Compare commits
10 Commits
NextCloudB
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
8efaed6bb7 | ||
|
ec36c5ca12 | ||
|
3b7722ab56 | ||
|
26c5fc1f4f | ||
|
b5b52a3025 | ||
|
2dce78adbe | ||
|
abb2a3983d | ||
|
4dc34aa23d | ||
|
b8f96227cc | ||
|
9e704bd440 |
115
README.md
115
README.md
@ -25,36 +25,40 @@ This script automates the following tasks:
|
||||
- [Environment notes](#environment-notes)
|
||||
- [Why this script must be run as root](#why-this-script-must-be-run-as-root)
|
||||
- [Script parameters](#script-parameters)
|
||||
- [Required parameters](#required-parameters)
|
||||
- [NextCloud data directory: -d _/path/to/data/_](#nextcloud-data-directory--d-_pathtodata_)
|
||||
- [NextCloud webroot: -n _/path/to/nextcloud/_](#nextcloud-webroot--n-_pathtonextcloud_)
|
||||
- [webuser account: -w _accountName_](#webuser-account--w-_accountname_)
|
||||
- [Optional parameters](#optional-parameters)
|
||||
- [Path to 503 error page: -5 _/path/to/filename.html_](#path-to-503-error-page--5-_pathtofilenamehtml_)
|
||||
- [Path to borg details file: -b _/path/to/filename.file_](#path-to-borg-details-file--b-_pathtofilenamefile_)
|
||||
- [Desired log file location: -l _/path/to/filename.file_](#desired-log-file-location--l-_pathtofilenamefile_)
|
||||
- [Path to SQL details file: -s _/path/to/filename.file_](#path-to-sql-details-file--s-_pathtofilenamefile_)
|
||||
- [Verbose output from borg: -v (no arguments)](#verbose-output-from-borg--v-no-arguments)
|
||||
- [Path to webroot: -w _/path/to/webroot/_](#path-to-webroot--w-_pathtowebroot_)
|
||||
- [Required parameters](#required-parameters)
|
||||
- [NextCloud data directory: -d _/path/to/data/_](#nextcloud-data-directory--d-pathtodata)
|
||||
- [NextCloud webroot: -n _/path/to/nextcloud/_](#nextcloud-webroot--n-pathtonextcloud)
|
||||
- [webuser account: -w _accountName_](#webuser-account--w-accountname)
|
||||
- [Optional parameters](#optional-parameters)
|
||||
- [Path to 503 error page: -5 _/path/to/filename.html_](#path-to-503-error-page--5-pathtofilenamehtml)
|
||||
- [Path to borg details file: -b _/path/to/filename.file_](#path-to-borg-details-file--b-pathtofilenamefile)
|
||||
- [Desired log file location: -l _/path/to/filename.file_](#desired-log-file-location--l-pathtofilenamefile)
|
||||
- [Path to SQL details file: -s _/path/to/filename.file_](#path-to-sql-details-file--s-pathtofilenamefile)
|
||||
- [Verbose output from borg: -v (no arguments)](#verbose-output-from-borg--v-no-arguments)
|
||||
- [Path to webroot: -w _/path/to/webroot/_](#path-to-webroot--w-pathtowebroot)
|
||||
- [Borg details file](#borg-details-file)
|
||||
- [Protect your borg details file](#protect-your-borg-details-file)
|
||||
- [borg specific entries (lines 1-4)](#borg-specific-entries-lines-1-4)
|
||||
- [additional files/directories to backup](#additional-filesdirectories-to-backup)
|
||||
- [exclusion patterns](#exclusion-patterns)
|
||||
- [prune timeframe options](#prune-timeframe-options)
|
||||
- [borg remote location](#borg-remote-location)
|
||||
- [Examples](#examples)
|
||||
- [Protect your borg details file](#protect-your-borg-details-file)
|
||||
- [borg specific entries (lines 1-4)](#borg-specific-entries-lines-1-4)
|
||||
- [Line 1: Path to borg base directory](#line-1-path-to-borg-base-directory)
|
||||
- [Line 2: Path to SSH key for remote server](#line-2-path-to-ssh-key-for-remote-server)
|
||||
- [Line 3: Connection string to remote repo](#line-3-connection-string-to-remote-repo)
|
||||
- [Line 4: Password for borg repo/repo key](#line-4-password-for-borg-reporepo-key)
|
||||
- [additional files/directories to backup](#additional-filesdirectories-to-backup)
|
||||
- [exclusion patterns](#exclusion-patterns)
|
||||
- [prune timeframe options](#prune-timeframe-options)
|
||||
- [borg remote location](#borg-remote-location)
|
||||
- [Examples](#examples)
|
||||
- [SQL details file](#sql-details-file)
|
||||
- [Protect your sql details file](#protect-your-sql-details-file)
|
||||
- [Protect your sql details file](#protect-your-sql-details-file)
|
||||
- [503 functionality](#503-functionality)
|
||||
- [Conditional forwarding by your webserver](#conditional-forwarding-by-your-webserver)
|
||||
- [NGINX](#nginx)
|
||||
- [Apache](#apache)
|
||||
- [Disabling 503 functionality altogether](#disabling-503-functionality-altogether)
|
||||
- [Conditional forwarding by your webserver](#conditional-forwarding-by-your-webserver)
|
||||
