blob: 3ff3c68f63a65fbf07694247c548c9ccabadaea2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
#!/bin/bash
MYPID=$$
ROOT_DIR="/mnt/storage1_loop/borg"
BORG_GROUP="borg-backup"
THIS_HOST="132.230.4.17"
BORG_VERSION="1.1.7" # What is deployed to remote machines...
# Should match the local installed version
perror() {
echo "[ERROR] $*"
[ "$$" != "$MYPID" ] && kill "$MYPID"
exit 1
}
declare -rg MYPID ROOT_DIR BORG_GROUP
[ -d "$ROOT_DIR" ] || perror "No such directory: $ROOT_DIR"
echo -n "Please enter host name or address of machine to back up (pref. a host name): "
read -r name trash || perror "Nothing entered"
[ -n "$name" ] || perror "Nothing entered"
[ -z "$trash" ] || perror "Must not contain spaces"
host=$name
basedir="$ROOT_DIR/$name"
[ -d "$basedir" ] && perror "Target $basedir already exists"
mkdir "$basedir" || perror "Cannot create $basedir"
echo -n "Please enter system user to create for this repo: "
read -r name trash || perror "Nothing entered"
[ -n "$name" ] || perror "Nothing entered"
[ -z "$trash" ] || perror "Must not contain spaces"
user=$name
adduser --home "$basedir" --no-create-home --disabled-password --gecos "Backupuser for $host" "$user" || perror "Could not create user $user"
adduser "$user" "$BORG_GROUP" || perror "Could not add user $user to group $BORG_GROUP"
mkdir "$basedir/repo" "$basedir/.ssh" || perror "Could not create .ssh and repo"
ssh-keygen -N '' -q -f "$basedir/id_borg" || perror "could not create ssh keypair"
pubkey=$(cat "$basedir/id_borg.pub")
[ -n "$pubkey" ] || perror "Borked pubkey $basedir/id_borg.pub"
echo 'command="borg serve --append-only --restrict-to-path '"$basedir"'/repo",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc' \
"$pubkey" > "$basedir/.ssh/authorized_keys"
rm "$basedir/id_borg.pub"
chown -R "${user}:${user}" "$basedir"
echo "Deploying borg to $host now (ssh root@$host)...."
cat > "$basedir/deployscript" <<HERED
# WARNING
# MAKE SURE TO RUN THIS ON THE MACHINE TO BE BACKED UP ($host)
# INVOKE EXPLICITLY VIA "bash ...." ON TARGET MACHINE
echo "Connected, placing privkey..."
mkdir -p ".ssh"
echo "$(cat "$basedir/id_borg")" > ".ssh/id_borgbackup"
chmod 0600 ".ssh/id_borgbackup"
if ! grep -q 'Host ${THIS_HOST}' ".ssh/config"; then
echo "Appending section to .ssh/config..."
cat >> ".ssh/config" <<SSHC
Host $THIS_HOST
IdentityFile ~/.ssh/id_borgbackup
SSHC
fi
mkdir -p "/opt/scripts"
echo "Dumping script..."
cat > "/opt/scripts/borg-backup.sh" <<SCRIPT
#!/bin/bash
export BORG_PASSPHRASE=hello
export BORG_REPO="ssh://${user}@${THIS_HOST}${basedir}/repo"
borg create --filter AME --list --stats --show-rc \\
--exclude-caches \\
--exclude '/home/*/.cache/*' \\
--exclude '/root/.cache/*' \\
--exclude '/var/cache/*' \\
--exclude '/var/tmp/*' \\
--exclude '/var/run/*' \\
'::main-{now}' /etc /home /root /var /opt /srv
SCRIPT
chmod 0700 "/opt/scripts/borg-backup.sh"
echo "Dumping cron-job...."
cat > /etc/cron.d/borg-backup <<BLUB
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
$(( RANDOM % 60 )) $(( RANDOM % 5 )) * * * root /opt/scripts/borg-backup.sh
BLUB
echo "Downloading borg ${BORG_VERSION}....."
mkdir -p "/usr/local/bin"
ARC=32
[ "\$(uname -m)" = "x86_64" ] && ARC=64
[ -x "/usr/local/bin/borg" ] || wget -O "/usr/local/bin/borg" "https://github.com/borgbackup/borg/releases/download/$BORG_VERSION/borg-linux\$ARC"
chmod +x "/usr/local/bin/borg"
export BORG_RSH="ssh -a -k -oStrictHostKeyChecking=no"
export BORG_PASSPHRASE=hello
export BORG_REPO="ssh://${user}@${THIS_HOST}${basedir}/repo"
echo "Trying to connect back to backup server now to create borg repo (\$BORG_REPO)"
if ! borg --progress init -e none; then
echo "CONNECTION FAILED"
echo "!!!!!!"
exit 1
fi
HERED
ssh "root@$host" 'bash' < "$basedir/deployscript"
retv=$?
echo "."
echo "."
if [ "$retv" != 0 ]; then
echo "Apparently deploying stuff to the remote host failed. Please setup borg manually there."
echo "-> Install borg binary (matching version!), add backup script + cron job, add ssh keys."
echo "Most importantly, initialize the repo via: borg --progress init -e none"
echo ""
echo "You can copy $basedir/deployscript to the machine to be backed up and run it there"
echo "(NOT on this host, which is RECEIVING the backup data)"
else
rm "$basedir/deployscript"
echo "Default backup script has been deployed to $host at /opt/scripts. Make changes as needed"
echo "(include/exclude dirs)"
fi
echo ""
rm "$basedir/id_borg"
echo "Over and out"
|
