forked from Pricetx/backup
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbackup.sh
149 lines (114 loc) · 4.34 KB
/
backup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
#!/usr/bin/env bash
# Ensure that all possible binary paths are checked
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
#Directory the script is in (for later use)
SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# Provides the 'log' command to simultaneously log to
# STDOUT and the log file with a single command
log() {
echo "$1"
echo "$(date -u +%Y-%m-%d-%H%M)" "$1" >> "${LOGFILE}"
}
# Load the backup settings
source "${SCRIPTDIR}"/backup.cfg
### CHECKS ###
# This section checks for all of the binaries used in the backup
BINARIES=( cat cd command date dirname echo find openssl pwd realpath rm rsync scp ssh tar )
# Iterate over the list of binaries, and if one isn't found, abort
for BINARY in "${BINARIES[@]}"; do
if [ ! "$(command -v $BINARY)" ]; then
log "$BINARY is not installed. Install it and try again"
exit
fi
done
# Check if the backup folders exist and are writeable
# also, check if the OpenSSL X509 certificate exists
if [ ! -w "${LOCALDIR}" ]; then
log "${LOCALDIR} either doesn't exist or isn't writable"
log "Either fix or replace the LOCALDIR setting"
exit
elif [ ! -w "${TEMPDIR}" ]; then
log "${TEMPDIR} either doesn't exist or isn't writable"
log "Either fix or replace the TEMPDIR setting"
exit
elif [ ! -r "${CRTFILE}" ]; then
log "${CRTFILE} either doesn't exist or isn't readable"
log "Either fix or replace the CRTFILE setting"
exit
fi
# Check that SSH login to remote server is successful
if [ ! "$(ssh -p ${REMOTEPORT} ${REMOTEUSER}@${REMOTESERVER} echo test)" ]; then
log "Failed to login to ${REMOTEUSER}@${REMOTESERVER}"
log "Make sure that your public key is in their authorized_keys"
exit
fi
# Check that remote directory exists and is writeable
if [ $(ssh -p "${REMOTEPORT}" "${REMOTEUSER}"@"${REMOTESERVER}" touch "${REMOTEDIR}"/test) ]; then
log "Failed to write to ${REMOTEDIR} on ${REMOTESERVER}"
log "Check file permissions and that ${REMOTEDIR} is correct"
exit
else
# Remove the temporary file
ssh -p "${REMOTEPORT}" "${REMOTEUSER}"@"${REMOTESERVER}" rm "${REMOTEDIR}"/test
fi
BACKUPDATE=$(date -u +%Y-%m-%d-%H%M)
STARTTIME=$(date +%s)
TARFILE="${LOCALDIR}""$(hostname)"-"${BACKUPDATE}".tgz
SQLFILE="${TEMPDIR}mysql_${BACKUPDATE}.sql"
cd "${LOCALDIR}"
### END OF CHECKS ###
### MYSQL BACKUP ###
if [ ! $(command -v mysqldump) ]; then
log "mysqldump not found, not backing up MySQL!"
elif [ -z $ROOTMYSQL ]; then
log "MySQL root password not set, not backing up MySQL!"
else
log "Starting MySQL dump dated ${BACKUPDATE}"
mysqldump -u root -p${ROOTMYSQL} --all-databases > ${SQLFILE}
log "MySQL dump complete"
#Add MySQL backup to BACKUP list
BACKUP=(${BACKUP[*]} ${SQLFILE})
fi
### END OF MYSQL BACKUP ###
### TAR BACKUP ###
log "Starting tar backup dated ${BACKUPDATE}"
# Prepare tar command
TARCMD="-zcf ${TARFILE} ${BACKUP[*]}"
# Add exclusions to front of command
for i in ${EXCLUDE[@]}; do
TARCMD="--exclude $i ${TARCMD}"
done
# Run tar
tar ${TARCMD}
# Encrypt tar file
log "Encrypting backup"
openssl smime -encrypt -aes256 -binary -in ${TARFILE} -out ${TARFILE}.enc -outform DER -stream ${CRTFILE}
log "Encryption completed"
BACKUPSIZE=$(du -h "${TARFILE}" | cut -f1)
log "Tar backup complete. Filesize: ${BACKUPSIZE}"
# Delete unencrypted tar
rm "${TARFILE}"
log "Tranferring tar backup to remote server"
scp -P "${REMOTEPORT}" "${TARFILE}".enc "${REMOTEUSER}"@"${REMOTESERVER}":"${REMOTEDIR}"
log "File transfer completed"
if [ $(command -v mysqldump) ]; then
if [ ! -z ${ROOTMYSQL} ]; then
log "Deleting temporary MySQL backup"
rm ${SQLFILE}
fi
fi
### END OF TAR BACKUP ###
### RSYNC BACKUP ###
log "Starting rsync backups"
for i in ${RSYNCDIR[@]}; do
rsync -avz --no-links --progress --delete --relative -e"ssh -p ${REMOTEPORT}" $i ${REMOTEUSER}@${REMOTESERVER}:${REMOTEDIR}
done
log "rsync backups complete"
### END OF RSYNC BACKUP ###
### BACKUP DELETION ##
bash "${SCRIPTDIR}"/deleteoldbackups.sh
bash "${SCRIPTDIR}"/deleteoldbackups.sh --remote
### END OF BACKUP DELETION ###
ENDTIME=$(date +%s)
DURATION=$((ENDTIME - STARTTIME))
log "All done. Backup and transfer completed in ${DURATION} seconds"