Adding backup script
This commit is contained in:
parent
8da7ab267b
commit
452029bf39
179
borgBK.sh
Executable file
179
borgBK.sh
Executable file
@ -0,0 +1,179 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# A script to perform daily/weekly/monthly backups using Borg
|
||||||
|
|
||||||
|
# Set pruning
|
||||||
|
DAILY_KEEP=7
|
||||||
|
WEEKLY_KEEP=2
|
||||||
|
MONTHLY_KEEP=3
|
||||||
|
|
||||||
|
# Update Package list
|
||||||
|
if hash apt-get 2>/dev/null; then
|
||||||
|
dpkg-query -f '${binary:Package}\n' -W > ~/packages.txt
|
||||||
|
elif hash pacman 2>/dev/null; then
|
||||||
|
pacman -Qq > ~/packages.txt
|
||||||
|
else
|
||||||
|
echo "Distro needs to be added to package dump check"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Be sure perms are set properly on this file!!!
|
||||||
|
export BORG_PASSCOMMAND="cat $HOME/scripts/.borg-pass"
|
||||||
|
|
||||||
|
LOCAL=$(hostname --short)
|
||||||
|
REPO=/mnt/mountpoint/backups
|
||||||
|
HOST=$(hostname)
|
||||||
|
DATE=$(date +'%m-%d-%Y_%H:%M')
|
||||||
|
|
||||||
|
# Was originally used, not now. Keeping for possible re-use. Note: Does not include /opt or /etc
|
||||||
|
COMMON_ROOT_EXCLUDES="--exclude /bin --exclude /core --exclude /lib --exclude /lib64 --exclude /lost+found --exclude /mnt --exclude /proc --exclude /run --exclude /snap --exclude /tmp --exclude /var --exclude /boot --exclude /dev --exclude /lib32 --exclude /libx32 --exclude /media --exclude /root --exclude /sbin --exclude /srv --exclude /sys --exclude /usr"
|
||||||
|
|
||||||
|
COMMON_HOME_EXCLUDES="--exclude /home/*/.cache --exclude /home/*/.ccache --exclude /home/lost+found --exclude *.img --exclude *.iso"
|
||||||
|
|
||||||
|
BORG_OPTS="--stats --compression lz4"
|
||||||
|
export BORG_RELOCATED_REPO_ACCESS_IS_OK=no
|
||||||
|
export BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=no
|
||||||
|
|
||||||
|
case $HOSTNAME in
|
||||||
|
(gamesrv)
|
||||||
|
# Backup /home and minecraft srvs (in /opt/minecraft)
|
||||||
|
# Loop through all servers
|
||||||
|
dirs=(/opt/minecraft/*)
|
||||||
|
for dir in "${dirs[@]}"
|
||||||
|
do
|
||||||
|
# Get just the name, not path for systemd unit
|
||||||
|
dir=${dir//"/opt/minecraft/"}
|
||||||
|
# If running, stop the server
|
||||||
|
# Note: systemd unit properly handles the save-all and graceful stop of the server.
|
||||||
|
if ( systemctl is-active --quiet minecraft@$dir.service); then
|
||||||
|
# Note: Added the specific start/stop for each server to sudoers for nopass
|
||||||
|
sudo systemctl stop minecraft@$dir.service
|
||||||
|
mkdir -p ~/minecraft_copies
|
||||||
|
cp -r /opt/minecraft/$dir ~/minecraft_copies
|
||||||
|
sudo systemctl start minecraft@$dir.service
|
||||||
|
else
|
||||||
|
# Otherwise, just copy
|
||||||
|
mkdir -p ~/minecraft_copies
|
||||||
|
cp -r /opt/minecraft/$dir ~/minecraft_copies
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# NOTE: cannot spec two directories. Have to use shared parent directory.