- [NGINX](#nginx)
|
||||
- [Apache](#apache)
|
||||
- [Disabling 503 functionality altogether](#disabling-503-functionality-altogether)
|
||||
- [Scheduling: Cron](#scheduling-cron)
|
||||
- [The log file](#the-log-file)
|
||||
- [Using Logwatch](#using-logwatch)
|
||||
- [Remember to rotate your logs](#remember-to-rotate-your-logs)
|
||||
- [Using Logwatch](#using-logwatch)
|
||||
- [Remember to rotate your logs](#remember-to-rotate-your-logs)
|
||||
- [Final notes](#final-notes)
|
||||
|
||||
## Installation/copying
|
||||
@ -201,9 +205,9 @@ example entries. The file must have the following information in the following
|
||||
order:
|
||||
|
||||
1. path to borg base directory **(required)**
|
||||
2. path to ssh private key for repo **(required)**
|
||||
2. path to ssh private key for remote server **(required)**
|
||||
3. connection string to remote repo **(required)**
|
||||
4. password for ssh key/repo **(required)**
|
||||
4. password for borg repo/repo key **(required)**
|
||||
5. path to file listing additional files/directories to backup
|
||||
6. path to file containing borg-specific exclusion patterns
|
||||
7. prune timeframe options
|
||||
@ -226,10 +230,59 @@ chmod 600 nc_borg.details # restrict access to root only (read/write)
|
||||
|
||||
If you need help with these options, then you should consult the borg
|
||||
documentation or search my blog at
|
||||
[https://mytechiethoughts.com](https://mytechiethoughts.com) for borg. This is
|
||||
especially true if you want to understand why an SSH key and passphrase are
|
||||
preferred and why just a passphrase on it's own presents problems automating
|
||||
borg backups.
|
||||
[https://mytechiethoughts.com](https://mytechiethoughts.com) for borg. Here's a
|
||||
very brief overview:
|
||||
|
||||
#### Line 1: Path to borg base directory
|
||||
|
||||
This is primary directory on your local system where your borg configuration is
|
||||
located, **NOT* the path to your borg binary. The base directory contains the
|
||||
borg configuration, cache, security files and keys.
|
||||
|
||||
#### Line 2: Path to SSH key for remote server
|
||||
|
||||
This is the SSH key used to connect to your remote (backup) server where your
|
||||
borg repo is located. **This is NOT your borg repo key!**
|
||||
|
||||
> Please note: If you are planning on executing this script via cron or some
|
||||
> other form of automation, it is *highly recommended* that you use an SSH key
|
||||
> **without** a password! SSH is designed such that passwords cannot simply be
|
||||
> passed to it via environment variables, etc. so this is something not easily
|
||||
> automated by a script such as this for security reasons. As such, your
|
||||
> computer will sit and wait for you to enter the password and will NOT execute
|
||||
> the actual backup portion of the script until the SSH key password is provided.
|
||||
>
|
||||
> If you really want/need to use an SSH key password, you will have to look into
|
||||
> somethign like GNOME keyring or SSH-agent to provide a secure automated way to
|
||||
> provide that password to SSH and allow this script to continue.
|
||||
>
|
||||
> In practice, SSH keys without passwords are still quite safe since the key
|
||||
> must still be known in order to connect and most keys are quite long. In
|
||||
> addition, they key only connects to the remote server, your actual information
|
||||
> within the borg repository is still encrypted and secured with both a key and
|
||||
> password.
|
||||
|
||||
#### Line 3: Connection string to remote repo
|
||||
|
||||
This is the full server and path required to connect to your borg repo on the
|
||||
remote server. Very often it is the in the form of:
|
||||
|
||||
```
|
||||
user@servername.tld:repo-name/
|
||||
```
|
||||
|
||||
for rsync.net it is in the following form:
|
||||
|
||||
```
|
||||
username@server-number.rsync.net:repo-name/
|
||||
```
|
||||
|
||||
#### Line 4: Password for borg repo/repo key
|
||||
|
||||
This is the password needed to access and decrypt your *borg repo*. Assuming
|
||||
you set up your borg repo using recommended practices, this will actually be the
|
||||
password for your *borg repo private key*. **This is NOT your SSH key
|
||||
password!**
|
||||
|
||||
### additional files/directories to backup
|
||||
|
||||
|
@ -12,7 +12,6 @@ lit="\e[93m"
|
||||
op="\e[39m"
|
||||
info="\e[96m"
|
||||
note="\e[95m"
|
||||
stamp="[`date +%Y-%m-%d` `date +%H:%M:%S`]"
