#!/bin/bash encrypt= destination= while (( $# > 0 )); do case "$1" in --encrypt) encrypt="$2" shift ;; --destination) destination="$2" shift ;; *) echo "Unknown option, '$1'" exit 1 ;; esac shift done if [ "$(whoami)" != "root" ]; then echo "Must be running as root!" exit 1 fi DIR="/tmp/bwlp-backup-$(date +%s)" if [ -d "$DIR" ]; then echo "Backup already running!?" exit 1 fi mkdir -p "$DIR" cd "$DIR" || exit 1 trap 'rm -rf -- "$DIR"' EXIT mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases openslx > openslx.sql RET1=$? mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases sat > sat.sql RET2=$? if (( RET1 != 0 || RET2 != 0 )); then echo "Database dump failed with exit code $RET1/$RET2" exit 1 fi FILELIST=( "/opt/openslx/configs" "/etc/lighttpd/server.pem" "/etc/lighttpd/chain.pem" "/etc/lighttpd/pub-cert.pem" "/home/taskmanager/.acme.sh" "/home/taskmanager/certs" ) tar --ignore-failed-read -k -c -p -z -f "files.tgz" "${FILELIST[@]}" RET=$? if (( RET != 0 )); then echo "WARNING: filesystem-tar exited with code $RET - backup might be incomplete!" fi ext="tgz" tmpfile="/tmp/bwlp-${RANDOM}-$(date +%s)-backup.${ext}" tar -k -c -z -f "backup.tgz" "files.tgz" "openslx.sql" "sat.sql" RET=$? if ! [ -f "backup.tgz" ]; then echo "Creating backup.tgz failed!" exit 1 fi if (( RET != 0 )); then echo "WARNING: final tar exited with code $RET - backup might be incomplete!" fi chmod 0600 "backup.tgz" if ! mv "backup.tgz" "$tmpfile"; then echo "ERROR: Could not move backup.tgz to $tmpfile" exit 1 fi if [ -n "$encrypt" ]; then if ! openssl enc -aes-256-cbc -pbkdf2 -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes" \ && ! openssl enc -aes-256-cbc -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes"; then rm -f -- "$tmpfile" echo "Error encrypting backup with openssl" exit 1 fi rm -f -- "$tmpfile" ext="${ext}.aes" tmpfile="${tmpfile}.aes" fi if [ -z "$destination" ]; then # No destination given, as this is for download, give www-data user access to file FILE="${tmpfile}" chown www-data "${tmpfile}" else FILE="${destination}.${ext}" dir="${destination%/*}" for usr in "" "dmsd" "dnbd3" "FAIL"; do [ "$usr" = "FAIL" ] && break if [ -z "$usr" ]; then mkdir -p "$dir" mv "$tmpfile" "$FILE" && break else chown "$usr:$(id -g "$usr")" "$tmpfile" sudo -n -u "$usr" mkdir -p "$dir" sudo -n -u "$usr" cp "$tmpfile" "$FILE" && break fi done if [ "$usr" = "FAIL" ] || ! [ -s "$FILE" ]; then echo "Moving backup to '$FILE' failed." exit 1 fi fi chmod 0600 "$FILE" echo "Location: $FILE" exit 0