blob: 5cc7d7e0ffad35762b14268d6c394a9c61eb9384 (
plain) (
tree)
|
|
#!/bin/bash
encrypt=
destination=
while (( $# > 0 )); do
case "$1" in
--encrypt)
encrypt="$2"
shift
;;
--destination)
destination="$2"
shift
;;
*)
echo "Unknown option, '$1'"
exit 1
;;
esac
shift
done
if [ "$(whoami)" != "root" ]; then
echo "Must be running as root!"
exit 1
fi
DIR="/tmp/bwlp-backup-$(date +%s)"
if [ -d "$DIR" ]; then
echo "Backup already running!?"
exit 1
fi
mkdir -p "$DIR"
cd "$DIR" || exit 1
trap 'rm -rf -- "$DIR"' EXIT
mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases openslx > openslx.sql
RET1=$?
mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases sat > sat.sql
RET2=$?
if (( RET1 != 0 || RET2 != 0 )); then
echo "Database dump failed with exit code $RET1/$RET2"
exit 1
fi
FILELIST=(
"/opt/openslx/configs"
"/etc/lighttpd/server.pem"
"/etc/lighttpd/chain.pem"
"/etc/lighttpd/pub-cert.pem"
"/home/taskmanager/.acme.sh"
"/home/taskmanager/certs"
)
tar --ignore-failed-read -k -c -p -z -f "files.tgz" "${FILELIST[@]}"
RET=$?
if (( RET != 0 )); then
echo "WARNING: filesystem-tar exited with code $RET - backup might be incomplete!"
fi
ext="tgz"
tmpfile="/tmp/bwlp-${RANDOM}-$(date +%s)-backup.${ext}"
tar -k -c -z -f "backup.tgz" "files.tgz" "openslx.sql" "sat.sql"
RET=$?
if ! [ -f "backup.tgz" ]; then
echo "Creating backup.tgz failed!"
exit 1
fi
if (( RET != 0 )); then
echo "WARNING: final tar exited with code $RET - backup might be incomplete!"
fi
chmod 0600 "backup.tgz"
if ! mv "backup.tgz" "$tmpfile"; then
echo "ERROR: Could not move backup.tgz to $tmpfile"
exit 1
fi
if [ -n "$encrypt" ]; then
if ! openssl enc -aes-256-cbc -pbkdf2 -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes" \
&& ! openssl enc -aes-256-cbc -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes"; then
rm -f -- "$tmpfile"
echo "Error encrypting backup with openssl"
exit 1
fi
rm -f -- "$tmpfile"
ext="${ext}.aes"
tmpfile="${tmpfile}.aes"
fi
if [ -z "$destination" ]; then
# No destination given, as this is for download, give www-data user access to file
FILE="${tmpfile}"
chown www-data "${tmpfile}"
else
FILE="${destination}.${ext}"
dir="${destination%/*}"
for usr in "" "dmsd" "dnbd3" "FAIL"; do
[ "$usr" = "FAIL" ] && break
if [ -z "$usr" ]; then
mkdir -p "$dir"
mv "$tmpfile" "$FILE" && break
else
chown "$usr:$(id -g "$usr")" "$tmpfile"
sudo -n -u "$usr" mkdir -p "$dir"
sudo -n -u "$usr" cp "$tmpfile" "$FILE" && break
fi
done
if [ "$usr" = "FAIL" ] || ! [ -s "$FILE" ]; then
echo "Moving backup to '$FILE' failed."
exit 1
fi
fi
chmod 0600 "$FILE"
echo "Location: $FILE"
exit 0
|