|
||||
|
||||
|
||||
### Functions ###
|
||||
@ -90,6 +89,11 @@ function scriptHelp {
|
||||
exit 1
|
||||
}
|
||||
|
||||
### generate dynamic timestamps
|
||||
function stamp {
|
||||
echo `date +%F" "%T`
|
||||
}
|
||||
|
||||
### quit -- exit the script after logging any errors, warnings, etc.
|
||||
function quit {
|
||||
# list generated warnings, if any
|
||||
@ -106,7 +110,7 @@ function quit {
|
||||
fi
|
||||
if [ -z "${exitError}" ]; then
|
||||
# exit cleanly
|
||||
echo -e "${note}${stamp} --- ${scriptName} completed" \
|
||||
echo -e "${note}[$(stamp)] --- ${scriptName} completed" \
|
||||
"---${normal}" >> "$logFile"
|
||||
exit 0
|
||||
else
|
||||
@ -116,7 +120,7 @@ function quit {
|
||||
for errCode in "${exitError[@]}"; do
|
||||
errStamp="${errCode%%_*}"
|
||||
errValue="${errCode##*_}"
|
||||
echo -e "${err}${errStamp}-- [ERROR] ${errorExplain[$errValue]}" \
|
||||
echo -e "${err}${errStamp} -- [ERROR] ${errorExplain[$errValue]}" \
|
||||
"(code: ${errValue}) --${normal}" >> "$logFile"
|
||||
done
|
||||
exit 2
|
||||
@ -147,7 +151,7 @@ function checkExist {
|
||||
|
||||
### ncMaint - pass requested mode change type to NextCloud occ
|
||||
function ncMaint {
|
||||
sudo -u ${webUser} php ${ncRoot}/occ maintenance:mode --$1 \
|
||||
sudo -u "${webUser}" php "${ncRoot}/occ" maintenance:mode --"$1" \
|
||||
>> "$logFile" 2>&1
|
||||
maintResult="$?"
|
||||
return "$maintResult"
|
||||
@ -162,10 +166,10 @@ function cleanup {
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "0" ]; then
|
||||
# directory still exists
|
||||
exitWarn+=("${stamp}_111")
|
||||
exitWarn+=("[$(stamp)]_111")
|
||||
else
|
||||
# directory removed
|
||||
echo -e "${op}${stamp} Removed SQL temp directory${normal}" \
|
||||
echo -e "${op}[$(stamp)] Removed SQL temp directory${normal}" \
|
||||
>> "$logFile"
|
||||
fi
|
||||
|
||||
@ -173,21 +177,21 @@ function cleanup {
|
||||
# check value of 'clean503' to see if this is necessary (=1) otherwise, skip
|
||||
if [ "$clean503" = "1" ]; then
|
||||
# proceed with cleanup
|
||||
echo -e "${op}${stamp} Removing 503 error page..." >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Removing 503 error page..." >> "$logFile"
|
||||
rm -f "$webroot/$err503File" >> "$logFile" 2>&1
|
||||
# verify file is actually gone
|
||||
checkExist ff "$webroot/$err503File"
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "0" ]; then
|
||||
# file still exists
|
||||
exitWarn+=("${stamp}_5030")
|
||||
exitWarn+=("[$(stamp)]_5030")
|
||||
else
|
||||
# file removed
|
||||
echo -e "${info}${stamp} -- [INFO] 503 page removed from webroot" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] 503 page removed from webroot" \
|
||||
"--${normal}" >> "$logFile"
|
||||
fi
|
||||
else
|
||||
echo -e "${op}${stamp} 503 error page never copied to webroot," \
|
||||
echo -e "${op}[$(stamp)] 503 error page never copied to webroot," \
|
||||
"nothing to cleanup" >> "$logFile"
|
||||
fi
|
||||
|
||||
@ -195,10 +199,10 @@ function cleanup {
|
||||
ncMaint off
|
||||
# check if successful
|
||||
if [ "$maintResult" = "0" ]; then
|
||||
echo -e "${info}${stamp} -- [INFO] NextCloud now in regular" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] NextCloud now in regular" \
|
||||
"operating mode --${normal}" >> "$logFile"
|
||||
else
|
||||
exitError+=("${stamp}_101")
|
||||
exitError+=("[$(stamp)]_101")
|
||||
quit
|
||||
fi
|
||||
}
|
||||
@ -273,7 +277,7 @@ warningExplain[5032]="The specified webroot (-w parameter) could not be found"
|
||||
warningExplain[5033]="No 503 error page could be found. If not using the default located in the script directory, then check your -5 parameter"
|
||||
warningExplain[5035]="Error copying 503 error page to webroot"
|
||||
warn503="Web users will NOT be informed the server is down!"
