Dateien zusammenpacken und komprimieren
-tar cfvz backup-html-$datum.tar.gz $temp
+cd /

-#Verschlüsseln und gepackte Datei löschen
-openssl aes-256-cbc -kfile $encryption -in backup-html-$datum.tar.gz -out ./backup-html-$datum.enc.tar.gz
+# find all databases
+databases=`mysql -u $mysql_user -p$mysql_password -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema|mysql)"`

-rm backup-html-$datum.tar.gz
+# export all databases
+for db in $databases; do
+    mysqldump -u $mysql_user -p$mysql_password $db > "$temp/$db.sql"
+done

-#Kopieren und verschlüsselte Datei löschen
-scp -i $sshkey ./backup-html-$datum.enc.tar.gz $external:$externalpath
+### Backup

-rm backup-html-$datum.enc.tar.gz
+if [ $ALGO ]; then
+ GPGOPT="--gpg-options '--cipher-algo $ALGO'"
+fi
+
+if [ $BPASSWORD ]; then
+ BAC="$BPROTO://$BUSER:$BPASSWORD@$BHOST/$ENDDIR"
+else
+ BAC="$BPROTO://$BUSER@$BHOST/$ENDDIR"
+fi
+
+# Check to see if we're at the first of the month.
+# If we are on the 1st day of the month, then run
+# a full backup. If not, then run an incremental
+# backup.
+
+if [ $DATE = 01 ] || [ "$1" = 'full' ]; then
+ TYPE='full'
+else
+ TYPE='incremental'
+fi
+
+for DIR in $BDIRS
+do
+  if [ $DIR = '.' ]; then
+    EXCLUDELIST='/usr/local/etc/duplicity-exclude.conf'
+  else
+    EXCLUDELIST="/usr/local/etc/duplicity-exclude-$DIR.conf"
+  fi
+
+  if [ -f $EXCLUDELIST ]; then
+    EXCLUDE="--exclude-filelist $EXCLUDELIST"
+  else
+    EXCLUDE=''
+  fi
+
+  # first remove everything older than 1 month
+  if [ $DIR = '.' ]; then
+   CMD="duplicity remove-older-than 1M -v5 $BAC/system >> $LOGDIR/system.log"
+  else
+   CMD="duplicity remove-older-than 1M -v5 $BAC/$DIR >> $LOGDIR/$DIR.log"
+  fi
+  eval $CMD
+
+  # do a backup
+  if [ $DIR = '.' ]; then
+    CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE / $BAC/system >> $LOGDIR/system.log"
+  else
+    CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE /$DIR $BAC/$DIR >> $LOGDIR/$DIR.log"
+  fi
+  eval  $CMD
+
+done
+
+# Check the manpage for all available options for Duplicity.
+# Unsetting the confidential variables
+unset PASSPHRASE
+unset FTP_PASSWORD
+
+# Delete SQL Exports

 rm -r $temp
 mkdir $temp
+
+exit 0
--- a/backup-sql.sh
+++ b/backup-sql.sh
@ -1,46 +0,0 @@
-#!/bin/bash
-# 2014 by Mainboarder.de
-#
-# Keep this comment untouched and do not use this software for military purposes.
-# you are allowed to use this just like you want on your own risk.
-#
-# contains lines from http://menzerath.eu/artikel/froxlor-alle-datenbanken-und-verzeichnisse-sichern/
-#
-
-temp="var/customers/temp-backup-path"
-backuppath="/mnt/usb/backups"
-encryption="/path/to/enc.key"
-sshkey="/etc/ssh/ssh_host_dsa_key"
-external="user@extern.server.de"
-mysql_user="root"
-mysql_password="root"
-
-# Programm
-
-# um <<tar - Entferne führende „/“ von Elementnamen>> zu vermeiden
-cd /
-
-#Datum erstellen
-datum=$(date +"%d"."%m"."%y")
-
-#Datenbanken finden
-databases=`mysql -u $mysql_user -p$mysql_password -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema|mysql)"`
-
-#Datenbanken exportieren
-for db in $databases; do
-    mysqldump -u $mysql_user -p$mysql_password $db > "$temp/$db.sql"
-done
-
-# Alle SQL-Dumps in ein Archiv packen
-tar cfvz $temp/../backup-sql-$datum.tar.gz $temp
-
-#Verschlüsseln und gepackte Datei löschen
-openssl aes-256-cbc -kfile $encryption -in $temp/../backup-sql-$datum.tar.gz -out $temp/backup-sql-$datum.enc.tar.gz
-
-rm $temp/../backup-sql-$datum.tar.gz
-
-#Kopieren und verschlüsselte Datei löschen
-scp -i $sshkey $temp/backup-sql-$datum.enc.tar.gz $external:$backuppath
-
-rm -r $temp
-mkdir $temp
--- a/decrypt.sh
+++ b/decrypt.sh
@ -1,7 +0,0 @@
-##
-# This just shows how to decrypt and untar files
-# replace $encryption with your path to the encryption file
-##
-
-openssl aes-256-cbc -d -kfile $encryption -in file.enc.tar.gz > file.tar.gz
-tar xzfv file.tar.gz