diff options
| author | EuAndreh <eu@euandre.org> | 2023-10-08 08:26:37 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2023-11-25 12:14:34 -0300 |
| commit | e406d80377858f37ce683163b2b0ce45e59cfe9f (patch) | |
| tree | ac2a4ba2543cc1b2507e8aa57acfc039e71cf3c8 /src/scripts/backup.sh | |
| parent | Initial empty commit (diff) | |
| download | asami-e406d80377858f37ce683163b2b0ce45e59cfe9f.tar.gz asami-e406d80377858f37ce683163b2b0ce45e59cfe9f.tar.xz | |
Init server infrastructure files
Diffstat (limited to 'src/scripts/backup.sh')
| -rwxr-xr-x | src/scripts/backup.sh | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/src/scripts/backup.sh b/src/scripts/backup.sh new file mode 100755 index 0000000..6a2a4ff --- /dev/null +++ b/src/scripts/backup.sh @@ -0,0 +1,149 @@ +#!/bin/sh +set -eu + +usage() { + cat <<-'EOF' + Usage: + backup [-q] [-C COMMENT] [-x] [ARCHIVE_TAG] + backup -h + EOF +} + +help() { + cat <<-'EOF' + + + Options: + -q disable verbose mode, useful for batch sessions + -C COMMENT the comment text to be attached to the archive + -x disable checking the repository after creating the backup + -h, --help show this message + + ARCHIVE_TAG the tag used to create the new + backup (default: "manual") + + + The repository is expected to have been create with: + + $ borg init -e repokey-blake2 + + The following environment variables are expected to be exported: + + $BORG_PASSCOMMAND + $BORG_REPO + $BORG_REMOTE_PATH + + Password-less SSH access is required, usually done via adding + /root/.ssh/id_rsa.pub to the ssh remote's + $THE_REMOTE:.ssh/authorized_keys + + Root permission is also required. + + + Examples: + + Run backup from cronjob: + + $ backup + + + Run backup from cronjob: + + $ backup -q cronjob + + + Create backup with a comment, a tag, and verbose mode active, and do not + verify the repository afterwards: + + $ backup -xC 'The backup has a comment' + EOF +} + + +for flag in "$@"; do + case "$flag" in + --) + break + ;; + --help) + usage + help + exit + ;; + *) + ;; + esac +done + +VERBOSE_FLAGS='--verbose --progress' +COMMENT=' ' +CHECK=true +while getopts 'qC:xh' flag; do + case "$flag" in + q) + VERBOSE_FLAGS='' + ;; + C) + COMMENT="$OPTARG" + ;; + x) + CHECK=false + ;; + h) + usage + help + exit + ;; + *) + usage >&2 + exit 2 + ;; + esac +done +shift $((OPTIND - 1)) + +ARCHIVE_TAG="${1:-manual}" + + +if [ "$(id -un)" != 'root' ]; then + printf 'This script must be run as root.\n\n' >&2 + usage >&2 + exit 2 +fi + + +run() { + STATUS=0 + set -x + # shellcheck disable=2086 + sudo -i borg create \ + $VERBOSE_FLAGS \ + --comment "$COMMENT" \ + --stats \ + --compression lzma,9 \ + "$BORG_REPO::$(hostname)-{now}-$ARCHIVE_TAG" \ + /mnt/production/ \ + /root/ \ + /home/ \ + /etc/ \ + /var/ \ + /opt/ \ + /srv/ || STATUS=$? + set +x + + if [ "$STATUS" = 0 ]; then + return 0 + elif [ "$STATUS" = 1 ]; then + printf 'WARNING, but no ERROR.\n' >&2 + return 0 + else + return "$STATUS" + fi +} + +run + +if [ "$CHECK" = true ]; then + # shellcheck disable=2086 + sudo -i borg check $VERBOSE_FLAGS --verify-data "$BORG_REPO" +fi |