|
||||
warningExplain[2111]="No password used for SSH keys or access to remote borg repo. This is an insecure configuration"
|
||||
warningExplain[2111]="No password used for access to remote borg repo. This is an insecure configuration"
|
||||
warningExplain[2112]="No remote borg instance specified. Operations will be slower in this configuration"
|
||||
warningExplain[2113]="The specified file containing extra files for inclusion in borgbackup could not be found"
|
||||
warningExplain[2114]="The specified file containing exclusion patterns for borgbackup could not be found. Backup was performed as though NO exclusions were defined"
|
||||
@ -377,8 +381,8 @@ if [ -z "$webUser" ]; then
|
||||
exit 1
|
||||
# Check if supplied webUser account exists
|
||||
elif [ -n "$webUser" ]; then
|
||||
user_exists=$(id -u $webUser > /dev/null 2>&1; echo $?)
|
||||
if [ $user_exists -ne 0 ]; then
|
||||
user_exists=$(id -u "$webUser" > /dev/null 2>&1; echo $?)
|
||||
if [ "$user_exists" -ne 0 ]; then
|
||||
echo -e "\n${err}The supplied webuser account (-u parameter) does not" \
|
||||
"exist.${normal}\n"
|
||||
exit 1
|
||||
@ -425,9 +429,9 @@ fi
|
||||
|
||||
|
||||
### Log start of script operations
|
||||
echo -e "${note}${stamp}--- Start $scriptName execution ---${normal}" \
|
||||
echo -e "${note}[$(stamp)] --- Start $scriptName execution ---${normal}" \
|
||||
>> "$logFile"
|
||||
echo -e "${info}${stamp}-- [INFO] Log file located at ${lit}${logFile}${info}" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] Log file located at ${lit}${logFile}${info}" \
|
||||
"--${normal}" >> "$logFile"
|
||||
|
||||
|
||||
@ -438,7 +442,7 @@ export logFile="$logFile"
|
||||
### Create sqlDump temporary directory and sqlDumpFile name
|
||||
sqlDumpDir=$( mktemp -d )
|
||||
sqlDumpFile="backup-`date +%Y%m%d_%H%M%S`.sql"
|
||||
echo -e "${info}${stamp} -- [INFO] mySQL dump file will be stored" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] mySQL dump file will be stored" \
|
||||
"at: ${lit}${sqlDumpDir}/${sqlDumpFile}${normal}" >> "$logFile"
|
||||
|
||||
|
||||
@ -451,9 +455,9 @@ echo -e "${info}${stamp} -- [INFO] mySQL dump file will be stored" \
|
||||
## Check if webroot has been specified, if not, skip this entire section since there is nowhere to copy the 503 file.
|
||||
if [ -z "$webroot" ]; then
|
||||
# no webroot path provided
|
||||
echo -e "${info}${stamp} -- [INFO] ${warn503} --${normal}" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] ${warn503} --${normal}" \
|
||||
>> "$logFile"
|
||||
exitWarn+=("${stamp}_5031")
|
||||
exitWarn+=("[$(stamp)]_5031")
|
||||
clean503=0
|
||||
else
|
||||
# verify webroot actually exists
|
||||
@ -461,41 +465,41 @@ else
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "1" ]; then
|
||||
# webroot directory specified could not be found
|
||||
echo -e "${info}${stamp} -- [INFO] ${warn503} --${normal}" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] ${warn503} --${normal}" \
|
||||
>> "$logFile"
|
||||
exitWarn+=("{$stamp}_5032")
|
||||
clean503=0
|
||||
else
|
||||
# webroot exists
|
||||
echo -e "${op}${stamp} Using webroot: ${lit}${webroot}${normal}" \
|
||||
echo -e "${op}[$(stamp)] Using webroot: ${lit}${webroot}${normal}" \
|
||||
>> "$logFile"
|
||||
# Verify 503 file existance at given path
|
||||
checkExist ff "$err503Path"
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "1" ]; then
|
||||
# 503 file could not be found
|
||||
echo -e "${info}${stamp} -- [INFO] ${warn503} --${normal}" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] ${warn503} --${normal}" \
|
||||
>> "$logFile"
|
||||
exitWarn+=("${stamp}_5033")
|
||||
exitWarn+=("[$(stamp)]_5033")
|
||||
clean503=0
|
||||
else
|
||||
# 503 file exists and webroot is valid. Let's copy it!
|
||||
echo -e "${op}${stamp} ${err503File} found at ${lit}${err503Path}" \
|
||||
echo -e "${op}[$(stamp)] ${err503File} found at ${lit}${err503Path}" \
|
||||
"${normal}" >> "$logFile"
|
||||
echo -e "${op}${stamp} Copying 503 error page to webroot..." \
|
||||
echo -e "${op}[$(stamp)] Copying 503 error page to webroot..." \
|
||||
"${normal}" >> "$logFile"
|
||||
cp "${err503Path}" "$webroot/" >> "$logFile" 2>&1
|
||||
copyResult="$?"
