blob: 52422bbeab47762ad05e977b5db79947f36af517 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/bin/bash
encrypt=
destination=
while (( $# > 0 )); do
case "$1" in
--encrypt)
encrypt="$2"
shift
;;
--destination)
destination="$2"
shift
;;
*)
echo "Unknown option, '$1'"
exit 1
;;
esac
shift
done
if [ "$(whoami)" != "root" ]; then
echo "Must be running as root!"
exit 1
fi
DIR="/tmp/bwlp-backup-$(date +%s)"
if [ -d "$DIR" ]; then
echo "Backup already running!?"
exit 1
fi
mkdir -p "$DIR"
cd "$DIR" || exit 1
trap 'rm -rf -- "$DIR"' EXIT
mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases openslx > openslx.sql
RET1=$?
mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --add-locks --add-drop-database --default-character-set=utf8mb4 --databases sat > sat.sql
RET2=$?
if (( RET1 != 0 || RET2 != 0 )); then
echo "Database dump failed with exit code $RET1/$RET2"
exit 1
fi
FILELIST=(
"/opt/openslx/configs"
"/etc/lighttpd/server.pem"
"/etc/lighttpd/chain.pem"
"/etc/lighttpd/pub-cert.pem"
)
tar --ignore-failed-read -k -c -p -z -f "files.tgz" "${FILELIST[@]}"
RET=$?
if (( RET != 0 )); then
echo "WARNING: filesystem-tar exited with code $RET - backup might be incomplete!"
fi
ext="tgz"
tmpfile="/tmp/bwlp-${RANDOM}-$(date +%s)-backup.${ext}"
tar -k -c -z -f "backup.tgz" "files.tgz" "openslx.sql" "sat.sql"
RET=$?
if ! [ -f "backup.tgz" ]; then
echo "Creating backup.tgz failed!"
exit 1
fi
if (( RET != 0 )); then
echo "WARNING: final tar exited with code $RET - backup might be incomplete!"
fi
chmod 0600 "backup.tgz"
if ! mv "backup.tgz" "$tmpfile"; then
echo "ERROR: Could not move backup.tgz to $tmpfile"
exit 1
fi
if [ -n "$encrypt" ]; then
if ! openssl enc -aes-256-cbc -pbkdf2 -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes" \
&& ! openssl enc -aes-256-cbc -pass "env:$encrypt" -in "${tmpfile}" -out "${tmpfile}.aes"; then
rm -f -- "$tmpfile"
echo "Error encrypting backup with openssl"
exit 1
fi
rm -f -- "$tmpfile"
ext="${ext}.aes"
tmpfile="${tmpfile}.aes"
fi
if [ -z "$destination" ]; then
# No destination given, as this is for download, give www-data user access to file
FILE="${tmpfile}"
chown www-data "${tmpfile}"
else
FILE="${destination}.${ext}"
dir="${destination%/*}"
for usr in "" "dmsd" "dnbd3" "FAIL"; do
[ "$usr" = "FAIL" ] && break
if [ -z "$usr" ]; then
mkdir -p "$dir"
mv "$tmpfile" "$FILE" && break
else
chown "$usr:$(id -g "$usr")" "$tmpfile"
sudo -n -u "$usr" mkdir -p "$dir"
sudo -n -u "$usr" cp "$tmpfile" "$FILE" && break
fi
done
if [ "$usr" = "FAIL" ] || ! [ -s "$FILE" ]; then
echo "Moving backup to '$FILE' failed."
exit 1
fi
fi
chmod 0600 "$FILE"
echo "Location: $FILE"
exit 0
|
