123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472 |
- #!/bin/bash
- function usage {
- printf "%s Version 1.9\n" $(basename $0)
- printf "Usage: %s [options]... -z|-j|-J \n" $(basename $0)
- printf "Make a encrypted backup of a server compressed with: \n"
- printf "\t·Gzip (tar.gz or tar.gz.gpg)\n"
- printf "\t·Bzip2 (tar.bz2 or tar.gz.gpg)\n"
- printf "\t·XZ (tar.xz or tar.xz.gpg)\n"
- printf "\t·7Z (7z)\n"
- printf "\n"
- printf "Backup Options:\n"
- printf "\t-d, --directory dir: backup directory\n"
- printf "\t\tDefault: %s\n" $backupDir
- printf "\t-p, --prefix name: prefix for the name of the backup\n"
- printf "\t\tDefault: %s\n" $backupPrefix
- printf "\t--no-postfix: disable the postfi: the full name will be the prefix\n"
- printf "\t\tDefault: prefix-yyyy-mm-dd(date)-XXXXXX(random)\n"
- printf "\t--no-remove: no remove old files\n"
- printf "\t\tDefault: false\n"
- printf "\t--remove-days numbet: set number of days to considere a backup old\n"
- printf "\t\tDefault: %s\n" $deleteDays
- printf "\t-u, --user uid: name of the user owner of the backup\n"
- printf "\t\tDefault: %s\n" $user
- printf "\t-g, --group gid: name of the group owner of the backup\n"
- printf "\t\tDefault: %s\n" $group
- printf "\t--permision-mask number: octal mask to set accesss permision of the backup\n"
- printf "\t\tDefault: %s\n" $permisionMask
- printf "\n"
- printf "Compression Options:\n"
- printf "\t-z, --gzip: compress using gzip (tar.gz or tar.gz.gpg)\n"
- printf "\t-j, --bzip2: compress using bzip2 (tar.bz2 or tar.bz2.gpg)\n"
- printf "\t-J, --xz: compress using xz (tar.xz or tar.xz.gpg)\n"
- printf "\t-7, --7zip: compress using 7z (7z)\n"
- printf "\n"
- printf "Encryption Options:\n"
- printf "\t-k, --key-id ID: set gpg2 public key-id used for encryption\n"
- printf "\t\tDefault: %s\n" $keyID
- printf "\t--no-encryption: disable the encryption of the backup\n"
- printf "\t\tDefault: %s\n" $noEncryption
- printf "\t--7z-password password: set password (ONLY for 7z)\n"
- printf "\t\tDefault: %s\n" $pass7z
- printf "\n"
- printf "Web Options:\n"
- printf "\t--web-dir dir: set web pages directory to backup\n"
- printf "\t\tDefault: %s\n" $webDir
- printf "\t--no-web: disable backup of web pages\n"
- printf "\t\tDefault: %s\n" $noWeb
- printf "\n"
- printf "SQL Options:\n"
- printf "\t--no-sql: disable MySQL/MAriaDB backup\n"
- printf "\t\tDefault: %s\n" $noSql
- printf "\n"
- printf "Nginx Options:\n"
- printf "\t--nginx-dir dir: set nginx configuration directory to backup\n"
- printf "\t\tDefault: %s\n" $nginxDir
- printf "\t--no-nginx: disable Nginx backup\n"
- printf "\t\tDefault: %s\n" $noNginx
- printf "\n"
- printf "Let's Encrypt Options:\n"
- printf "\t--letsencrypt-dir dir: set Let's Encrypt configuration directory to backup\n"
- printf "\t\tDefault: %s\n" $letsencryptDir
- printf "\t--no-letsencrypt: disable Let's Encrypt backup\n"
- printf "\t\tDefault: %s\n" $noLetsencrypt
- printf "\n"
- printf "Mail Options:\n"
- printf "\t--mail-dir dir: set Mailboxes directory to backup\n"
- printf "\t\tDefault: %s\n" $mailDir
- printf "\t\t--no-mail: disable mailboxes backup\n"
- printf "\t\tDefault: %s\n" $noMail
- printf "\n"
- printf "Home Options:\n"
