init

.backup_conf/.gitignore

@@ -0,0 +1,2 @@
+creds/*
+conf

.backup_conf/conf_example

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+## COPY THIS FILE TO ~/docker/.backup_conf/conf !!
+
+compose_stack_location="" # Full Path
+cd $compose_stack_location
+
+tar_backups_to_keep=10
+local_backup_tar_save_dir=("")
+tar_arguments="--exclude='dir' --exclude=''"
+
+backup_tar_tmp_dir="/var/tmp/backup_script"
+compression_options="zstd -8 -T6"
+gpg_encryption_password="$(cat .backup_conf/creds/gpg_pw)"
+
+restic_repository_strings=("" "" "")
+restic_repository_encryption_passwords=("" "" "")
+restic_arguments=("--no-scan -o rest.connections=3 --exclude dir --exclude --retry-lock 10m" "--no-scan --retry-lock 10m --exclude dir" "--no-scan -o rest.connections=3 --exclude dir --retry-lock 10m" "--no-scan --retry-lock 10m --exclude dir")
+restic_snapshots_to_keep=("--keep-last 30" "--keep-last 100" "--keep-last 30")
+restic_compose_stacks_to_skip=("no_backup")
+
+export GOMAXPROCS=6
+
+local_backup_ssh_user=""
+ssh_backup_ip=("10.99.0.1" "domain.com")
+ssh_backup_port=(22 2222)
+ssh_backup_user=("" "")
+ssh_backup_path=("" "")
+ssh_backup_concurrency=25
+
+
+date=$(date +%F-%H-%M-%S)

backup_script.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+source ~/docker/.backup_conf/conf
+
+rm *.backup.tar &> /dev/null
+
+for dir in */; do
+    cd $dir
+    docker compose down
+    echo "Creating tarball for container ${dir%"/"}.."
+    eval tar $tar_arguments -cvf "$backup_tar_tmp_dir/${dir%"/"}.backup.tar" *
+    echo "Done creating tarball for ${dir%"/"}"
+    echo "Updating restic repos for ${dir%"/"}.."
+    if [[ ! " ${restic_compose_stacks_to_skip[*]} " =~ " ${dir%"/"} " ]]; then
+        for repo in ${!restic_repository_strings[@]}; do
+            echo ${restic_repository_encryption_passwords[$repo]} | eval restic -r ${restic_repository_strings[$repo]} backup ../$dir ${restic_arguments[$repo]} --tag $date
+        done
+    fi
+    echo "Updated restic repos for ${dir%"/"}!"
+    docker compose up -d
+    cd $compose_stack_location
+done
+cd $backup_tar_tmp_dir
+
+echo "Starting compressing.."
+tar -cv -I"$compression_options" -f "$date.backup.tar.zst" *.backup.tar
+rm *.backup.tar &> /dev/null
+echo "Compressed all tarballs!"
+echo "Encrypting backup.."
+echo $gpg_encryption_password | gpg --batch --yes --passphrase-fd 0 -c $date.backup.tar.zst
+echo "Backup encrypted!"
+
+echo "Uploading Backup.."
+for ssh_server in ${!ssh_backup_user[@]}; do
+    sudo -u $local_backup_ssh_user mscp $date.backup.tar.zst.gpg ${ssh_backup_user[$ssh_server]}@${ssh_backup_ip[$ssh_server]}:${ssh_backup_path[$ssh_server]} -n $ssh_backup_concurrency -P ${ssh_backup_port[$ssh_server]}
+done
+echo "Backup uploaded!"
+cd $backup_tar_tmp_dir
+
+rm *.backup.tar.zst.gpg &> /dev/null
+echo "Copying local tar backups.."
+for dir in ${local_backup_tar_save_dir[@]}; do
+    cd $dir
+    ls -1 *.backup.tar.zst | sort -r | tail -n +$tar_backups_to_keep | xargs rm &> /dev/null
+    cd $backup_tar_tmp_dir
+    cp *.backup.tar.zst $dir
+done
+cd $backup_tar_tmp_dir
+
+echo "Copyied local tar backups!"
+echo "Cleaning up.."
+rm *.backup.tar.zst *.backup.tar.zst.gpg &> /dev/null
+for repo in ${!restic_repository_strings[@]}; do
+    echo ${restic_repository_encryption_passwords[$repo]} | eval restic -r ${restic_repository_strings[$repo]} forget --prune ${restic_snapshots_to_keep[$repo]}
+done
+unset GOMAXPROCS
+
+echo "All done! Exiting.."