From c32e834b9f962f64f9d5855fea66180a793fecae Mon Sep 17 00:00:00 2001 From: "michael.saunders" Date: Tue, 8 Jan 2019 00:03:47 +0400 Subject: [PATCH] Initial commit --- run-backup.sh | 47 +++++++++++++++++++++++++++++++++++++++++++++++ server-wrap.sh | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100755 run-backup.sh create mode 100755 server-wrap.sh diff --git a/run-backup.sh b/run-backup.sh new file mode 100755 index 0000000..980bde3 --- /dev/null +++ b/run-backup.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +#user_name=borg + +#if [ "$(id --user --name)" != "$bbbs_user_name" ]; then +# echo "$0 must be run as $bbbs_user_name" +# exit +#fi + +REPO=omn-rss + +log_prefix="/home/wuwei/.borg/logs/"$(date --utc "+%Y-%m") +mkdir --parent "${log_prefix}" +log_file="${log_prefix}/"$(date --utc "+%Y-%m-%d_%H.%M.%SZ")"_$client.log" + +BORG_OPTIONS="--show-version --show-rc --list --stats --one-file-system --exclude-nodump --exclude-caches --keep-exclude-tags" +BORG_OPTIONS+=" --verbose" +COMMON_TARGET="/ /boot /etc /root /home /opt /srv /var /var/log /usr" +COMMON_EXCLUDE="--exclude /sys/ --exclude /proc/ --exclude /dev/ --exclude /run/ --exclude /var/run/ --exclude /var/lock --exclude /mnt/" +VOLATILE_EXCLUDE='--exclude /tmp/ --exclude /var/tmp/ --exclude /lost+found --exclude /var/cache/ --exclude /root/.cache --exclude /home/*/.cache' +LXD_EXCLUDE="--exclude /var/lib/lxd/*/rootfs/lost+found --exclude /var/lib/lxd/*/rootfs/media/* --exclude /var/lib/lxd/*/rootfs/mnt/* \ + --exclude /var/lib/lxd/*/rootfs/proc/* --exclude /var/lib/lxd/*/rootfs/run/* --exclude /var/lib/lxd/*/rootfs/sys/* \ + --exclude /var/lib/lxd/*/rootfs/tmp/*" +# Especially when not using --one-file-system +# --exclude /var/run # -> /run + +SOCK_SRV="/tmp/borg-server.sock" +SOCK_CLI="/tmp/borg-client.sock" + +. ./server-wrap.sh -s $SOCK_SRV $SOCK_CLI $REPO \ + borg create \ + "$BORG_OPTIONS" \ + "$COMMON_EXCLUDE" "$VOLATILE_EXCLUDE" \ + "$LXD_EXCLUDE" \ + ssh://backup-server/$BORG_REPO_PATH/$REPO::{utcnow:%Y-%m-%d} \ + "$COMMON_TARGET" \ + #> $log_file 2>&1 + 2>&1 | tee $log_file + + # Tidy up Remote - HOW??? + #rm $SOCK_CLI + +# --exclude /var/lib/lxd/ \ +# --exclude /var/lib/vz/images/ \ + +# Tidy up +rm $SOCK_SRV diff --git a/server-wrap.sh b/server-wrap.sh new file mode 100755 index 0000000..2399af9 --- /dev/null +++ b/server-wrap.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +if [ -z ${BORG_REPO_PATH} ]; then + echo "BORG_REPO_PATH is empty or unset. Please set and try again." + exit 1 +fi + +SOCK_SRV="$2" +SOCK_CLI="$3" +CLIENT_SOCAT="'bash -c \"exec socat STDIO UNIX-CONNECT:$SOCK_CLI\"'" +CLIENT="$4" +BORG_CMD="${@:5}" + +echo $REMOTE_CMD + +#user_name="borg" + +#if [ "$(id --user --name)" != "$user_name" -o $# -lt 6 ]; then +if [ $# -lt 5 ]; then + echo "$0 must be run as $user_name" + echo "usage: sudo -u $user_name [env vars] $0 [-s|--socket] path-to/local-listening.sock path-to/remote-connecting.sock path-to/socat-wrapper user@sourcehost " + echo "usage: sudo -u $user_name [env vars] $0 [-t|--tcp] local-listening-port remote-connecting-port path-to/socat-wrapper user@sourcehost " + echo + + echo "example: sudo -u $user_name BORGW_RESTRICT_PATH=/path/to/repos $0 -s /tmp/local.sock /tmp/remote.sock /opt/borg/client-wrap"\ + "\"backuped-server -p 22\" sudo borg create ssh://backup-server/./my-repo::{hostname}_{utcnow} paths to backup" + + echo "example: sudo -u $user_name SSH_ARGS=\"-o ProxyCommand=ssh -W %h:%p gateway-server -p 22\" BORGW_RESTRICT_REPOSITORY=/path/to/repos/repo"\ + "$0 -t 12345 12345 /opt/borg/client-wrap backuped-server sudo borg"\ + "create ssh://backup-server/./::{hostname}_{utcnow} paths to backup" + echo + + echo "Note: \"backup-server\" is arbitrary and can be anything - the socat-wrapper will ignore it" +else + exec socat UNIX-LISTEN:"$SOCK_SRV" \ + "EXEC:borg serve --append-only --restrict-to-path $BORG_REPO_PATH --umask 077" & + + ssh -t -R "$SOCK_CLI":"$SOCK_SRV" $CLIENT sudo BORG_RSH="$CLIENT_SOCAT" "$BORG_CMD" +fi