- printf "\t--home-dir dir: set home directories to backup\n"
- printf "\t\tDefault: %s\n" $homeDir
- printf "\t--no-home: disable home directory backup\n"
- printf "\t\tDefault: %s\n" $noHome
- printf "\n"
- printf "GOGS Options:\n"
- printf "\t--gogs-dir dir: set GOGS Repository to backup\n"
- printf "\t\tDefault: %s\n" $gogsDir
- printf "\t--no-gogs: disable gogs backup\n"
- printf "\t\tDefault: %s\n" $noGogs
- exit
- }
- function makep7zip {
-
- ext=".7z"
- backupOutput=$backupOutput$ext
- printf "Backup File (7z):\t%s\n" $backupOutput
-
- if [ $noWeb = false ] && [ -d $webDir ];then
- printf "Compressing:\t%s\n" $webDir
-
- tempfile=$(mktemp -t exclude-XXX)
- echo "www/backup" > $tempfile
- echo "www/main/public" >> $tempfile
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $webDir -x@$tempfile > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError copying web pages (Continue).\n"
- fi
- rm $tempfile
- fi
-
- if [ $noSql = false ] && [ -x "$(which mysql)" ] && [ -x "$(which mysqldump)" ]; then
- list=$(mysql -u $mysqluser -p$mysqlpass -e "show DATABASES;")
-
- for database in $list; do
- valid=true
- for excep in Database information_schema performance_schema; do
- if [ $database = $excep ]; then
- valid=false
- break
- fi
- done
- if [ $valid = true ]; then
- printf "Compressing MySQL database:\t%s\n" $database.sql
- mysqldump -u $mysqluser -p$mysqlpass $database | 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput -simysql/$database.sql > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError compressing database (%s) (Continue).\n" $database
- fi
- fi
- done
- fi
-
- if [ $noNginx = false ] && [ -d $nginxDir ];then
- printf "Compressing:\t%s\n" $nginxDir
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $nginxDir > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError copying nginx configuration (Continue)\n"
- fi
- fi
-
- if [ $noMail = false ] && [ -d $mailDir ];then
- printf "Compressing:\t%s\n" $mailDir
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $mailDir > /dev/null
-
- if [ $? != 0 ];then
- printf "WARNING:\tError copying mailboxes (Continue)\n"
- fi
- fi
-
- if [ $noLetsencrypt = false ] && [ -d $letsencryptDir ];then
- printf "Compressing:\t%s\n" $letsencryptDir
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $letsEncryptDir > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError copying Let's Encrypt certificates (Continue)\n"
- fi
- fi
-
- if [ $noHome = false ] && [ -d $homeDir ];then
- printf "Compressing:\t%s\n" $homeDir
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $homeDir > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError copying home dir (Continue)\n"
- fi
- fi
-
- if [ $noGogs = false ] && [ -d $gogsDir ];then
- printf "Compressing:\t%s\n" $gogsDir
- 7z a -t7z -mx=9 -p$pass7z -mhe $backupOutput $gogsDir > /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError copying GOGS Repository (Continue)\n"
- fi
- fi
- }
- function makeTar {
-
- printf "Backup File:\t%s\n" $backupOutput.tar.gz.gpg
-
- if [ $noWeb = false ] && [ -d $webDir ];then
- printf "Adding:\t%s\n" $webDir
- tar -rf $tempOutput -C $(dirname $webDir) --exclude=www/backup --exclude=www/main/public $(basename $webDir) > /dev/null 2>&1
- if [ $? != 0 ]; then