|
||||
# verify copy was successful
|
||||
if [ "$copyResult" = "1" ]; then
|
||||
# copy was unsuccessful
|
||||
echo -e "${info}${stamp} -- [INFO] ${warn503} --${normal}" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] ${warn503} --${normal}" \
|
||||
>> "$logFile"
|
||||
exitWarn+=("${stamp}_5035")
|
||||
exitWarn+=("[$(stamp)]_5035")
|
||||
clean503=0
|
||||
else
|
||||
# copy was successful
|
||||
echo -e "${info}${stamp} -- [INFO] 503 error page" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] 503 error page" \
|
||||
"successfully copied to webroot --${normal}" >> "$logFile"
|
||||
clean503=1
|
||||
fi
|
||||
@ -510,10 +514,10 @@ fi
|
||||
ncMaint on
|
||||
# check if successful
|
||||
if [ "$maintResult" = "0" ]; then
|
||||
echo -e "${info}${stamp} -- [INFO] NextCloud now in maintenance mode --" \
|
||||
echo -e "${info}[$(stamp)] -- [INFO] NextCloud now in maintenance mode --" \
|
||||
"${normal}" >> "$logFile"
|
||||
else
|
||||
exitError+=("${stamp}_100")
|
||||
exitError+=("[$(stamp)]_100")
|
||||
cleanup
|
||||
quit
|
||||
fi
|
||||
@ -524,23 +528,23 @@ mapfile -t sqlParams < "$sqlDetails"
|
||||
|
||||
|
||||
### Dump SQL
|
||||
echo -e "${op}${stamp} Dumping NextCloud SQL database...${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Dumping NextCloud SQL database...${normal}" >> "$logFile"
|
||||
mysqldump --single-transaction -h"${sqlParams[0]}" -u"${sqlParams[1]}" \
|
||||
-p"${sqlParams[2]}" "${sqlParams[3]}" > "${sqlDumpDir}/${sqlDumpFile}" \
|
||||
2>> "$logFile"
|
||||
# verify
|
||||
dumpResult="$?"
|
||||
if [ "$dumpResult" = "0" ]; then
|
||||
echo -e "${ok}${stamp} -- [SUCCESS] SQL dumped successfully --${normal}" \
|
||||
echo -e "${ok}[$(stamp)] -- [SUCCESS] SQL dumped successfully --${normal}" \
|
||||
>> "$logFile"
|
||||
else
|
||||
exitError+=("${stamp}_200")
|
||||
exitError+=("[$(stamp)]_200")
|
||||
cleanup
|
||||
quit
|
||||
fi
|
||||
|
||||
### Call borgbackup to copy actual files
|
||||
echo -e "${op}${stamp} Pre-backup tasks completed, calling borgbackup..." \
|
||||
echo -e "${op}[$(stamp)] Pre-backup tasks completed, calling borgbackup..." \
|
||||
"${normal}" >> "$logFile"
|
||||
|
||||
## Get borgbackup settings and repo details
|
||||
@ -549,10 +553,10 @@ mapfile -t borgConfig < "$borgDetails"
|
||||
## check if any required borg configuration variables in defintion file are
|
||||
## empty and exit with error, otherwise, map array items to variables
|
||||
# check: borg base directory
|
||||
echo -e "${op}${stamp} Verifying supplied borg configuration variables..." \
|
||||
echo -e "${op}[$(stamp)] Verifying supplied borg configuration variables..." \
|
||||
"${normal}" >> "$logFile"
|
||||
if [ -z "${borgConfig[0]}" ]; then
|
||||
exitError+=("${stamp}_210")
|
||||
exitError+=("[$(stamp)]_210")
|
||||
cleanup
|
||||
quit
|
||||
else
|
||||
@ -561,16 +565,16 @@ else
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "1" ]; then
|
||||
# borg base directory specified could not be found
|
||||
exitError+=("${stamp}_210")
|
||||
exitError+=("[$(stamp)]_210")
|
||||
cleanup
|
||||
quit
|
||||
fi
|
||||
echo -e "${op}${stamp} Borg base dir... OK${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Borg base dir... OK${normal}" >> "$logFile"
|
||||
export BORG_BASE_DIR="${borgConfig[0]%/}"
|
||||
fi
|
||||
# check: path to SSH keyfile
|
||||
if [ -z "${borgConfig[1]}" ]; then
|
||||
exitError+=("${stamp}_211")
|
||||
exitError+=("[$(stamp)]_211")
|
||||
cleanup
|
||||
quit
|
||||
else
|
||||
@ -578,28 +582,28 @@ else
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = 1 ]; then
|
||||
# SSH keyfile specified could not be found
|
||||
exitError+=("${stamp}_211")
|
||||
exitError+=("[$(stamp)]_211")
|
||||
cleanup
|
||||
quit
|
||||
fi
|
||||
echo -e "${op}${stamp} Borg SSH key... OK${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Borg SSH key... OK${normal}" >> "$logFile"
|
||||
export BORG_RSH="ssh -i ${borgConfig[1]}"
|
||||
fi
|
||||
# check: name of borg repo
|
||||
if [ -z "${borgConfig[2]}" ]; then
|
||||
exitError+=("${stamp}_212")
|
||||
exitError+=("[$(stamp)]_212")
|
||||
cleanup
|
||||
quit
|
||||
else
|
||||
echo -e "${op}${stamp} Borg REPO name... OK${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Borg REPO name... OK${normal}" >> "$logFile"