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
;;
|
||||||
|
(media-srv)
|
||||||
|
# Stop all containers
|
||||||
|
docker stop $(docker ps -aq)
|
||||||
|
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
|
||||||
|
# Start all containers
|
||||||
|
docker start $(docker ps -aq)
|
||||||
|
;;
|
||||||
|
(progdev)
|
||||||
|
### Prep Gitea
|
||||||
|
# Backup gitea: LFS, DB, configs, repos
|
||||||
|
CONTAINER=gitea
|
||||||
|
HOST_BACKUP_DIR="/home/dev/docker/container_backups/gitea"
|
||||||
|
HOST_GIT_REPO_DIR="/home/dev/docker/gitea/git/repositories"
|
||||||
|
TEMP_DIR="~/tmp"
|
||||||
|
GITEA_DATA_FILENAME="gitea_backup.zip"
|
||||||
|
HOST_BACKUP_FILE="$HOST_BACKUP_DIR/$GITEA_DATA_FILENAME"
|
||||||
|
|
||||||
|
# Back up to temp files then copy on success to prevent syncing incomplete/bad files
|
||||||
|
CONTAINER_BACKUP_FILE_TEMP="$TEMP_DIR/gitea_dump_temp.zip"
|
||||||
|
docker exec -u "$id -u" -i $(docker ps -qf "name=$CONTAINER") bash -c "rm -f $CONTAINER_BACKUP_FILE_TEMP"
|
||||||
|
|
||||||
|
docker exec -u "$id -u" -i $(docker ps -qf "name=$CONTAINER") bash -c "/app/gitea/gitea dump --skip-log --file $CONTAINER_BACKUP_FILE_TEMP"
|
||||||
|
# copy this into backup folder (in container)
|
||||||
|
docker cp $CONTAINER:$CONTAINER_BACKUP_FILE_TEMP $HOST_BACKUP_FILE
|
||||||
|
|
||||||
|
# Backup with Borg
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
;;
|
||||||
|
(fevm)
|
||||||
|
# Nginx
|
||||||
|
cp /etc/nginx/nginx.conf ~/backup_confs/nginx_confs
|
||||||
|
cp -r /etc/nginx/conf.d/ ~/backup_confs/nginx_confs
|
||||||
|
# Fail2Ban
|
||||||
|
cp -r /etc/fail2ban/ ~/backup_confs/fail2ban_confs
|
||||||
|
|
||||||
|
# Backup with Borg
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
;;
|
||||||
|
(commbox)
|
||||||
|
# Matrix Synapse
|
||||||
|
cp -r /etc/matrix-synapse ~/backups/matrix-synapse
|
||||||
|
# Postgres Database
|
||||||
|
# get variables
|
||||||
|
source .matrix-vars.sh
|
||||||
|
# If matrix-synapse is running, we need to stop it before stopping postgres
|
||||||
|
if ( systemctl is-active --quiet matrix-synapse.service); then
|
||||||
|
sudo systemctl stop matrix-synapse.service
|
||||||
|
if ( systemctl is-active --quiet noah-psql.service); then
|
||||||
|
sudo systemctl stop noah-psql.service
|
||||||
|
PGPASSWORD="${dbPassword}" pg_dump "${matrixDatabase}" -h localhost -p 5432 -U "${dbUser}" -f ~/backups/postgres/pg.sql
|
||||||
|
sudo systemctl start noah-psql.service
|
||||||
|
else
|
||||||
|
PGPASSWORD="${dbPassword}" pg_dump "${matrixDatabase}" -h localhost -p 5432 -U "${dbUser}" -f ~/backups/postgres/pg.sql
|
||||||
|
fi
|
||||||
|
sudo systemctl start matrix-synapse.service
|
||||||
|
# Even if matrix-synapse isn't running, still backup the database
|
||||||
|
else
|
||||||
|
if ( systemctl is-active --quiet noah-psql.service); then
|
||||||
|
sudo systemctl stop noah-psql.service
|
||||||
|
PGPASSWORD="${dbPassword}" pg_dump "${matrixDatabase}" -h localhost -p 5432 -U "${dbUser}" -f ~/backups/postgres/pg.sql
|
||||||
|
sudo systemctl start noah-psql.service
|
||||||
|
else
|
||||||
|
PGPASSWORD="${dbPassword}" pg_dump "${matrixDatabase}" -h localhost -p 5432 -U "${dbUser}" -f ~/backups/postgres/pg.sql
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Backup with Borg
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
;;
|
||||||
|
(NovaArchSys)
|
||||||
|
# Backup with Borg
|
||||||
|
borg create -v $BORG_OPTS $REPO::$HOST-$DATE /home \
|
||||||
|
$COMMON_HOME_EXCLUDES \
|
||||||
|
# Log to journalctl
|
||||||
|
2>&1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# Unset passphrase and exit on error. Pretty sure the unset is unneeded here.
|
||||||
|
if [ "$?" = "1" ] ; then
|
||||||
|
export BORG_PASSCOMMAND=""
|
||||||
|
echo "Error on create"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Backup for $DATE complete."
|
||||||
|
# Keep 7 daily backups, 2 weekly backups, and 3 monthly ones
|
||||||
|
borg prune -v --list $REPO --keep-daily=$DAILY_KEEP --keep-weekly=$WEEKLY_KEEP --keep-monthly=$MONTHLY_KEEP
|
||||||
|
|
||||||
|
if [ "$?" = "1" ] ; then
|
||||||
|
export BORG_PASSCOMMAND=""
|
||||||
|
echo "Error on prune"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#Unset the passphrase. Again, pretty sure the unset is unneeded.
|
||||||
|
BORG_PASSCOMMAND=""
|
||||||
|
|
||||||
|
echo "Backup and pruning successfully completed."
|
||||||
|
exit 0
|
||||||
Loading…
x
Reference in New Issue
Block a user