- printf "WARNING:\tError copying web pages (Continue).\n"
- fi
- fi
-
- if [ $noSql = false ] && [ -x "$(which mysql)" ] && [ -x "$(which mysqldump)" ]; then
- list=$(mysql -u $mysqluser -p$mysqlpass -e "show DATABASES;" 2> /dev/null)
- mkdir /tmp/mysql
-
- for database in $list; do
- valid=true
- for excep in Database information_schema performance_schema; do
- if [ $database = $excep ]; then
- valid=false
- break
- fi
- done
- if [ $valid = true ]; then
- printf "Adding MySQL database:\t%s\n" $database.sql
- mysqldump -u $mysqluser -p$mysqlpass $database > /tmp/mysql/$database.sql 2> /dev/null
- if [ $? != 0 ];then
- printf "WARNING:\tError extracting database (%s) (Continue).\n" $database
- continue
- fi
- tar -rf $tempOutput -C /tmp mysql/$database.sql > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError adding to tar (%s) (Continue)\n"
- fi
- rm /tmp/mysql/$database.sql
- fi
- done
- rmdir /tmp/mysql
- fi
-
- if [ $noNginx = false ] && [ -d $nginxDir ];then
- printf "Adding:\t%s\n" $nginxDir
- tar -rf $tempOutput -C $(dirname $nginxDir) $(basename $nginxDir) > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError copying nginx configuration (Continue)\n"
- fi
- fi
-
- if [ $noMail = false ] && [ -d $mailDir ];then
- printf "Adding:\t%s\n" $mailDir
- tar -rf $tempOutput -C $(dirname $mailDir) $(basename $mailDir) > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError copying mailboxes (Continue)\n"
- fi
- fi
-
- if [ $noLetsencrypt = false ] && [ -d $letsencryptDir ];then
- printf "Adding:\t%s\n" $letsencryptDir
- tar -rf $tempOutput -C $(dirname $letsencryptDir) $(basename $letsencryptDir) > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError copying Let's Encrypt certificates (Continue)\n"
- fi
- fi
-
- if [ $noHome = false ] && [ -d $homeDir ];then
- printf "Adding:\t%s\n" $homeDir
- tar -rf $tempOutput -C $(dirname $homeDir) $(basename $homeDir) > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError copying home dir (Continue)\n"
- fi
- fi
-
- if [ $noGogs = false ] && [ -d $gogsDir ];then
- printf "Adding:\t/opt/gogs\n"
- tar -rf $tempOutput -C $(dirname $gogsDir) $(basename $gogsDir) > /dev/null 2>&1
- if [ $? != 0 ];then
- printf "WARNING:\tError copying GOGS Repository (Continue)\n"
- fi
- fi
- }
- function gzUnencrypted {
- ext=".tar.gz"
- backupOutput=$backupOutput$ext
- printf "Compressing (GZIP)... %s\n" $backupOutput
- gzip -9 --stdout $tempOutput > $backupOutput
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- function gzEncrypted {
- ext=".tar.gz.gpg"
- backupOutput=$backupOutput$ext
- printf "Compressing (GZIP) and encrypting... %s\n" $backupOutput
- gzip -9 --stdout $tempOutput | gpg2 --no-batch --output $backupOutput --encrypt -r $keyID -
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- function bz2Unencrypted {
- ext=".tar.bz2"
- backupOutput=$backupOutput$ext
- printf "Compressing (BZIP2)... %s\n" $backupOutput
- bzip2 -9 --stdout $tempOutput > $backupOutput
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- function bz2Encrypted {
- ext=".tar.bz2.gpg"
- backupOutput=$backupOutput$ext
- printf "Compressing (BZIP2) and encrypting... %s\n" $backupOutput
- bzip2 -9 --stdout $tempOutput | gpg2 --no-batch --output $backupOutput --encrypt -r $keyID -