|
||||
export BORG_REPO="${borgConfig[2]}"
|
||||
fi
|
||||
# repo password
|
||||
if [ -n "${borgConfig[3]}" ]; then
|
||||
echo -e "${op}${stamp} Borg SSH/REPO password... OK${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Borg REPO password... OK${normal}" >> "$logFile"
|
||||
export BORG_PASSPHRASE="${borgConfig[3]}"
|
||||
else
|
||||
exitWarn+=("${stamp}_2111")
|
||||
exitWarn+=("[$(stamp)]_2111")
|
||||
# if the password was omitted by mistake, export a dummy password so borg
|
||||
# fails with an error instead of sitting and waiting for input
|
||||
export BORG_PASSPHRASE="DummyPasswordSoBorgFails"
|
||||
@ -612,31 +616,31 @@ borgExclude="${borgConfig[5]}"
|
||||
borgPrune="${borgConfig[6]}"
|
||||
# export: borg remote path (if not blank)
|
||||
if [ -n "${borgConfig[7]}" ]; then
|
||||
echo -e "${op}${stamp} Borg REMOTE path... OK${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Borg REMOTE path... OK${normal}" >> "$logFile"
|
||||
export BORG_REMOTE_PATH="${borgConfig[7]}"
|
||||
else
|
||||
exitWarn+=("${stamp}_2112")
|
||||
exitWarn+=("[$(stamp)]_2112")
|
||||
fi
|
||||
|
||||
## If borgXtra exists, map contents to an array variable
|
||||
if [ -n "$borgXtra" ]; then
|
||||
echo -e "${op}${stamp} Processing referenced extra files list for" \
|
||||
echo -e "${op}[$(stamp)] Processing referenced extra files list for" \
|
||||
"borgbackup to include in backup${normal}" >> "$logFile"
|
||||
checkExist ff "$borgXtra"
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "0" ]; then
|
||||
echo -e "${op}${stamp} Found ${lit}${borgXtra}${normal}" >> "$logFile"
|
||||
echo -e "${op}[$(stamp)] Found ${lit}${borgXtra}${normal}" >> "$logFile"
|
||||
mapfile -t xtraFiles < "$borgXtra"
|
||||
echo -e "${op}${stamp} Processed extra files list for inclusion in" \
|
||||
echo -e "${op}[$(stamp)] Processed extra files list for inclusion in" \
|
||||
"borgbackup${normal}" >> "$logFile"
|
||||
else
|
||||
exitWarn+=("${stamp}_2113")
|
||||
exitWarn+=("[$(stamp)]_2113")
|
||||
fi
|
||||
else
|
||||
# no extra locations specified
|
||||
echo -e "${op}${stamp} No additional locations specified for backup." \
|
||||
echo -e "${op}[$(stamp)] No additional locations specified for backup." \
|
||||
"Only NextCloud data files will be backed up${normal}" >> "$logFile"
|
||||
exitWarn+=("${stamp}_2116")
|
||||
exitWarn+=("[$(stamp)]_2116")
|
||||
fi
|
||||
|
||||
## Check if borgExclude exists since borg will throw an error if it's missing
|
||||
@ -644,16 +648,16 @@ if [ -n "$borgExclude" ]; then
|
||||
checkExist ff "$borgExclude"
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "0" ]; then
|
||||
echo -e "${op}${stamp} Found ${lit}${borgExclude}${normal}" \
|
||||
echo -e "${op}[$(stamp)] Found ${lit}${borgExclude}${normal}" \
|
||||
>> "$logFile"
|
||||
else
|
||||
# file not found, unset the variable so it's like it was not specified
|
||||
# in the first place and continue with backup
|
||||
unset borgExclude
|
||||
exitWarn+=("${stamp}_2114")
|
||||
exitWarn+=("[$(stamp)]_2114")
|
||||
fi
|
||||
else
|
||||
echo -e "${op}${stamp} Exclusion pattern file not specified." \
|
||||
echo -e "${op}[$(stamp)] Exclusion pattern file not specified." \
|
||||
"No exclusions will be processed${normal}" >> "$logFile"
|
||||
fi
|
||||
|
||||
@ -664,13 +668,13 @@ fi
|
||||
## the 'noexec' option for security. Thus, we will use/create a 'tmp' folder
|
||||
## within the BORG_BASE_DIR and instruct python to use that instead of /tmp
|
||||
# check if BORG_BASE_DIR/tmp exists, if not, create it
|
||||
echo -e "${op}${stamp} Checking for tmp directory at ${lit}${BORG_BASE_DIR}" \
|
||||
echo -e "${op}[$(stamp)] Checking for tmp directory at ${lit}${BORG_BASE_DIR}" \
|
||||
"${normal}" >> "$logFile"
|
||||
checkExist fd "$BORG_BASE_DIR/tmp"
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "1" ]; then
|
||||
# folder not found
|
||||
echo -e "${op}${stamp} tmp folder not found... creating${lit}" \
|
||||
echo -e "${op}[$(stamp)] tmp folder not found... creating${lit}" \
|
||||
"${BORG_BASE_DIR}/tmp${normal}" >> "$logFile"
|
||||
mkdir "$BORG_BASE_DIR/tmp" 2>> "$logFile"
|
||||
# verify folder created
|
||||
@ -678,17 +682,17 @@ if [ "$checkResult" = "1" ]; then
|
||||
checkResult="$?"
