diff options
author | Simon Rettberg | 2018-08-20 14:07:01 +0200 |
---|---|---|
committer | Simon Rettberg | 2018-08-20 14:07:01 +0200 |
commit | 27a6fd02cabd3b98b0d87040aa88ff6502518575 (patch) | |
tree | 01d244910d78efa5e78c99c7d1417f58d31ea854 | |
parent | [SSPS] redneck: Now network.target (diff) | |
download | setup-scripts-27a6fd02cabd3b98b0d87040aa88ff6502518575.tar.gz setup-scripts-27a6fd02cabd3b98b0d87040aa88ff6502518575.tar.xz setup-scripts-27a6fd02cabd3b98b0d87040aa88ff6502518575.zip |
[borgbackup] Add script to create repos
This script is used on out backup server and
handy to set up file system structure, generate
keys and deploy script/key to the remote machine
intended to be backed up.
-rwxr-xr-x | borgbackup/create-repo | 121 |
1 files changed, 121 insertions, 0 deletions
diff --git a/borgbackup/create-repo b/borgbackup/create-repo new file mode 100755 index 0000000..79a4c65 --- /dev/null +++ b/borgbackup/create-repo @@ -0,0 +1,121 @@ +#!/bin/bash + +MYPID=$$ +ROOT_DIR="/mnt/storage1_loop/borg" +BORG_GROUP="borg-backup" +THIS_HOST="132.230.4.17" +BORG_VERSION="1.1.7" # What is deployed to remote machines... +# Should match the local installed version + +perror() { + echo "[ERROR] $*" + [ "$$" != "$MYPID" ] && kill "$MYPID" + exit 1 +} + +declare -rg MYPID ROOT_DIR BORG_GROUP + +[ -d "$ROOT_DIR" ] || perror "No such directory: $ROOT_DIR" + +echo -n "Please enter host name or address of machine to back up (pref. a host name): " +read -r name trash || perror "Nothing entered" +[ -n "$name" ] || perror "Nothing entered" +[ -z "$trash" ] || perror "Must not contain spaces" +host=$name +basedir="$ROOT_DIR/$name" + +[ -d "$basedir" ] && perror "Target $basedir already exists" +mkdir "$basedir" || perror "Cannot create $basedir" + +echo -n "Please enter system user to create for this repo: " +read -r name trash || perror "Nothing entered" +[ -n "$name" ] || perror "Nothing entered" +[ -z "$trash" ] || perror "Must not contain spaces" +user=$name + +adduser --home "$basedir" --no-create-home --disabled-password --gecos "Backupuser for $host" "$user" || perror "Could not create user $user" +adduser "$user" "$BORG_GROUP" || perror "Could not add user $user to group $BORG_GROUP" +mkdir "$basedir/repo" "$basedir/.ssh" || perror "Could not create .ssh and repo" +ssh-keygen -N '' -q -f "$basedir/id_borg" || perror "could not create ssh keypair" +pubkey=$(cat "$basedir/id_borg.pub") +[ -n "$pubkey" ] || perror "Borked pubkey $basedir/id_borg.pub" +echo 'command="borg serve --append-only --restrict-to-path '"$basedir"'/repo",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc' \ + "$pubkey" > "$basedir/.ssh/authorized_keys" +rm "$basedir/id_borg.pub" + +chown -R "${user}:${user}" "$basedir" + +echo "Deploying borg to $host now (ssh root@$host)...." +cat > "$basedir/deployscript" <<HERED +# WARNING +# MAKE SURE TO RUN THIS ON THE MACHINE TO BE BACKED UP ($host) +# INVOKE EXPLICITLY VIA "bash ...." ON TARGET MACHINE +echo "Connected, placing privkey..." +mkdir -p ".ssh" +echo "$(cat "$basedir/id_borg")" > ".ssh/id_borgbackup" +chmod 0600 ".ssh/id_borgbackup" +if ! grep -q 'Host ${THIS_HOST}' ".ssh/config"; then +echo "Appending section to .ssh/config..." +cat >> ".ssh/config" <<SSHC +Host $THIS_HOST +IdentityFile ~/.ssh/id_borgbackup +SSHC +fi +mkdir -p "/opt/scripts" +echo "Dumping script..." +cat > "/opt/scripts/borg-backup.sh" <<SCRIPT +#!/bin/bash +export BORG_PASSPHRASE=hello +export BORG_REPO="ssh://${user}@${THIS_HOST}${basedir}/repo" +borg create --filter AME --list --stats --show-rc \\ + --exclude-caches \\ + --exclude '/home/*/.cache/*' \\ + --exclude '/var/cache/*' \\ + --exclude '/var/tmp/*' \\ + --exclude '/var/run/*' \\ + '::main-{now}' /etc /home /root /var /opt /srv +SCRIPT +chmod 0700 "/opt/scripts/borg-backup.sh" +echo "Dumping cron-job...." +cat > /etc/cron.d/borg-backup <<BLUB +$(( RANDOM % 60 )) $(( RANDOM % 5 )) * * * root /opt/scripts/borg-backup.sh +BLUB +echo "Downloading borg 1.1.7....." +mkdir -p "/usr/local/bin" +ARC=32 +[ "\$(uname -m)" = "x86_64" ] && ARC=64 +[ -x "/usr/local/bin/borg" ] || wget -O "/usr/local/bin/borg" "https://github.com/borgbackup/borg/releases/download/1.1.7/borg-linux\$ARC" +chmod +x "/usr/local/bin/borg" +export BORG_RSH="ssh -a -k -oStrictHostKeyChecking=no" +export BORG_PASSPHRASE=hello +export BORG_REPO="ssh://${user}@${THIS_HOST}${basedir}/repo" +echo "Trying to connect back to backup server now to create borg repo (\$BORG_REPO)" +if ! borg --progress init -e none; then + echo "CONNECTION FAILED" + echo "!!!!!!" + exit 1 +fi +HERED +ssh "root@$host" 'bash' < "$basedir/deployscript" +retv=$? +echo "." +echo "." + +if [ "$retv" != 0 ]; then + echo "Apparently deploying stuff to the remote host failed. Please setup borg manually there." + echo "-> Install borg binary (matching version!), add backup script + cron job, add ssh keys." + echo "Most importantly, initialize the repo via: borg --progress init -e none" + echo "" + echo "You can copy $basedir/deployscript to the machine to be backed up and run it there" + echo "(NOT on this host, which is RECEIVING the backup data)" +else + rm "$basedir/deployscript" + echo "Default backup script has been deployed to $host at /opt/scripts. Make changes as needed" + echo "(include/exclude dirs)" +fi + +echo "" +rm "$basedir/id_borg" + +echo "Over and out" + |