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- function xzUnencrypted {
- ext=".tar.xz"
- backupOutput=$backupOutput$ext
- printf "Compressing (XZ)... %s\n" $backupOutput
- xz -9 --stdout $tempOutput > $backupOutput
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- function xzEncrypted {
- ext=".tar.xz.gpg"
- backupOutput=$backupOutput$ext
- printf "Compressing (XZ) and encrypting... %s\n" $backupOutput
- xz -9 --stdout $tempOutput | gpg2 --no-batch --output $backupOutput --encrypt -r $keyID -
- if [ $? != 0 ]; then
- printf "ERROR:\tImpossible to compress (%s)\n" $backupOutput$ext
- exit 1
- fi
- rm $tempOutput
- }
- startTime=$(date +"%s")
- if [ $(id -u) -ne 0 ]; then
- printf "ERROR:\tNeed to be root :O\n"
- exit 1
- fi
- mysqluser="root"
- mysqlpass="mysqlpasswd"
- keyID="A288A3FB"
- pass7z="password-for-7z"
- backupDir=/var/www/backup
- backupPrefix="backup-castanedo.es"
- backupName=$backupPrefix-$(date +"%Y-%m-%d")-$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 6 | head -n 1)
- backupOutput=$backupDir/$backupName
- tempOutput=/tmp/$backupName.tar
- deleteDays="15"
- user="www-data"
- group="www-data"
- webDir="/var/www"
- nginxDir="/etc/nginx"
- mailDir="/var/mail"
- letsencryptDir="/etc/letsencrypt"
- homeDir="/home"
- gogsDir="/opt/gogs"
- noEncryption=false
- gzipOn=false
- bzip2On=false
- xzOn=true
- p7zipOn=false
- permisionMask=640
- removeOld=true
- noWeb=false
- noSql=false
- noNginx=false
- noMail=false
- noLetsencrypt=false
- noHome=false
- noGogs=false
- if [ $p7zipOn = true ];then
- if [ ! -x $(which 7z) ];then
- printf "ERROR:\tp7zip Not Installed\n"
- exit 1
- fi
- makep7zip
- else
- if [ ! -x $(which tar) ];then
- printf "ERROR:\tTAR Not Installed\n"
- exit 1
- fi
- makeTar
- fi
- if [ $gzipOn = true ];then
- if [ ! -x $(which gzip) ];then
- printf "ERROR:\tGzip Not Installed\n"
- rm $tempOutput
- exit 1
- fi
- if [ $noEncryption = true ] || [ ! -x $(which gpg2) ];then
- gzUnencrypted
- else
- gzEncrypted
- fi
- elif [ $bzip2On = true ];then
- if [ ! -x $(which bzip2) ];then
- printf "ERROR:\tBzip2 Not Installed\n"
- rm $tempOutput
- exit 1
- fi
- if [ $noEncryption = true ] || [ ! -x $(which gpg2) ];then
- bz2Unencrypted
- else
- bz2Encrypted
- fi
- elif [ $xzOn = true ];then
- if [ ! -x $(which xz) ];then
- printf "ERROR:\tXZ Not Installed\n"
- rm $tempOutput
- exit 1
- fi
- if [ $noEncryption = true ] || [ ! -x $(which gpg2) ];then
- xzUnencrypted
- else
- xzEncrypted
- fi
- elif [ $p7zipOn = true ];then
-
- printf "moo" > /dev/null
- else
- printf "ERROR:\tCompression method not set\n"
- rm $tempOutput
- exit 1
- fi
- chown $user:$group $backupOutput
- chmod $permisionMask $backupOutput
- if [ $removeOld = true ];then
- printf "Eliminando backups antiguos (+15 dias)\n"
- find $backupDir -mindepth 1 -mtime +$deleteDays -type f -iname $backupPrefix*$ext -delete
- if [ $? != 0 ];then
- printf "WARNING:\tError eliminando backup's antiguos (%s dias)\n" $deleteDays
- fi
- fi
- finalTime=$(date +"%s")
- echo "------------------------------------------------"
- printf "Backup completado con exito en %s segundos :)\n" $((finalTime-startTime))
- echo "------------------------------------------------"
|