|
||||
if [ "$checkResult" = "0" ]; then
|
||||
# folder exists
|
||||
echo -e "${op}${stamp} tmp folder created within borg base directory" \
|
||||
echo -e "${op}[$(stamp)] tmp folder created within borg base directory" \
|
||||
"${normal}" >> "$logFile"
|
||||
else
|
||||
# problem creating folder and script will exit
|
||||
exitError+=("${stamp}_215")
|
||||
exitError+=("[$(stamp)]_215")
|
||||
cleanup
|
||||
quit
|
||||
fi
|
||||
else
|
||||
# folder found
|
||||
echo -e "${op}${stamp} tmp folder found within borg base directory" \
|
||||
echo -e "${op}[$(stamp)] tmp folder found within borg base directory" \
|
||||
"${normal}" >> "$logFile"
|
||||
fi
|
||||
# export TMPDIR environment variable
|
||||
@ -699,74 +703,74 @@ export TMPDIR="${BORG_BASE_DIR}/tmp"
|
||||
# commandline depends on whether borgExclude is empty or not
|
||||
if [ -z "$borgExclude" ]; then
|
||||
# borgExclude is empty
|
||||
echo -e "${info}${stamp} --[INFO] Executing borg without exclusions --" \
|
||||
echo -e "${info}[$(stamp)] --[INFO] Executing borg without exclusions --" \
|
||||
"${normal}" >> "$logFile"
|
||||
borg --show-rc create ${borgCreateParams} ::`date +%Y-%m-%d_%H%M%S` \
|
||||
${xtraFiles[@]} \
|
||||
${sqlDumpDir} ${ncDataDir} \
|
||||
"${xtraFiles[@]}" \
|
||||
"${sqlDumpDir}" "${ncDataDir}" \
|
||||
2>> "$logFile"
|
||||
else
|
||||
# borgExclude is not empty
|
||||
echo -e "${info}${stamp} --[INFO] Executing borg with exclusions --" \
|
||||
echo -e "${info}[$(stamp)] --[INFO] Executing borg with exclusions --" \
|
||||
"${normal}" >> "$logFile"
|
||||
borg --show-rc create ${borgCreateParams} --exclude-from ${borgExclude} \
|
||||
borg --show-rc create ${borgCreateParams} --exclude-from "${borgExclude}" \
|
||||
::`date +%Y-%m-%d_%H%M%S` \
|
||||
${xtraFiles[@]} \
|
||||
${sqlDumpDir} ${ncDataDir} \
|
||||
"${xtraFiles[@]}" \
|
||||
"${sqlDumpDir}" "${ncDataDir}" \
|
||||
2>> "$logFile"
|
||||
fi
|
||||
|
||||
## Check status of borg operation
|
||||
borgResult="$?"
|
||||
if [ "$borgResult" -eq 0 ]; then
|
||||
echo -e "${ok}${stamp} -- [SUCCESS] Borg backup completed successfully --" \
|
||||
echo -e "${ok}[$(stamp)] -- [SUCCESS] Borg backup completed successfully --" \
|
||||
"${normal}" >> "$logFile"
|
||||
elif [ "$borgResult" -eq 1 ]; then
|
||||
exitWarn+=("${stamp}_2200")
|
||||
exitWarn+=("[$(stamp)]_2200")
|
||||
elif [ "$borgResult" -ge 2 ]; then
|
||||
exitError+=("${stamp}_220")
|
||||
exitError+=("[$(stamp)]_220")
|
||||
cleanup
|
||||
quit
|
||||
else
|
||||
exitWarn+=("${stamp}_2201")
|
||||
exitWarn+=("[$(stamp)]_2201")
|
||||
fi
|
||||
|
||||
## Generate and execute borg prune
|
||||
# command depends on whether or not parameters have been defined
|
||||
if [ -n "$borgPrune" ]; then
|
||||
# parameters defined
|
||||
echo -e "${info}${stamp} --[INFO] Executing borg prune operation --" \
|
||||
echo -e "${info}[$(stamp)] --[INFO] Executing borg prune operation --" \
|
||||
"${normal}" >> "$logFile"
|
||||
borg prune --show-rc -v ${borgPruneParams} ${borgPrune} \
|
||||
2>> "$logFile"
|
||||
# check return-status
|
||||
pruneResult="$?"
|
||||
if [ "$pruneResult" -eq 0 ]; then
|
||||
echo -e "${ok}${stamp} -- [SUCCESS] Borg prune completed successfully" \
|
||||
echo -e "${ok}[$(stamp)] -- [SUCCESS] Borg prune completed successfully" \
|
||||
"--${normal}" >> "$logFile"
|
||||
elif [ "$pruneResult" -eq 1 ]; then
|
||||
exitWarn+=("${stamp}_2210")
|
||||
exitWarn+=("[$(stamp)]_2210")
|
||||
elif [ "$pruneResult" -ge 2 ]; then
|
||||
exitError+=("${stamp}_221")
|
||||
exitError+=("[$(stamp)]_221")
|
||||
else
|
||||
exitWarn+=("${stamp}_2212")
|
||||
exitWarn+=("[$(stamp)]_2212")
|
||||
fi
|
||||
else
|
||||
# parameters not defined... skip pruning
|
||||
exitWarn+=("${stamp}_2115")
|
||||
exitWarn+=("[$(stamp)]_2115")
|
||||
fi
|
||||
|
||||
|
||||
### borgbackup completed
|
||||
echo -e "${op}${stamp} Borgbackup completed... begin cleanup" \
|
||||
echo -e "${op}[$(stamp)] Borgbackup completed... begin cleanup" \
|
||||
"${normal}" >> "$logFile"
|
||||
|
||||
|
||||
### Exit script
|
||||
echo -e "${bold}${op}${stamp} ***Normal exit process***${normal}" \
|
||||
echo -e "${bold}${op}[$(stamp)] ***Normal exit process***${normal}" \
|
||||
>> "$logFile"
|
||||
cleanup
|
||||
echo -e "${bold}${ok}${stamp} -- [SUCCESS] All processes completed" \
|
||||
echo -e "${bold}${ok}[$(stamp)] -- [SUCCESS] All processes completed" \
|
||||
"successfully --${normal}" >> "$logFile"
|
||||
quit
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
<path to borgbackup base directory> /var/borgbackup
|
||||
<path to SSH private key for repo> /var/borgbackup/sshPrivate.key
|
||||
<connection string to remote repo> user@server-number.rsync.net:repoName/
|
||||
<password for SSH key/repo> pAsSwOrd
|
||||
<path to file listing extra files> /root/NCscripts/xtraLocations.borg
|
||||
<path to file with exclusions> /root/NCscripts/excludeLocations.borg
|
||||
<purge timeframe options> --keep-within=7d --keep-daily=30 --keep-weekly=12 --keep-monthly=-1
|
||||
<location of borg remote instance> borg1
|
||||
<path to borgbackup base directory> /var/borgbackup
|
||||
<path to SSH private key for remote server> /var/borgbackup/sshPrivate.key
|
||||
<connection string to remote repo> user@servername.tld:repoName/
|
||||
<password for repo> pAsSwOrd
|
||||
<path to file listing extra files> /root/NCscripts/xtraLocations.borg
|
||||
<path to file with exclusions> /root/NCscripts/excludeLocations.borg
|
||||
<purge timeframe options> --keep-within=7d --keep-daily=30 --keep-weekly=12 --keep-monthly=-1
|
||||
<location of borg remote instance> borg1
|
@ -25,9 +25,9 @@
|
||||
/root/.ssh/
|
||||
/etc/mysql/my.cnf
|
||||
/etc/nginx/
|
||||
/etc/php/7.0/cli/php.ini
|
||||
/etc/php/7.0/fpm/php-fpm.conf
|
||||
/etc/php/7.0/fpm/php.ini
|
||||
/etc/php/7.0/fpm/pool.d/www.conf
|
||||
/etc/php/7.2/cli/php.ini
|
||||
/etc/php/7.2/fpm/php-fpm.conf
|
||||
/etc/php/7.2/fpm/php.ini
|
||||
/etc/php/7.2/fpm/pool.d/www.conf
|
||||
/etc/redis/redis.conf
|
||||
/usr/share/nginx/html/
|
Loading…
Reference in New Issue
Block a user